The Passwordless Future Is Here at NordPass

You lightly place your thumb at the bottom of your phone screen and, lo and behold, it’s unlocked instantly. So why can’t we do the same at the bank or when logging in to Twitter or YouTube? Well, soon we’ll be able to do it all. The passwordless future is inevitable and it's almost here.

At NordPass, we’re thrilled to be creating a passwordless future. But what is passwordless authentication? How does it work? Let’s answer these questions.

Why should we consider going passwordless?

Year after year, we see either “123456” or “password” top our Most Common Passwords List. Millions of people reuse absurdly simple passwords across multiple platforms, even though they are very easy to crack by using a dictionary or brute force attacks. It makes passwords (and the people using them) one of the weakest links security-wise in any company or service.

Weak passwords are just part of the problem. The way we treat passwords is an issue as well. One of the worst password sins that all of us can attest to is reusing passwords. Having a single password to secure multiple accounts is a huge security risk, to put it mildly. In such instances, a single compromised account indicates that all of user’s accounts are essentially compromised as well.

The solution lies in biometric authentication and passkeys, which combined become one of the safest and smoothest passwordless authentication options available.

Passkeys: The key to passwordless authentication

In an age where technology usage continues to rise, the need for secure and efficient authentication methods becomes all the more pressing. Passwords, which have long reigned supreme as a solution for securing online accounts, have over time proven to be unreliable and susceptible to hacking. In turn, many organizations and companies have been looking for new, more efficient, and robust ways to authenticate users.

One organization at the forefront of the effort to go passwordless is the FIDO Alliance. The alliance works with various companies, including NordPass, to develop and promote open standards for passwordless authentication.

According to the FIDO Alliance, the technology set to replace passwords is passkeys. Passkeys are digital credentials that are generated by the user's device. Usually used in combination with biometric data, such as a fingerprint or facial recognition, to offer an extra layer of security, passkeys provide access to websites and other online services.

What passkeys bring to the table

One of the major advantages of passkeys is that the private key, which is used to generate the passkey, never leaves the user's device. This makes it almost impossible for attackers to gain access to the key through phishing or other forms of cyberattack. Furthermore, passkeys are almost impossible to hack, making them more secure overall.

Unlike traditional passwords, passkeys are invisible to the user and are never revealed or entered manually.

Going passwordless will also improve user experience. A fingerprint scanner, for example, is a fast and reliable authentication method. It would also mean that there would be no more password reset procedures — IT departments throughout the world will be very grateful. Also, when it comes to biometric authentication, you don’t need to remember anything. You won’t have any Post-its on the computer screen or notes in your planner. You can’t lose, steal, or forget your fingerprint.

Room for improvement for current passkey-based authentication

Right now, passwordless authentication is gaining major traction among such tech giants as Microsoft, Apple, and Google. All of these companies have been introducing passwordless authentication solutions, and in most instances the solutions include the use of passkeys.

However, current passkey-based solutions have a long way to go. At the moment, these solutions limit users to a single ecosystem, which makes it difficult to share them between, say, an Android user and an iOS user. In addition, the current solutions do not offer any kind of sync with password managers.

But this is where NordPass comes into play. We are currently working on integrating passkeys into your favorite password manager.

Introducing passwordless authentication to NordPass

At NordPass, we’re excited to be at the forefront of the passwordless revolution. And by early 2023, NordPass is set to introduce passwordless authentication both for individuals and businesses.

Passwordless access to NordPass

We are currently working on enabling a passwordless sign-in to NordPass. It will be a faster and simpler process than the one now, since it will require a single biometric confirmation. In simple language, this means that you will be able to access your Nord Account and NordPass with a single tap of a finger. You read it right. No more manually entering your Nord Account and Master Password each time you need to log in. Passwordless access to NordPass is set to significantly improve user experience and overall security.

NordPass passkey storage

All NordPass users will have the ability to save passkeys for any website or app in the encrypted vault and use them to access those online services later. With NordPass, you’ll be able to use, share, and sync passkeys between multiple devices and platforms, whereas many passwordless authentication solutions tend to lack such functionalities. This will make NordPass a single place for all of your digital valuables, including passwords, passkeys, credit cards, and other sensitive information.

Passwordless multi-factor authentication (MFA) for businesses

Password-based authentication is still the industry standard. However, due to the inherent vulnerabilities that come with password-based authentication, most businesses face a variety of cybersecurity risks. To significantly reduce the risk of suffering a phishing or an account takeover attack, businesses need to rethink their security approach with regard to access to endpoint devices such as laptops, desktops, workstations, and mobile devices as well as applications that leverage regular passwords or even single sign-on solutions.

With the introduction of passwordless MFA, we’re looking to help businesses improve their overall security stance by eliminating the need for passwords and introducing an authentication method based solely on biometrics.

Passkey integration for online service providers

The world is already moving rapidly towards a passwordless future. Unfortunately, not everyone can adapt smoothly and efficiently. Many small to medium-sized businesses (SMBs) lack the resources and know-how to implement passkey authentication for their users. However, at NordPass we’re ready to leverage our security expertise to make the transition from passwords to passkeys as smooth as possible. We believe that the frictionless user experience offered by passkeys across multiple platforms and devices, combined with superior security, will help your business increase conversion rates, user engagement, and user satisfaction.

You can expect big things as early as 2023. So stay tuned, and be prepared for the inevitable passwordless future – it’s just around the corner.