NordPass is a new name on the password manager front, but it’s making moves to earn a good reputation. Most recently, it was independently audited by Cure53, and recognized as a secure password manager.
A respected cybersecurity firm, Cure53 analyzed the product’s source code, codebase, cryptographic premise, and the app. The audit lasted for several months, and the results were in favor of NordPass.
How was the product checked?
The team behind Cure53 chose the so-called white-box methodology. This means NordPass shared its information with the auditor by providing documentation, source codes, and other relevant data.
Auditors focused on four key areas:
- Reviewing the cryptographic premise
- Completing a pen test of the software and a source code audit
- Completing a pen test and source code audit of the NordPass background application
- Reviewing API touchpoints
During the auditing, nine issues were found. However, by the time the audit was finished, NordPass’ team had solved all of them.
The auditors concluded that:
”In Cure53’s expert opinion, <…>the NordPass complex should be judged as secure.”
It should be noted that the audit started even before the product was launched, proving that security is truly a key priority for NordPass.
How does this audit affect regular users?
Firstly, we are reassured that this password manager is a safe product to use, as it is now verified by an independent auditor.
We all know how easy it is to claim you have the best security features, but not follow through with your actions. Therefore we celebrate NordPass for setting a positive example.
What is more, after the audit was completed, NordPass introduced a new feature – Trusted Contacts. Its purpose is to protect you from man-in-the-middle attacks by allowing users to exchange their encryption keys manually.
To continue the successful implementation of their security-first approach, the team added several features to mobile apps, such as Biometrics, an Autofill feature, and OCR scanner. With the latter one, you are now able to import your credit card details and notes. For more in-depth information about NordPass, read our NordPass review.
Altogether, it seems that being a newcomer doesn’t stop NordPass from becoming one of the most secure password managers out there.
Positive results of the audit and the fast pace of solving the issues auditors found only proves that market veterans face a strong opponent.