In a move towards a passwordless future, advanced security and privacy provider NordVPN has developed NordPass, a solution to store and manage passkeys. With Microsoft, Apple and Google leaning into passkeys for online authentication, NordPass says its new release will help internet users adapt to the market change without compromising on security and convenience.
“If there had been password management services right when passwords were created back in the last century, we now wouldn’t have issues like locked accounts, password reuse, or weak passwords. As online authentication is entering a new modern phase with passkeys at its forefront, we at NordPass feel the momentum to create future-proof features and help our clients easily handle all of their digital accounts from day one,” says Jonas Karklys, CEO of NordPass.
360 passwordless approach
With Nordpass Passkeys, individual and business users can store and manage passkeys from various websites in NordPass and use them to access apps and websites. With passkeys automatically saved on NordPass instead of a device, they can be accessed on various devices and operating systems, as well as shared with others.
The release is available on the desktop app, web vault and on the Firefox and Chrome-based browser extensions. Support for the Safari extension is coming later this year, says the company, as well as mobile support whose development relies on platform vendors.
Also this year, the company says it plans to introduce passwordless sign-in to NordPass, which means there will no longer be a need to repeatedly enter Nord Account and master password to reach one’s account.
Listen: My TechDecisions Podcast Episode 185: Preparing for the Passwordless Future
Passkeys in a nutshell
Passkey technology is currently considered the most secure and promising alternative to passwords, says the company. Passkey technology has already been adopted by Apple, Microsoft, Google, Paypal, eBay, KAYAK, and various other websites.
When joining a website that supports passkeys, the user’s device generates a pair of related keys — public and private. The private key is saved on the device itself and the public key is stored on the website’s server. Without each other, they are useless. “And here is passkeys’ superiority to passwords. People often lose access to their accounts when a hacker breaks into the website’s server where the users’ passwords are stored, sometimes even unencrypted. Passkeys saved on a server are way less valuable since they work only in pairs with private keys saved on a device,” says Karklys.
Poor password hygiene remains an issue
Because 82%of all data breaches in 2022 involved a “human element,” it is no surprise that the way internet users handle their accounts needs to change. Having hundreds of accounts to manage, people tend to reuse passwords, and go for easiest combinations of letters, numbers and symbols when creating them.
According to annual research by NordPass, in 2022, the world’s most common password was “password,” followed by “123456,” “123456789,” and “guest.” While these poor password habits do not seem to drastically change throughout the years, cybersecurity experts were for a long time looking for new online authentication solutions that would take password “hygiene” responsibility from the user.
Since passkeys consist of randomly generated, unique, and long combinations of characters, they are not meant to be remembered by heart — the technology works in such a way that it ensures that the private and public keys connect without user intervention.
Leave a Reply