No one understands the problem of weak and reused passwords better than we do. Every year, despite a growing awareness of cybersecurity threats, millions of weak and highly hackable passwords continue to turn up in breached credentials.
According to our research, the most popular passwords can be hacked in under one second — turning individuals and businesses into sitting ducks for cyberattacks.
That’s why we are proud to announce that we have joined the FIDO (Fast Identity Online) Alliance – a global coalition working to reduce the world’s reliance on passwords.
What is the FIDO Alliance?
Founded in 2013, the FIDO Alliance is an industry association whose stated mission is to “solve the world’s password problem.” In other words, the association is working to develop and promote ways of verifying your identity online, called authentication methods, that are more user friendly than passwords without compromising cybersecurity.
Some of the largest technology companies in the world are represented on the board of the FIDO Alliance, including Amazon, Apple, Google, and Meta.
Since its inception, the alliance has supported a number of different authentication standards, including the use of biometrics and tokens, which are outlined in the FIDO Alliance’s published specifications.
In 2019, a core component of the “FIDO2” specifications, Web Authentication (WebAuthn), became an official web standard according to the World Wide Web Consortium (W3C). WebAuthn is a technology that allows users to replace password verification with biometric or passcode authentication from their phone.
Thanks to the FIDO Alliance, “passwordless” technologies like WebAuthn are growing increasingly popular.
Why do we want to help reduce the world’s reliance on passwords?
As we touched on earlier, people tend to have poor password hygiene. And it’s not their fault. Without a secure vault that saves and auto-fills your passwords automatically across devices, users have to rely on their own memory to recall passwords.
Unfortunately, what makes passwords memorable almost certainly makes them insecure. And vice versa: Secure passwords are practically impossible to remember.
- A quick refresher: A secure password should be unique and as random as possible — and it should include numbers, capital letters, and special characters. It should be at least twelve characters long, or ideally, as many experts now advise, twenty characters.
- Not sure if your passwords make the grade? You can check if they do here, securely.
Considering you may have hundreds of accounts that require password authentication, the average user doesn’t stand a chance of keeping their accounts safe.
One solution to the “password problem” is using a password manager, like NordPass. Because NordPass saves and autofills hard-to-hack credentials, its users end up with a seamless experience signing in without compromising their safety.
Service providers such as NordPass are taking action against password theft, the proven cause of the majority of online attacks, breaches, and identity theft, and securing their users and sites against financial and information loss.
- Andrew Shikiar
Executive Director and CMO of the FIDO Alliance
How NordPass supports a passwordless future
NordPass supports a passwordless future because it gets us closer to our ultimate goal at Nord Security: a safer cyber future for everyone.
We place our customers' privacy and safety above all else. We understand the safety issues of current authentication methods, and we feel it is our responsibility to dedicate time and expertise to looking for the fastest, easiest, and safest login experience, be it passwords or passkeys. It is our honor to join the progressive organizations of the FIDO Alliance, whose joint effort shapes the future of digital privacy.
- Jonas Karklys
CEO of NordPass
Our membership in the Fast Identity Online Alliance is new, but our commitment to a smoother authentication process isn’t: It’s at the core of what we do.
Here are some of NordPass’ features that complement passwordless authentication — making signing in simple both at home and at work.
NordPass is the only major password manager that offers Google single sign-on (SSO) functionality for Enterprise clients as well as for small and medium businesses.
Google SSO allows users to sign in to NordPass apps across different platforms using Google Workspace credentials.
Authentication service compatibility
To limit the number of passwords people use online, NordPass has also made its Enterprise plan compatible with other major authentication services, for instance, Microsoft Azure Active Directory.