Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

3/17/2021
03:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Nord Security Unifies Login and Sign-up Process Across Nord VPN with Nord Account,

NordVPN is proud to announce a new feature — Nord Account, a secure and simplified way to use and manage accounts of the Nord family products. Nord Account is a platform that unifies the login and sign-up process across NordVPN, the world’s leading VPN service provider, NordPass, a next-generation password manager, and NordLocker, an end-to-end file encryption tool with a private cloud. Additionally, with the launch of Nord Account, Nord is starting to introduce the MFA sign-in process.

“Since the Nord suite of cybersecurity services is expanding, the time has come to introduce a new centralized solution that will help our users manage their accounts in a hassle-free way from a single place,” says Vykintas Maknickas, Product Strategist at NordVPN. “We’re following the industry standards, where platforms similar to Nord Account are used by tech giants.”

How the user benefits from Nord Account

  • One account instead of multiple.
  • Seamless experience.
  • The same unified user authentication process for all products.
  • Multi-factor authentication (in progress).
  • Centralized account management. Nord Account allows users to see all their active subscriptions to Nord products in one place, extend or cancel them, see the billing history, download apps, change account preferences, and read the latest security reports.
  • Ability to authenticate input-constrained devices remotely.
  • Log in with a simple click of a button. If a user is logged in to their Nord Account in a browser, NordVPN, NordPass, and/or NordLocker will recognize the user’s data and will let them log in with one click. 

How Nord Account works

Nord Account works with NordVPNNordPass, and NordLocker individually, as a mix of any two, or all three combined. 

For existing users, a Nord product account will be automatically transferred to Nord Account, so there’s no need to register again or manually change account details. Users just need to look for ‘Log in with Nord Account’ in their Nord product apps or create their Nord Account here.

The technology behind Nord Account

To act as a centralized identity provider and authorization server for Nord products and services, Nord Account is built on the OAuth 2.0 and OpenID Connect 1.0 protocols. “Once logged in to Nord Account in their default browser, users won’t need to enter their password to log in to Nord apps,” explains Vykintas Maknickas. “This is a future-proof technology, and Nord Security is the only provider on the market to use such efficient and high-level standards. Hopefully, we’re starting a new era of login security.”   

“With Nord Account, we also hope to reduce the password burden for our users and help them to avoid password reuse, which might result in credential stuffing attacks,” Vykintas Maknickas points out.

Future plans

In the nearest future, Nord Account will offer its users to log in using third-party logins, such as Google, Apple, and Microsoft, making it even smoother and quicker for new users to register and for existing ones to log in. Together with the roll-out of a single Nord Account, Nord is starting to introduce MFA sign-on to all its products. The new feature will be released gradually on all platforms and products.

“Nord Account is planning to support security keys, such as YubiKey, which offer strong MFA,” says Vykintas Maknickas. “And we’re not going to stop here. Additional multi-factor authentication methods, such as biometrics, will be implemented soon. The industry is moving towards passwordless flows, and we’re striving to keep up.”

ABOUT NORDVPN

NordVPN is the world’s most advanced VPN service provider used by over 14 million internet users worldwide. NordVPN provides double VPN encryption, malware blocking, and Onion Over VPN. The product is very user-friendly, offers one of the best prices on the market, has over 5,000 servers in 60 countries worldwide, and is P2P-friendly. One of the key features of NordVPN is the zero-log policy. For more information: nordvpn.com.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27394
PUBLISHED: 2021-04-16
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions < V8.17.0), Mendix Applications using Mendix 8 (V8.12) (All versions < V8.12.5), Mendix Applications using Mendix 8 (V8.6) (All versions <...
CVE-2020-9667
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.
CVE-2020-9668
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user.
CVE-2020-9681
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to rewrite the file of the administrator, which may lead to elevated permissions. Exploitation of this issue requires user interaction.
CVE-2021-26830
PUBLISHED: 2021-04-16
SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the `ID` input field of ajax.php in the `Pugin library - delete` module.