Meanwhile, the authenticator app continuously generates codes that you can type in when logging in.
With the first method, you use a randomly generated code that you receive by email. Two of the many MFA options include confirmations via email or authenticator app.
In fact, using multi-factor authentication (MFA) is mandatory so this feature is available for both free and premium users of the platform. NordPass supports several multiple-factor authentication methods. As we said, NordPass won’t be able to re-share this code with you if you lose it. You must save this code and keep it somewhere really secure. In fact, the only way to recover your account is by using the recovery code which will appear on the screen when you first sign up.
Not even the customer service team would be able to decrypt your password and share it with you if you forget it. Of course, because all passwords on NordPass are encrypted, you’ll need to remember this one.
To make your life easier, NordPass has a really handy password generator that’ll give you one that fits all your requirements. And by that, we mean one that’s at least 15 characters long and made up of a seemingly random selection of symbols, digits and uppercase and lowercase letters. So it’s really important that you set a secure password.
So in order to continue being transparent about their security practices, NordPass announced that they’re already in the process of SOC 2 Type 2 audit.Īs with other password managers, NordPass requires you to set a master password to unlock your account. Also, a third-party audit results is proof that the application you're using offers a high level of security. Independent audits are a great way to spot any vulnerabilities before hackers are able to exploit them. The examination process followed a well-known Trusted Service Criteria framework that incorporates the evaluation of security, availability, processing, integrity, confidentiality, and privacy. In 2021, NordPass Business was also externally audited by Cure53 and no security-related risks were found.Īdditionally, NordPass went over another independent SOC 2 Type 1 audit on June 21, 2022. This includes their desktop, Android, and iOS apps, as well as their browser extensions. In 2020, NordPass underwent an independent third-party audit by Cure53. And seeing as the newer algorithm is said to be up to three times faster on devices that don’t have a built-in AES acceleration hardware, it’s not hard to see why so many Silicon Valley companies are switching.īecause all passwords are end-to-end encrypted, even NordPass staff can’t access your login details. Rather than using the industry standard AES-256 encryption, NordPass has opted for the more modern XChaCha20 encryption. This way, chances of outsiders accessing your data are close to zero. This password manager also allows you to set up fingerprint or face ID authentication on supported devices. First, it encrypts the data so that no one could access it, and then uploads it to the cloud.
With NordPass, your most private details are secure even if you lose your phone or computer.
That includes U2F security keys, an OTP generator, a bluetooth device, a USB stick, and others. This password manager supports multi-factor authentication for maximum protection of your data. It’s encrypted and inaccessible even for the service staff, so you’re the only one who knows it. For NordPass login, you must set up a unique and strong master password. The auditing process examined five main criterias: security, availability, process integrity, confidentiality, and privacy. Just recently, NordPass has successfully undergone an independent SOC 2 Type 1 audit on June 21, 2022. Plus, it has a zero-knowledge architecture meaning that the only person who can access your data is you. NordPass employs the modern XChaCha20 encryption algorithm that is also used by other well-known companies, like Google. So how does NordPass work to ensure the safety of your data? It uses all the necessary security measures needed to keep your passwords safe without impacting the user experience:
It probably shouldn't be surprising, especially considering NordPass' roots and pedigree in online security – our research shows that no one unauthorized can access your passwords.
Visit NordPass to learn more about the features