NordLocker uses a freemium business model, where users are offered a free account with unlimited local file encryption and a set amount of cloud storage with sync and backup features. More cloud storage is available via a paid subscription.
History
In May 2019, NordVPN announced the upcoming launch of NordLocker, "an app with a zero-knowledge encryption process".[4] Although the initial estimated time of arrival was summer 2019, the actual launch took place in November. The app was launched as a local file encryption tool with secure sharing. Users were able to encrypt up to 5 GB of data for free or pay for unlimited encryption.[5]
In March 2020, NordLocker announced newly implemented cloud sharing integrations with Dropbox and Google Drive.[6]
In August 2020, NordLocker launched a cloud storage add-on, a feature allowing users to back up their data and synchronize it across multiple devices.[7]
Features
NordLocker is an encryption software with cloud integration. The software uses so called "lockers" - encrypted folders to encrypt and store user files. Users can create an unlimited number of lockers, drop files in to encrypt them, and transfer lockers separately.[8]
The app uses client-side encryption to secure files on the user's device first.[9] It's a zero-knowledge encryption system, where the developers have no data about users' files.[10] After the encryption process, the user can decide whether to store data locally or sync it via NordLocker’s cloud.[11] NordLocker syncs files via a private cloud, so they can be accessed from any computer with the NordLocker app installed.
The program uses AES-256 and 4096-bit RSA encryption algorithms[12] as well as Argon2 and ECC (with XChaCha20, EdDSA, and Poly1305).[13] NordLocker uses Libsodium to generate a random 256-bit key and encrypt lockers. To encrypt that key, the app then uses XChaCha20-Poly1305 and the user’s master password.[14]
The local encryption is free as of December 2020 — the service monetizes cloud storage space beyond the 3 GB provided with the free plan.
Hacking contest
In April 2020, NordLocker launched the "NordLocker Bounty campaign", a hacking competition with the top prize of $10,000.[15] To win, a person had to download an encrypted "locker" from the company's site, hack into it, and find the hidden message. Based on the NordLocker’s campaign page, there were over 600 attempts to break the locker but no one has claimed the bounty as of December 2020.[16]
Reception
A June 2020 PCMagazine review noted that NordLocker was easy to use but lacked features like secure file deletion and two-factor authentication.[17] In August 2020, ITPro called NordLocker’s cloud add-on a “critical feature for modern business, especially with the coronavirus outbreak forcing many companies’ workforces to remain remote.”[18] Restore Privacy praised NordLocker for strong end-to-end encryption and the "new, lower price" but mentioned the fact that NordLocker is not open-source.[19]
Boxcryptor, another encryption service, has compared NordLocker’s security to their own but noted that NordLocker does not have a mobile application.[20]