Using XChaCha20 encryption to keep your data safe

The XChaCha20 algorithm is a way of encrypting and decrypting data. It supports two different lengths of keys, with the 256-bit encryption being the strongest. NordPass uses XChaCha20 to encrypt your password vault.

Most password managers and other security products have been built using AES-256 encryption, which is a recognized security standard. So why did NordPass choose to be different?

We want our product to be long-lasting and are looking at our customers' security in the long run. AES encryption is fast and secure, but it shows some early signs of potentially becoming crackable in the future. If this happens, most products will have to go back to older encryption algorithms. We want to avoid this and move forward, not backward. In technical terms, we chose XChaCha20 because:

• It's faster to implement than AES-256. It's also around 3 times faster on platforms that lack AES hardware.

• It's simpler, meaning that technical and human errors are easier to avoid when implementing it.

• It doesn't need hardware support.

• Mobile platforms are slowly but surely moving to XChaCha20, so in the near future it will be recognized on an even wider scale.

Using XChaCha20 encryption is just one of the many ways we ensure NordPass remains a secure password manager, but it’s an important one. It demonstrates our commitment to making NordPass as safe, reliable, and trustworthy a solution as possible.