NordPass

NordPass offers a host of security features, emergency access options, and secure sharing, all accessible via attractive apps for every device you own. Its budget-friendly Personal and Business plans make it an excellent value amid strong competition in a crowded market. We wish the free version of the app were a bit more practical, but NordPass is still a truly top-notch password manager, earning our Editors' Choice award alongside the free, open-source Bitwarden.

How Much Does NordPass Cost?

NordPass offers a free service tier that includes unlimited credential storage. While the free version syncs credentials across devices, it does not stay logged in when you switch devices, which is an odd and sometimes frustrating limitation. The free version also does not include credential sharing or support for file attachment storage. The free version of Proton Pass includes password sharing, and Bitwarden's generous free plan offers all of those features.

NordPass' Premium tier pricing is often discounted, though the list price is $35.88 annually for a single-user account, the same as 1Password. Dashlane's comparable service tier is $59.88 annually, Keeper is $34.99 per year, and Bitwarden Premium is an outlier at $10 per year. A NordPass Family plan adds support for up to six users for $71.88 annually.

Like Proton, Nord Security doesn't offer access to its VPN service as part of a premium password management subscription, which seems like a missed opportunity. If you're looking for a comprehensive security package from the company that makes NordVPN, you can get the premium password manager, cloud storage, and threat protection services as part of the NordVPN Ultimate subscription, which is $15.99 monthly.

Getting Started With NordPass

NordPass has browser extensions for Chrome, Edge, Firefox, Opera, and Safari; mobile apps for Android and iOS; and desktop applications for Linux, macOS, and Windows. There's also a ChromeOS app for Chromebook users. Getting started is easy: just sign up, create a strong and unique master password, download any apps or extensions you need, and begin storing credentials.

(Credit: NordPass/PCMag)

NordPass does not offer video tutorials for new users, but after the Windows desktop app, we were greeted with a handy to-do list to jumpstart the password management process. For some reason, the mobile app step was checked off, even though we hadn't downloaded the app and signed in using the testing credentials yet.

(Credit: NordPass/PCMag)

In addition to importing from browsers, NordPass imports from a short list of competitors, including 1Password, Bitwarden, Dashlane, KeePass, Keeper, LastPass, and RoboForm. Proton Pass is also on the list now, showing that the company keeps its importing lists up-to-date. If you're switching to NordPass from your old password manager and your old password manager is missing from the list, you can upload your credentials as a CSV.

NordPass Data Privacy Policies

Before we review and test a password manager, we send a list of questions to the password management company inquiring about its privacy and security practices. We want consumers to have plenty of information about the companies handling their data. We've included NordPass' responses to our questions below.

Has your company ever had a security breach?

No

What unencrypted information does the password manager store in user vaults?

At NordPass, we encrypt everything that users store in their vaults. It includes emails, secure notes, credit card details, file attachments, passwords, passkeys, and any other authentication information.

What is the company’s policy regarding master passwords?

For the consumer and business products, the master password must be 9 or more characters long and have at least one special character. If lost, this password can only be recovered if a user has kept a recovery code, granted upon the creation of the master password. In any other case, account recovery is not possible because of our zero-knowledge architecture, meaning that only a user knows what is stored in their vaults.

What is the company’s policy regarding user data collection and data sales?

All data retention practices are defined with the NordPass privacy policy. NordPass has no technical means to access encrypted passwords, secure notes, or other items stored in users’ vaults because NordPass is built based on zero-knowledge architecture. With customers’ approval, we collect only the anonymized data required for application diagnostics, app usage statistics (i.e., the number of items stored), device information, which helps us in monitoring and developing NordPass services, and other similar information. We do not sell the data to third parties.

How does your company protect user data?

NordPass secures user data with a new generation encryption algorithm — XChaCha20. It’s considered the future of encryption, with more and more tech giants from Silicon Valley implementing it in their services.

NordPass is also a zero knowledge password manager, which means only our users know what is stored in their vaults. In cryptography, it refers to being able to prove you know something without revealing what that is. NordPass zero knowledge architecture extends to cloud back-ups. Since NordPass users’ vault data is encrypted locally, we do not know what is inside when a user backs it up on our servers. This means users can easily sync passwords across multiple devices without compromising the security.

As a company, Nord Security maintains tight controls over the personal data we collect. Our dedicated IT security team has implemented appropriate physical, technical, and organizational measures to protect information about you against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure, or access and against all other unlawful forms of processing.

How does your company respond to requests for user information from governments and law enforcement?

Any request for user data should follow an appropriate official legal process recognized by the laws of the Republic of Panama (e.g., mutual legal assistance treaty, letters rogatory). We carefully review each request to make sure it satisfies laws applicable to our company, laws of the requesting country, international norms, and our internal policies. However, it is important to note that the laws of the Republic of Panama do not oblige us to store logs of users’ online activity.

NordPass’ answers are thorough and in line with the company's statements in the vendor's privacy policy. We encourage you to browse the privacy policies for all apps to learn more about how companies collect, sell, or store your data. Decide how comfortable you are with data collection and act accordingly.

NordPass Authentication Options and Notable Security Features

After signing into your vault, it's time to set up your multi-factor authentication (MFA) method. To do so, navigate to the Settings menu, accessible via the gear icon on your NordPass vault dashboard.

Click the toggle in the MFA section, and then enter the six-digit code the app sends to the email you used to sign up. NordPass then allows you to add an authenticator app or a hardware security key to the account. After setting up your MFA method, NordPass prompts you to log out and log back in to enable the setting.

Data Breach Reports

(Credit: NordPass/PCMag)

Another premium-only perk is data breach monitoring. NordPass scans breach reports for your email address or credit card number and alerts you if a company exposes that data. Of particular interest is a feature we saw recently in Proton Pass as well, which is extensive breach reports. For example, if you click on a breach incident associated with an email address, NordPass will let you know which company exposed your information, when the breach occurred, and what types of data (such as your credit card numbers, email address, mailing address, passwords, phone number) were exposed. In each breach report, NordPass includes instructions for what to do if your data's exposed in a breach, which is very helpful.

Email Masking

With NordPass, you can create unlimited email aliases with just a tap and the app stores them in your vault for easy access. The feature is only for paying customers, though. Proton Pass' free version allows users to create up to 10 email aliases and removes that limit for premium subscribers.

Password Hygiene Monitoring

(Credit: NordPass/PCMag)

The Password Health section highlights the old, reused, or weak passwords in your NordPass vault. Whenever you input a password that could use some complexity, the app sends an alert to your dashboard. You also get a reminder to log in and update your account password on the website for the account, which is helpful.

Passkeys

We like that the vaults on all platforms feature a separate, clearly labeled section for managing passkeys. Of particular interest is NordPass' alerts that let you know if there's an opportunity for you to create a passkey for one of the accounts in your password vault.

Hands On With NordPass

We tested NordPass' functionality using the Windows desktop application, the NordPass iOS app, and the NordPass browser extension for Google Chrome.

(Credit: NordPass/PCMag)

Credential Capture and Replay

Using the Chrome browser extension and the Windows app, we were able to capture and replay existing and new credentials at several websites. When creating a new account while using NordPass, a pop-up window asks you to save your credentials before logging you in. After the entry is in your vault, you can skip the login screens altogether by tapping on the website name from your browser extension's vault window.

Password Generator

With NordPass' password generator, users can set a password length of up to 60 characters and choose whether to include capital and lowercase letters, digits, and symbols. NordPass passwords default to 20 characters, which is a reasonable minimum.

Storage and Form Filling

The Secure Notes section in the NordPass vault allows users to store memos and links and store up to 3GB of JPEG, PDF, MP4, or DOC files in your vault.

In testing, we were able to fill in web forms using the information we provided in the Credit Cards and Personal Info sections of the NordPass vault, as expected. NordPass also allows users to create custom information fields in all sections, as RoboForm and Sticky Password do.

(Credit: NordPass/PCMag)

Password Sharing

Sharing passwords is only for Premium users. Free users can choose whether to let the email recipient view the password, edit it, share the login with other people, or only allow the recipient to autofill the credential. The recipient will need to download a NordPass app or browser extension to accept the shared login. Free users cannot edit shared items, even if a Premium subscriber gives them that level of access.

Emergency Access

Modern password managers should offer their subscribers some form of password inheritance in the event of their demise. NordPass allows authorized family members or friends access to your password vault. Authorized users can request access without knowing the master password in the event of an emergency or death, and if the account holder does not accept or decline the request within seven days, NordPass will grant access to the authorized contact.

NordPass Mobile App Experience

We tested the NordPass app on an iPhone 12 mini. NordPass also offers an app for Android. The iOS app worked as expected and includes the functions found in the browser extension and desktop version of the app.

(Credit:NordPass/PCMag)

The iOS app's user interface is well-organized, though humble in appearance. Like other top password managers we've reviewed, NordPass' mobile apps support logins using biometric authentication such as face or fingerprint scans.

NordPass Business Options

Recently, NordPass added helpful features across all of the subscription plans for business customers. New additions include activity log filtering for administrators, and in-app MFA using the NordPass Authenticator. The NordPass Business app for Windows is very well-organized and modern-looking. The web app also has a clean-looking layout.

(Credit: NordPass/PCMag)

Small business owners can sign up for NordPass Teams, which is $23.88 per user per year for 10 users. A Teams account includes a credential vault for each employee and single sign-on support for Google Workspace. A NordPass Business account serves 5 to 250 users at $47.88 per user annually and adds a security dashboard, shared folder access, and integration with Vanta, a compliance and security platform.

At the next level, NordPass Enterprise subscription includes support for unlimited users, advanced single sign-on options, and shared folders, with price quotes available on the vendor's website. Competitors such as 1Password include single sign-on integrations for popular corporate software as part of their standard business service tiers, while NordPass reserves SSO integration other than Google Workspace for the Enterprise edition.

Each NordPass business account includes a free personal account for every employee. After a person's access to the organization's NordPass Business account is restricted, all of the items in their vault move to the "Deleted" page. From there, the organization owner can reassign the passwords and other data to another team member.

Like 1Password's business offerings, NordPass Business lets users share credentials with other employees or outsiders who download the NordPass app. Employees can control access to their credentials by granting full rights to the password, which allows the recipient to see and edit it, or they can grant Limited rights, which do not allow the recipient to view or edit the password. Administrators can prevent employees from sharing passwords and other items with outsiders by visiting the Settings menu and toggling the Guest Sharing function.

For more secure credential sharing, administrators can create shared folders for specific groups of people within the company. The person who creates the Shared Folder can grant access rights of varying levels for different employees. We like that level of control in a business password management app.

Customer Support

A frequently requested category for these reviews is one that examines each password manager's level of customer support. We plan to test features in this section more rigorously in the future, but for now, we're noting the kinds of support available for free and premium personal, and whether it's easy to cancel your NordPass subscription.

Support Options for Personal Accounts

Personal account holders can get help via the chatbox on the NordPass website, or they can send an email to support@nordpass.com. Business clients have the same options, plus they can submit questions via the user control panel within the app. A Nord representative tells PCMag that the support team operates on a 24/7 schedule, users always communicate with a human support team member, and the live chat's average response time is less than one minute.

Is Deleting Your NordPass Account Easy?

If you want to delete your NordPass account and you have a Premium subscription, you can request a full refund for the service within 30 days of initial purchase, and that limit goes down to 14 days for business clients. To cancel your subscription and get a refund, send an email to the customer support address.

(Credit: NordPass/PCMag)

Canceling your subscription and deleting your account without a refund request requires filling out an account deletion form, which seems like an unecessary step. After completing the form, you must confirm account deletion via email after a NordPass team member makes contact.

This step is where things got sticky. NordPass sent an immediate email asking to confirm account deletion, and we replied within three minutes of the email's arrival in our inbox. Eight hours later, a customer support representative sent a response saying they could not delete the account unless they receive a reply using the same email subdomain associated with the account. Like many workers who use corporate email accounts, we cannot control which subdomain is used to reply to emails. The test account was eventually deleted after sending a message to a corporate representative, but that's not something every customer can do. We reached out to NordPass for a comment about the situation, and we will update this review with the response.

Other password managers, such as 1Password and Proton Pass, do not require users to go through this process to delete their account data. Customer support options are a non-scoring category through the end of 2024, so our testing experience in this area does not affect NordPass' review score this time.

Verdict: Premium Password Management

NordPass looks good and performed smoothly in testing. Our favorite features are its very detailed dark web monitoring reports, the new email masking options, and the expanded business tier offerings. Yes, we ran into a little trouble when canceling the account, but otherwise, the apps performed well, and the product is priced right, making it one of our Editors' Choice winners for password management. The other is Bitwarden for its free and helpful features.