:format(avif))
:format(avif))
As we step into peak summer, let's take one last look at spring and June of 2025 at the NordPass headquarters. It was indeed a lush one, packed with product improvements and a nice array of research. So, without further ado, let's see what our team has worked on over the last quarter.
Contents:
Media and awards
Over the past few months, we have received quite a few awards. It's a great honor to be recognized for our work creating advanced yet easy-to-use cybersecurity solutions.
GQ's pick for the best password manager
To our great joy, the GQ team selected NordPass as the best overall password manager this year. GQ tests password managers based on price, ease of setup, and the quality of different features like autofill or password sharing. They noted that NordPass offers an easy-to-use interface, many features, and a good free tier.
American Business Stevie Bronze Medal
Here at NordPass, we strive to bring our users the best possible experience. So when there's an unexpected hiccup or issue, our amazing Customer Support team is there to help 24/7. It was a great pleasure to be recognized by the American Business Stevie Awards with the Bronze Medal for Customer Support Department of the Year.
CyberTech category winner of the Global Tech Awards
Not a day goes by that we don't think about how to improve and make cybersecurity effortless for individuals and companies. So, our team is truly happy to be recognized for excellence in the Cyber Security Technology category at this year's Global Tech Awards. The selection criteria include technical quality, user experience, scalability, social impact, and more.
Global InfoSec Award for Passwordless Authentication
Lastly, the Global InfoSec Awards recognized NordPass for its passwordless authentication. This award celebrates NordPass' commitment to advancing secure, password-free authentication solutions. With our passwordless authentication platform, Authopia, enterprises can enable seamless, passkey-based logins, help businesses reduce account takeover risks, and improve the user experience.
We have a passwordless login for our vault as well, so our users can access their accounts via biometrics. Additionally, NordPass supports cross-platform passkey storage and integration with identity providers like Google Workspace or Azure Active Directory.
Freshest NordPass updates and improvements
Okay, now let's get back to the core of NordPass—the product itself—and see what improvements and updates our team has made.
Sharing Hub update
As organizations grow, the question of sharing becomes more prominent. More and more credentials are moved around teams and departments, often informally or without consistent oversight.
To tackle this problem, we released Sharing Hub this autumn, which included a viewing option that allowed organization Owners to see which items could be accessed and by whom, as well as who had shared or created them. This spring, we significantly improved the feature. Now, Owners can control access to all shared company credentials by granting, modifying, or revoking access rights for any shared item or folder as needed. They can also transfer ownership if required, all from a single place—the NordPass Admin Panel.
:format(avif))
What's new with the company-wide Data Breach Scanner?
Similarly, we have made significant improvements to our tried-and-true Data Breach Scanner.
To ensure that your company gets the most from NordPass, we will now monitor your company's domain based on the organization Owner's email address, eliminating the need for separate verification. Note that in this case, you'll only get notifications about the breaches but no detailed information on them. If you want to get that additional info, you'll have to add your domain and verify it. As for domain verification, it's now seamless and automated.
We also gave the breach report a facelift. Now, you'll find a detailed description of the breach, the data it compromised, a list of affected organization members, and some recommendations for resolving the breach. In addition, admins can now see which breaches have been resolved and by whom.
Lastly, the "Breach details" list is now easier to navigate because it clearly distinguishes members' statuses within the NordPass organization. It shows whether members are uninvited, suspended, or Admins, and which groups they belong to.
:format(avif))
Business Account session management
From now on, organizations can set a 1-hour, 4-hour, 1-day, 7-day, 30-day, or custom time interval, after which the member session will end, and they will be logged out from NordPass. To continue using NordPass, the member will need to log in again, either using SSO or their Business Account credentials, and then verify their account with MFA, Master Password, or biometrics. For optimal security, we recommend setting the interval to 7 days. After this time, the member will need to log in again.
Filtering the Activity Log
Up next is the filtering improvement for the Activity Log feature. The Activity Log lets organizations gain insight into user activities by tracking access updates and identifying unusual behavior. From now on, Admins and Owners can search the Activity Log by the item ID, allowing them to streamline security investigative processes by quickly identifying suspicious activities. This filtering option, together with filtering by member and date, allows admins to see all actions made to a particular item.
:format(avif))
Integration with Microsoft Sentinel
By striving to build a seamless NordPass user experience, we have integrated with Microsoft Sentinel, an SIEM tool. From now on, our Enterprise customers can significantly strengthen their organization’s ability to meet compliance objectives by maintaining audit trails.
This integration allows Enterprise users to export and access NordPass activity logs alongside the data from other systems within Microsoft Sentinel. In doing so, companies can gain a holistic view of their security posture, conduct analysis, and quickly detect and respond to potential threats.
You asked, and we delivered
We are always eager to hear your feedback and improve accordingly. So, with that in mind, we ended last quarter with several user experience tweaks. Starting with the NordPass autofill icon, we have made 2 UX improvements:
You can now easily tell if your vault is locked thanks to the improved NordPass autofill icon. If you want to unlock the vault, simply click on the icon to open the pop-up window where you can enter your Master Password or use biometrics.
You can now turn off the NordPass autofill suggestions by clicking the icon. The choice will stay the same throughout the form you’re filling in.
:format(avif)){kind=icon}
NordPass' interface redesign
The vault interface across all our platforms and the Admin Panel are where our users primarily engage with and monitor their cybersecurity status. Therefore, we want to provide the most user-friendly experience possible. This quarter, we made some design changes to the iOS, Android, and other platforms to give the UI a more modern look and feel, in line with our NordPass rebranding, which we revealed last year. Additionally, all these platforms have seen usability improvements.
Research and other reports
This quarter was equally rich with research and reports, ranging from our classic report on the most common passwords to a brand-new one on digital anxiety. So let's see what we discovered:
TOP 20 Not-So-Secret Business Passwords
Together with NordStellar, we've analyzed the most common business passwords from 11 industries to uncover the habits behind office doors. Unfortunately, the password patterns are poor and truly not-so-secret. So poor, you might be able to guess the 3 most popular corporate passwords yourself. Yes, they’re "123456," "123456789," and "12345678." If you guessed "password," don't worry, it's on the list.
Our research also showed that using an email address as a password is just as common—it's convenient, yes, but it's one of the quickest ways to give your business credentials to hackers. Similarly, many people use their names for work-related passwords—another unfortunate practice that can expose the entire organization's sensitive data to potential threats.
:format(avif))
TOP 200 Most Common Passwords
Ah, and yes, what's NordPass without our annual TOP 200 Most Common Passwords research? It's our sixth year in a row—this time, in collaboration with NordStellar—analyzing people's password habits. And not so shockingly, they are still bad.
We researched passwords from 44 countries that were stolen by malware or exposed in the data leaks. Because they were leaked with email addresses in most cases, we could distinguish corporate and personal credentials by domain name, gaining more insight into both areas.
:format(avif))
Digital Anxiety Report
This quarter, we tapped into a new field and released a study on digital anxiety. We wanted to see how many people struggle with it and what's causing it. The results, or reasons for digital anxiety, are probably those that most people will relate to.
Nearly 80% of people have digital anxiety, which mostly comes from the fear of facing cybersecurity issues like account takeover, identity theft, or scams. However, mild to moderate anxiety was reported due to excessive ads or lack of internet access. As it turns out, even minor inconveniences online can take a toll on our mental well-being.
Stop reusing passwords
Do you have that one good and faithful password you've used since high school? Maybe it's scaterrrboi!94, which ticks most sites' requirements for password length and includes a special character and two numbers—why change it? Well, according to our recent survey, it turns out that it's common to reuse passwords. Learn more about why people still reuse passwords in 2025 and why this habit poses a formidable threat to cybersecurity.
Ex-hacker: 5 cyber threats that password managers protect against
We seek to spread knowledge about cybersecurity in every possible way, and sometimes, showing the nitty-gritty behind it is just what might be needed. So this spring, we collaborated with Daniel Kelley, a reformed black hat hacker, to understand the 5 main cyberattacks that can be prevented using a password manager. These threats include phishing, credential stuffing, brute-force attacks, keyloggers, and database leaks. By revealing the inner workings of these attacks, Daniel shed light on why relying on a password manager is vital.
:format(avif))
2025 EU-SOCTA: the changing DNA of organized crime
The EU-SOCTA documented a serious shift in organized crime: it seeped into the online world, creating new hybrid and wholly virtual threats that require unprecedented strategies to tackle. These threats may be accelerating and becoming more dangerous and destabilizing.
For example, one of the biggest threats posed by serious and organized crime is the destabilization of the EU. Criminal organizations aim to reduce trust in the legal system and government by spreading violence, corruption, and illicit proceeds. They rely on digital innovations like AI to conceal their activities and make tracing crime back to its source harder.
Although the landscape painted by the EU-SOCTA might seem grim, it indicates potential future trends, allowing individuals and businesses alike to prepare for evolving risks. So, we took this opportunity to explain how Nord Security products, including NordPass, can help.
:format(avif))
Bottom line
And that's a wrap! This quarter was busy with research and product improvements. Yet one thing is clear: we're not planning to stop this summer, so we'll see you again in a few months to review what we’ve been brewing. Stay safe with NordPass!