Table of Contents
If you are an avid reader of this blog you most likely know that we love NordVPN, which we consider one of the best VPN services available nowadays. In this post we'll take the chance to review a new tool that the same staff released in 2019: a proprierary password manager called NordPass, featuring various pricing versions & plans specifically designed to meet the typical needs of home users, small businesses and enterprise companies.
As always, in the first part of the article we'll briefly introduce the topic; right after that, we'll dive into the distinctive features of the reviewed product and perform an extensive test drive; in the final part of the post we'll give our final verdict about our whole experience. Are we ready? Let's go!
Do we need a Password Manager?
If you don't use a Password Manager nowadays, you should definitely reconsider your choice,since it's probably the most important thing you can do — alongside two-factor authentication — to keep your data safe. As a matter of fact, the worst thing you can do with your passwords is to reuse them multiple times across multiple websites or services. The reason for that is very simple to understand: as soon as one of those accounts is compromised in a data breach, the hackers will try to use the retrieved password to access other services owned by you, including those that could store very important personal info, privacy sensitive stuff, or money. The worst part of the story is the fact that such outcome can happen even if you do use a very strong password - since it's not found using brute-force or other direct discovery methods, but as a result of a breach involving the database of the website where your account and credentials are stored.
At the same time, using a different password for each website or service we're using nowadays is definitely difficult, as long as we have to remember them all. That's precisely what the Password Manager is meant for: allowing use to use different passwords without having to worry about remembering (or forgetting) them.
What's a Password Manager
In a nutshell, a Password Manager is a vault where you can securely store all your passwords, as well as your usernames and/or credential info, with the big advantage of having them in a single place. This basically means that we'll only need to remember the password required to access it, which is often very strong and can be further protected by other authentication factors (fingerprint, SMS, OTP, mobile tokens, and so on).
The most advanced Password Managers also provide a good level of integration with the Operating System and browsers, meaning that they can even "automatically" (yet securely) fill in your credentials whenever you log in to a site (or an app) using your desktop or mobile device.
Such features are kind of similar to those already offered by most modern browsers: Google Chrome, Mozilla Firefox, and MS Edge all have their own "password manager" that can store your credentials and fill out the forms for you, but a good Password Manager also have a lot of additional features: for example, it can proactively alert you when you’re reusing a password or when your passwords are weak and easy to guess or hack: some password managers can even send alerts when online accounts are hacked and your passwords have been exposed. Not to mention the fact that they can be used as family or business apps, meaning that you can share some passwords with family members, friends, co-workers or other people without having everyone to have them "copied" in their own Password Manager: a very important feature, expecially considering that most passwords have a given expiration date (for obvious security reasons), thus making a "manual sharing" practice very unpractical and insecure.
Now that we know what's a Password Manager actually is and why we should definitely have one, let's take a look at what NordPass has to offer: as most password managers, the product is meant to help its users to organise their passwords and secure notes, keeping them in a single place: a strongly encrypted vault.
Versions & Plans
The service comes in two main versions: Personal & Family and Business, each one with their own pricing plans:
Personal & Family
- Free, 0.00 EUR for lifetime (1 user only)
- Premium, starting from 1.27 EUR/Month (with 1 user)
- Family, starting from 3.99 EUR/Month (with 5 unique users
- Standard, starting from 3.59 EUR/Month per user (up to 250)
- Enterprise, subject to custom terms
NordPass features vary depending on each version & plan.
All accounts (including the free one) have access to the following features:
- Save unlimited passwords, notes and credit cards
- Autosave and autofill for most browsers/OS forms
- Import and Export passwords
- Auto-Fill forms with Personal Info
- Generate unique passwords
- Automatic sync across devices
- Multi-factor Authentication
All the paid plans also include the following features:
- Stay logged in when switching devices
- Share items with others
- Build Trusted Contacts
- Identify weak, old, and reused passwords
- Scan the web for data leaks
All the Business plans also include the following features:
- Premium security tools for all users
- Invite and manage users from the Admin Panel
- Create Groups and share items with them
- Track the security of all organization's items
- Apply company-wide settings
- Recover accounts if passwords are lost
- Get 24/7 support
The Enterprise plan is the only one including the following, advanced features:
- Use Microsoft Azure as Single Sign-On
- Support from a dedicated account manager
- Face-to-face onboarding service
As we can see, the basic plans have most of the juice, and even the free plan is 100% usable and might be enough for most users who currently don't have a Password Manager and only have basic needs. It goes without saying that those who have enterprise-level needs will definitely have to activate a paid plan to get all the juice, as expected by these kinds of pricing model.
Now that we know the product's most distinctive features, let's try the products hands-on.
The first thing we need to do is to download the product from the NordPass website: in this test drive we'll go with the Personal & Family > Free edition, which - as we've previously said - would probably be a good starting fit for most users.
As soon as the executable has been downloaded, double click to it to start the installation process, which will be completed in few seconds. Right after that, the product will show its starting screen:
From there we can click Create Account or Login, depending if we already have a Nord account or not. In case we don't, the first button will take us to the NordPass website, where we'll be asked for our e-mail address and password. Right after that, we'll be able to login and choose a Master Password
Choose a Master Password
The Master Password will be the key to our NordPass vault. With it, we can authorize NordPass to store, retrieve, and automatically fill in passwords for us. It goes without saying that this must be a very strong password, since it will give complete access to your password storage to anyone who knows it.
Right after we created our Master Password we'll finally be able to access the NordPass main dashboard, where we can start to actually use the software.
From there we can create our very first item. Click to the Add Item button, choose Password from the select list that will show up (since we're going to add a password-based account) and fill in the form in the following way:
In the above example we've added our Google account. When we're done, we can click to Save to save the newly created item.
Add the Browser Extension
Once we do that, we can immediately test if the automatic fill-in feature works. In order to do this, we need to install the NordPass Browser Extension for the browser we want to use.
Go to the NordPass Settings page, then scroll down to the Autofill and Autosave panel and click to the Add Browser Extension option: a popup window will open up, allowing us to choose which extension to install among the supported browsers:
In our test drive we've choosen Google Chrome: right after installing it, we can navigate to the Website Address that we've entered in the password form, which is https://accounts.google.com/ and test how it works.
As we can see, the extension does its job: the NordPass icon is clearly visible in the Email or phone textbox: if we click it, a popup overlay will open with our account's details to fill-in. The same will happen with the next screen, which asks us for the Password.
This means that now we can login to Google from any device where NordPass is installed with a couple clicks, without having to remembering (and manually entering) the credentials: and, most importantly, without losing a single bit in terms of security.
Needless to say, in case we don't like the automatic fill-in feature and/or we don't want to install any browser extension we can just use NordPass as a plain password vault.
In our opinion, the software has a strong pack of features and can stand its ground against most Password Manager competitors, such as LastPass, 1Password and other most known (and expensive) alternatives. We expecially liked the UX aspect, since the user interface is very simple to use and understand: the various features are well-organized and the option to have the items stored in different folders - which basically acts as tags since each item can simultaneously be in as many folders as needed - is great to keep everything organized.
Our security experts were also thrilled by some specific NordPass features, such as the Group sharing feature (that allows a company to securely share "common" passwords without having to duplicate them among different vaults), the native 2FA support and the military-grade vault encryption.
That's it, at least for now: we hope that our review and test drive can help other users, as well as system administrators, in choosing this software (or any other Password Manager) to increase the level of security of their credentials.