Add Your VPN Review

Disclosure: Privacy Australia is community-supported. We may earn a commission when you buy a VPN through one of our links. Learn more.

NordPass Review

By Will Ellis
Last Updated on January 9, 2024
Screenlock Image

The world turned into a massive goldmine of crypto MEME coins, online banking, and valuable social media accounts… almost overnight. 

NordPass makes life a ton easier when storing and importing passwords for all of this securely.

For one – you’ll no longer need to craft (and recall) spellbindingly-long passwords to pass any strength test, for every account.

And there’s no need to know what device your login information is sitting on – NordPass syncs your desktop and mobile and much more than just auto-varying passwords for each account… We’ll review just how.

Table of Contents:

NordPass Review Summary 🇦🇺

First, what is NordPass? It’s a password manager that securely loads your browser session or device with all of your online account passwords – even autofilling purchases – use just one master password.

Verdict: It’s the gold standard. NordPass saves time and risk. Get a host of useful extras, like its web vault, that make things as convenient as possible. That’s why we’ve ranked it our best password manager.


  • Browser Plugins
  • Military-Grade Encryption
  • 30-Day Money Back


  • No Password Inheritance (only really for high-level assets)
Cost$35.88/yr (discount)
NordPass Discount 70% discount
PlatformsiOS, Mac, Windows, Android, BlackBerry, Chrome, Kindle, Linux, OS, Windows Phone
Browser PluginiOS, Android, Chrome, Firefox, Opera, Edge
Biometric LoginFingerprint (use only on compatible devices)
Max EncryptionxChaCha20 (military-grade)
Key FeaturesRandom password generator, web vault, health reports, data breach scanner, secure notes, payment autofill
Team FeaturesShare passwords, monitor user activity, global settings

NordPass Security Review

Some argue that password managers actually create an extra layer of risk, due to their presence online – but, that is overall an extreme way of viewing online risk; most of us, for instance, do some form of online banking. 

The one caveat is crypto, which has fewer regulations. If you lose your crypto due to a personal hack, it’s most likely gone forever… In this case, cold storage of your wallet’s coins is the superior way of storing cryptocurrency safely

We’d ideally use a pass manager AND cold storage for crypto! For most other uses – alone, password managers alone provide a higher level of protection than manual passwords – here are some of the NordPass security top features:

Random Password Generator 

This is the most important NordPass security feature. 

Available through its desktop app or browser plugin – simply choose a possible length of up to 60 characters (the default setting is 12), capital and lowercase, symbols, digits, and whether to avoid obscure characters (such as 0 and O). 

Passphrases are an option too, which is a default of four words. Either way, there’s no need to type these characters out at any point, so we would recommend enabling all four option sets. Once generated – you can choose it or to generate a new one. 

Our last tip is to go for at least 20 characters, as these are less easily crackable. 

NordPass Security: Web Vault 🏧

The second valuable NordPass security feature, the NordPass Web Vault, is there to make the service more convenient and intuitive for its user base. 

It’s important to note that the web vault is an extra feature that makes password management even simpler and more accessible.

It’s accessible directly from any popular browser. Through it, you’re able to access your main password vault and use it while you surf.

The way it improves the NordPass is simply that you’ll have most of the typical features, with just as much safety – but without having to download/install the full Web Vault app. Login using a single Master Password.

Once you login to the web vault session, your browser has access to the vault: 

  • Securely access all your passwords – no apps needed.  
  • Use autofill to save time – just install the browser extension. 
  • Quickly grab all your credit cards, passwords, secure notes, and other sensitive data – available in your browser at any moment – even if you’re on someone else’s or a company computer.

Note that the web vault can’t be accessed on mobile devices – and if you want the autofill and autosave options, you’ll need to have the desktop application installed on your computer.  

Overall, the NordPass web vault is especially good for Chromebook users, as it will sync effortlessly on your devices. But it’s available on all other platforms, when you want instant access to all your passwords on any machine when online. 

If you’re on a corporate network that does not allow third-party apps, the web vault will still work – this is one of its biggest strengths. You can still reach your passwords easily and fast. 

NordPass Security: Health Reports 

A very time-saving NordPass security service – think of this Password Health Report as your personal trainer. 

Today, even the average person has passwords for multiple accounts, each of which contains sensitive private data. Password health reports audits your various passwords, passcodes, and passphrases – across accounts – checking for weaknesses, and offering ways to tighten things up. 

Keeping tabs on this is no easy task, and making sure you’re up-to-date (eg. reusing certain passwords) would otherwise be too confusing to practically do.


You’ll be given visible flags that are categorized into three types of Threats:

  • Weak – If a password of yours is flagged weak, this means it’s easy to guess in the event of a brute force attack – random password generators like NordPass allow you to easily change these to longer and more complex ones. 
  • Reused – These are passwords that have been used over two or more of your accounts. NordPass, by default, will suggest that you change them to unique ones – this will limit the damage that attackers can do if they gain access to one account.  
  • Old – Means an account password has been used for over 90 days. It’s advisable to generate a new password, to keep things secure.

Secure Notes & Credit Cards

This works like a barebones version of the notes app in your phone – create memos to yourself, and add subject lines and a text body. NordPass doesn’t support attachments or links. It’s a place to hide away important information without storing it directly on your phone. 

While the Credit Cards area is for adding the payment options you want available, for populating during browsing sessions. One curious weakness is that you cannot pre-add billing addresses – but you won’t have to fill out that part by hand – as there’s a personal details section where you can pre-populate the basics (address, email, phone number, etc.).

This works smoothly – two clicks; one to bring up personal details possibilities, the other to select the appropriate entry from the drop-down menu. 

NordPass Review of Business Options

According to Verizon’s 2021 Data Breach Investigations Report, of all U.S. data breaches, 81% had poor password security as a contributing factor. 

NordPass’ security business options are compliant to HIPAA, GDPR, & ISO 270001 standards. Your business gains the Premium features that go the extra mile to safeguarding your PII stores – while being enterprise ready at a few clicks. 

The extra layers of security you’ll gain includes: 

  • Top-tier xChaCha20 encryption.
  • Data breach scanner (that discovers leaked data that bad actors might trade, for monetary gain, on the dark web).
  • Ability to make company-wide setting adjustments (eg. allowing certain logins to be shared between certain users).
  • User-activity logs – to pinpoint unusual activity.  

Eliminate the obvious risk gaps – be less culpable to legal suits and other reputational hits – in the event of a major breach.  

Zero-Knowledge 👁️

NordPass is built on zero-knowledge principles: only the permitted user can view their unique passwords before, during, and after transactions – and this includes NordPass’ team, which has zero access.

It also has zero-trust: users are restricted to certain privileges, and are granted no more access to nor manipulation of data than required for them to operate effectively. These two concepts are important for business-level cybersecurity.

NordPass Costs

The love child of panama-based company, Nord Security – also the team behind the well-known service, NordVPN – we had no problem getting a generous discount of between 50% and 70% for our readers.

What discount is actually available at the time, when you click the discount link, will depend on what’s being currently offered – but they usually have pretty good deals.

NordPass Plan

At the time of posting this NordPass review, the 2-year plan price was closer to $2.00 AUD/month – so make sure to check. It’s a solid price as you’ll get all the discounted Premium features that NordPass offers – for a very low cost:

  • Better manage passwords – store, manage, and easily access from anywhere and any device with high-level encryption.
  • Stop wasting time – generate, retrieve, and autofill passwords.
  • Discover issues – reports reveal weak passwords or if you’ve been data breached.
  • Zero-knowledge – business worthy web vaults; not even NordPass will know what you store.

NordPass Business

NordPass offers you a business level which is suitable for everyone from SMBs, with 5 employees, up to 250 users for enterprises. 

This tier improves compliance, user transparency, and auditing reports… While passwords are a standard type of authentication for access to digital services, the level of control that is suitable will depend on the value of data in that network, your personal or organizational risk appetite, and other factors.

A good rule of thumb: risk multiplies as the number of users sharing a central network does – such as a financial database. As a password manager, NordPass is equipped to handle SMB business needs as well as enterprises. 

A few surveys in 2020 found that 55% of workers write their passwords down on sticky notes, 44% reused them across personal and work-related accounts, while another 31% had their child’s name or birthday as their password (Source: Keeper Security, TechRepublic). 

For this reason, the Premium version differs notably from the Business version. Try them out for free today, by booking a demo

NordPass Coupon Codes

You’ll find various NordPass vouchers on offer from time to time… Privacy Australia has been able to get a permanent discount link, for our readers. This will typically get you between 50% and, as much as, 70% off your plan – with the two-year tier offering the best value for money on average.

Guide to Using NordPass


The NordPass desktop app and web plugin are an attractive gray and white color design, with intuitive navigation on the left panel. We didn’t see any problems when testing the interface out.

NordPass Password Manager

Items are categorized in the vault as the following: Secure Notes, Logins, Personal Info, Credit Cards, Shared Items, Settings, and Trash. Use the search bar in the upper left bit of the menu, to find things quickly. 

Away from the screen for a moment? Lock the NordPass app at a button’s click – in the bottom left. Auto-lock settings can be tweaked, and you can do upgrades and changes to your master password – or reset your master password if you forget it – from this app.

Finally, the All Items section shows every vault item on one screen, although descriptions for each item aren’t immediately visible from that area – mouse over any item, and you’ll get to see its content, make edits, and delete it. Jump right into the asset’s URL, too. This is overall a simple way to glance at every one of your assets.

Getting Started on Mobile and Desktop

To sign up for NordPass’ free version, you’ll have to enter your email, then confirm a six-digit code NordPass emails you (make a note of the recovery code for the future). The link will ask you to set up a password – after this, download the plugin for your chosen browser. (Works on all of the popular browsers.)

Before you’re up and running – sign in via the extension and create another password, which will be your account’s master password ⌨️.  

What is your master password? It’s different from your account password (the first one). Your account password decrypts your password vault, while the master password is used for account logins. 

(This may seem fussy, but remember you’re cutting a dozen or more passwords down to just two – it simply means one password lets you into NordPass’ app, while the other you’ll enter-in when actually doing account log-ins.) 

Take care that your master password is memorable, complicated, and at least 8 characters – to reduce the chances of it being compromised. If you need to reset everything, you’ll need the recovery code and email address. 

Using NordPass

NordPass automatically recognizes when you have encountered a login field while browsing. 

It instantly populates both the password and username fields with its icon. If it comes across a site for which your credentials have already been saved in NordPass’ web vault, a box then pops up – asking whether you want to login with your associated account. 

But, when you first log into your browser using the extension, it will ask you to import your browser’s pre-existing saved passwords. You can also import passwords as a CSV file. If you have no passwords saved, skip this step. 

For Premium and Business, any passwords you save are encrypted in sessions locally using xChaCha20, before anything is sent to NordPass’ servers. Your main risk, therefore, is with having bad security practices at your workplace (eg. someone looking over your shoulder as you type). Not even Nord Security ever gets to see your master password.

Breach Scanner & Password Health


Two quite recent additions – two NordPass security tools that fill out its cybersecurity intelligence, firepower, and depth. 

First – the data breach scanner, which was launched October 2020 offers users the power to know if their sensitive data has been leaked. 

The breach scanner was previously available for Business tiers only – for obvious reasons; businesses who fail to alert their customers of breachers become liable to legal ramifications that then have reputational consequences.

[Indeed, most M&A experts will devalue a company – over another – based on the strength of its cybersecurity program. Good news – this option is now also on Premium, too! One of the central vulnerabilities for SMEs are cyber attacks.]

Second – only for the Business tier (also now on Premium) users could, at a glance – see the strength of their assets, categorized as either 1) weak 2) reused, or 3) old. NordPass’ password health service was released around the same time.  

How to Use the Data Breach Scanner ⚙

  1. Logged into your app?
  2. Choose Tools, in the lower-left area.
  3. Select Data Breach Scan (only on NordPass Premium or Business).
  4. A window will open… Choose Scan Now and wait. It may take a few minutes to generate results.
  5. You’ll see how many breaches that your data appeared in – click on an entry, to learn how your data was leaked, where, and when.
  6. If you were breached, update any vulnerable passwords!

How to Use Health Reports 💪

  1. An alert will show if a password is weak (easily guessed), reused (more than 1 account), or old (over 90 days). 
  2. Simply choose to generate a new password, for each item. 
  3. Select length (12 minimum recommended) – and if you want caps, lowercase, symbols, digits, and obscure characters. 
  4. Hit Generate! 
  5. If happy, accept; each alert will now be gone.

NordPass Review – FAQs

What does NordPass cost? 

Last time we checked, the 2-year plan price was around $2.40 AUD/month – but this could be twice as much whenever they have no discount on offer. 

Privacy Australia has a special discount link for our readers, which gives you around 50% to 70% off their standard Premium price – so make sure to check it out; you’ll get their best non-business features – for the same as their standard version – or less (code still active).  

Get: 50% Premium discount.

What is password inheritance?

Password inheritance is there to help the bereaved to manage key documents and login information of a deceased or incapacitated party. 

This option does not require using a solicitor; often, for password managers or other services that offer this function, you can set up a protocol through the relevant app. Here are the typical setup steps ⭐:

  1. Enter contact details for yourself – this may include their full name, phone number, and email address. 
  2. Select your beneficiaries – choose at least one beneficiary whom you want to transfer your data to in the event of death. 
  3. Assign beneficiaries – choose the data to pass on. 
  4. Give your trusted beneficiaries the activation code – they’ll need this, to start the inheritance process. 
  5. Set a blocking period – this is how much time must pass before the concerned data is released, after the inheritance process is triggered. You may be able to stop the process after triggering it. 
  6. Activate data inheritance – your account is now prepared for emergencies

Why use a password manager for business?

Company password managers are an easy and effective way of boosting your company’s cybersecurity. A manager like NordPass is suitable for all company sizes, from small all the way up to enterprise.

Employees need only remember a Master Password, which unlocks their entire password vault. They can also securely share passwords with coworkers and retrieve each on different devices, even when offline. No more forgetting passwords after a long holiday. 

When you do choose an intelligent password manager, you eliminate an enormous range of daily and quarterly tasks crucial to good cybersecurity. 

What is zero-knowledge architecture?

Also known as zero-knowledge authentication, this means that any data stored by NordPass is not visible by the friendly folk at NordPass itself. Neither can other users, who do not have the necessary privileges, access that data. 

There’s a crossover with NordPass’ zero-knowledge architecture with how cryptocurrency technologies work, because NordPass uses ‘proof-of-work,’ cryptographic methods to safeguard your data. 

In short, it doesn’t even matter if someone on the administrative end of things is able to see your account activity – they’ll be limited to having proof that you have the login key (the “work”), but not have the key itself, in such a way making this system safer. 

The same goes for everything in your web vault: credit card data, notes, passwords, and your Master Password. Technically, in the event of a major server breach, your data will stay invisible. This is a crucial reason why password managers are so useful in the digital age.  

What is a Biometric Login?

A biometric login, or authentication, is a security process that uses the unique biological traits of humans, to authenticate who they are. For instance, biometric passports rely on fingerprints and retina scans to verify the identity of passengers who are boarding.  

Some phones use fingerprint biometric logins; in extreme cases, DNA is used – if genetic material matches what is stored on a pre-existing database, the individual is granted access.

Other forms include: ear-shape authentication – and signature, face, and voice recognition.

There are several situations where using a reliable random password generator makes life a bunch easier, mitigates cybersecurity risk, and lets you avoid the nightmare of forgetting your passwords – after a holiday or when using someone else’s device 📲.

Nord Security, the same guys behind NordVPN – who ranks as our best VPN provider – also have a great reputation for transparency. NordPass overall covers every key base, including a cheap feature-rich Premium version. 

One exception – if you need data inheritance, in order to be prepared for the event of death or being debilitated – but for most of us, that would not be a deal-breaker.

Try NordPass’ 30-day money back guarantee

You Might Also Like:

Related posts