NordPass
NordPass is a password manager built by Nord Security, the same company behind NordVPN. It uses XChaCha20 encryption with a zero-knowledge architecture: Nord Security cannot read your vault, even if compelled to.
What NordPass does
NordPass stores your passwords, passkeys, credit cards, and secure notes in an encrypted vault. It auto-fills credentials on websites and apps, generates strong unique passwords, and syncs across all your devices.
The core value is simple: you remember one master password, and NordPass handles the rest. No more reused passwords, no more “forgot password” cycles, no more credentials in sticky notes or spreadsheets.
Who NordPass is for
- Individuals tired of juggling passwords across dozens of accounts. See our guide: VPN and Password Manager: Which Ones Are Actually Worth Paying For?
- Freelancers who need to securely manage and occasionally share credentials with clients. See: The Freelancer Security Setup
- Small teams (NordPass Teams/Business plans) that need shared vaults and admin controls without complex setup. See: Security Tools Every Founder Needs from Day One
Key features
Zero-knowledge encryption
NordPass encrypts your vault locally before anything leaves your device. The encryption key is derived from your master password, which NordPass never sees. Even in the event of a server breach, your data remains encrypted and unreadable.
XChaCha20 is a modern cipher considered more resistant to certain timing attacks than AES. It is used by Cloudflare and Google for high-performance encryption.
Passkey support
NordPass supports passkeys, the FIDO2-based authentication method being adopted by Apple, Google, and Microsoft. You can store passkeys in NordPass and use them to log in to supported services via biometrics, removing the password entirely.
Data breach scanner
NordPass monitors whether your saved credentials appear in known data breaches. If a stored email or password is found in a leaked database, you get an alert with a prompt to change it. This is similar to Have I Been Pwned but integrated directly into your password workflow.
Password health
The Password Health dashboard identifies weak, reused, and old passwords across your vault. It ranks accounts by risk level, helping you prioritize which passwords to change first.
Secure sharing
NordPass lets you share credentials with other NordPass users without exposing the actual password. The recipient can auto-fill the credential without ever seeing it in plaintext. Useful for shared team accounts, family streaming logins, or Wi-Fi passwords.
What NordPass does not do
- NordPass does not replace 2FA. Use it alongside an authenticator app or hardware key.
- The free tier is limited: no breach scanning, no password health, limited sharing.
- It does not store TOTP codes on the free plan (Premium required).
- It is not open source. If auditability matters to you, consider Bitwarden as an alternative.
Pricing
NordPass offers a free tier (basic vault and auto-fill), Premium, Family (up to 6 users), and Business plans for small teams. Pricing sits in the budget-to-mid range for consumer password managers, with the best value on 2-year commitments.
Check NordPass pricing for current rates.
How NordPass compares
| NordPass | 1Password | Bitwarden | |
|---|---|---|---|
| Free tier | Yes (limited) | No | Yes (full-featured) |
| Encryption | XChaCha20 | AES-256 | AES-256 |
| Open source | No | No | Yes |
| Passkey support | Yes | Yes | Yes |
| Breach monitoring | Premium | Built-in (Watchtower) | Premium |
| Best for | Nord ecosystem users | Families, polished UX | Budget-conscious, technical users |
Swiss relevance
Password reuse is a leading cause of account compromise for individuals and small businesses. Adopting a password manager neutralizes that class of attack with minimal friction, and for most threat models it matters more than a VPN.
For Swiss businesses under the nDSG, properly managing credentials is part of taking “appropriate technical and organizational measures” to protect personal data (Art. 8 nDSG).