With many thanks to Jonas Karklys, CEO of NordPass, Aviva Zacks of Safety Detectives was able to find out how important it is to have a password manager.
Safety Detectives: How did you get involved in cybersecurity and what do you love about it?
Jonas Karklys: I am really fascinated by how quickly one can achieve tangible results when it comes to digital products, which is why I am thrilled about this career path. I enjoy experimenting and creating. In this industry, you can do that all the time and achieve results fast — sometimes even build a beautiful product within a day. This is why I got involved in the digital world from my early childhood.
SD: Why do people need a password manager?
JK: Passwords are your first line of defense. Weak, reused, or compromised passwords are frequently responsible for the majority of data breaches, yet many people still fail to apply proper security measures. We always encourage people to create unique, lengthy, and random passwords in order to safeguard their accounts. And, while creating strong passwords is one issue, storing them is a whole different one. Our research shows that an average person has somewhere between 80-100 passwords. Unless you have a fantastic memory or reuse the same passwords across multiple accounts, it’s impossible to remember all of them. A password manager solves both issues: it helps users generate truly secure and unique passwords and stores them in an encrypted vault. All the user needs to remember is one password instead of one hundred of them.
SD: How do you stay ahead of your competition?
JK: Password management is not a new concept, and some of our competitors have been in the market since the late 90s. However, some things make NordPass stand out:
- User-centric approach. Our users are in the center of everything we do. From the day we launched, we opened many communication channels with our users and passed their feedback on to the product team. Our users’ requests are very important to us. For example, one of the most requested features on social media was the dark mode. We’re happy to announce that it’s already available!
- The ability to set our own ways. We don’t focus on standards set by our competitors. We’ve already implemented innovative encryption algorithms, such as the state-of-the-art XChaCha20, and introduced new technologies such as OCR scanners. We build our apps on zero-knowledge architecture and subject them to independent security audits so our users wouldn’t have to just take our word for it.
SD: What are the worst cyberthreats out there today?
JK: There are loads of them, affecting both individual users or businesses. But, when it comes to business cybersecurity, I would single out employee negligence because of the massive damage it could inflict. Our new study on password habits of large businesses reveals that even employees of the largest corporations struggle with password security. Many of them still safeguard their corporate accounts with very weak passwords, such as “123456” or “password”. Additionally, we found out that 20% of passwords were the exact name of the company or its variation. Such weak passwords can jeopardize even the largest corporations. Therefore, I think that education and knowledge of potential risks are vital. Employers need to help their employees be aware of the importance of password strength and understand why mixing their work and personal accounts could be dangerous. This ensures that their personal identity is protected and that all information related to the employer is protected in the event of a breach.
SD: How will Covid-19 change the face of cybersecurity for the future?
JK: With many employees forced to work remotely during the COVID-19 pandemic, companies are now more vulnerable than ever. In the office, everyone uses the same Wi-Fi connection, so it’s easier to ensure secure communication. On top of that, employees need access to all the internal resources, and these assets must be protected from potential attackers. Our research has revealed that 62% of people are using personal computers (or other devices) to work from home. This is concerning, as most private laptops are not equipped with proper security software.
All of this is making cybersecurity more important than ever and is also changing its focus. Instead of focusing on enterprise security only, many companies are now focusing on solutions and security for remote work. The combination of both is where the future face of cybersecurity is heading.