With passwords needed in order to access pretty much every tool and account these days, and remembering the passwords poses a problem for many, the NoMorePass app allows users to store passwords for websites and apps on their smartphones. The app is able to send stored passwords from the user's smartphone to the computer for logins, using a simplesystem that does not rely on the Internet, or on third-party extensions or applications.
To log in to a web-based account, a NoMorePass user clicks the NoMorePass icon that is integrated in the browser and a QR code appears on the screen. The user, having opened the NoMorePass app on his mobile phone, scans the QR code using his phone camera. Data from the phone is then sent to the computer, and the log-in fields of the website are automatically filled with the required information, including the stored user password, allowing the user to log in.
To store a password, the user presses a button in the NoMorePass app that opens another application located, for example, in the user's computer. The password is sent encrypted and directly to the computer. This way, the password is safe even if there is spyware on the network or if the servers were hacked because by the time it is circulated on the network, the password would have been encrypted with a key that does not circulate on the Internet.
The idea for NoMorePass came about because a friend of the company’s co-founders had trouble remembering his passwords, but didn’t want to use a password manager like LastPass or Norton Identity Safe, which is the common solution.
“He didn't want to use a password manager because that meant his passwords are in the cloud, beyond his control, and he didn't know what was going on with them," NoMorePass CEO José Antonio Espinosa Villanueva said in an interview last year.
The startup was founded in February 2018 and the NoMorePass app launched 10 months later. So far, the app is available in eight languages on Google Play for Android and App Store for iOS. There is also a desktop version for Windows, Mac, and Linux, and can be added to browsers through extensions and add-ons. Its technology includes hybrid applications, which displays the data recorded in the phone database in addition to web content, and CORBA on Linux server with some native API plug-ins.The app also uses military-grade AES encryption that would take years to be hacked, Espinosa Villanueva said.
“The password database is encrypted within the mobile so that every time the application is suspended, closed or the phone is locked, the password database in the mobile is erased. When the application is opened again, an identification must be provided, whether it’s a master password, fingerprint or face identification with the iPhone X. Once identification is verified, the app recovers the passwords again, but it is impossible to access the passwords without providing identification," he added.
NoMorePass does not rely on a central database. Each user's passwords are stored only on their personal mobile phone. This means that if NoMorePass' servers or the network on which the data is transmitted were hacked, the hackers will not be able to access users’ passwords. NoMorePass also provides two-step authentication, sending a code to the user's email or phone.
The app is currently free to use. While some other password managers on the market do offer free versions of their products, these are usually only on a trial basis. To monetize its product, NoMorePass works with a freemium model, offering additional paid services such as backups, transferring stored passwords to another mobile phone when users change their phones and the import/export of data and passwords.
“Our first major milestone was to develop the application, the next one will be to focus on subscriptions, which is how we earn money. However, for this, we need many more users, and that is why we decided to make the app free,” said Espinosa Villanueva.
Corporate version next
The startup is also developing a corporate version of the app for business users that includes functions such as the ability to share passwords within groups and the geolocation of users. “We plan to make corporate offers to companies with this version of the app and to contact mobile manufacturers that can help us open new doors,” said Espinosa Villanueva.
The startup's five co-founders – two of whom are serial entrepreneurs –have more than 20 years of experience in their respective fields. Espinosa Villanueva and Chief Cybersecurity Officer Ángel Moratilla Concejal are in charge of the technical aspects of NoMorePass. Both of them are computer engineers who had previously worked together at BiblioEteca Technologies, which offers advanced technologies for intelligent services and where Espinosa Villanueva was CEO, and at Digimate Computer, S.L, which is owned by Espinosa Villanueva.
Serial entrepreneur Espinosa Villanuevais also the author of the book “Yo Programo: el blog” (I program: the blog) and a blog of the same name. A professor of Computer Systems and Innovation and Knowledge Management at the European University of Madrid, he co-founded Dail Software, S.L., a company dedicated to the development of linguistic engineering applications.
The other two co-founders are Javier Pelayo, who takes care of the design elements of NoMorePas, and quality manager Ángel Rueda, who safeguards the business’s quality standards.
The company has so far been bootstrapped, with an initial capital of €50,000. Besides working on growing in Spain, it is also seeking funding for its expansion to other markets, including France, Portugal and Asia. “Our goal is to get enough financial muscle to be able to carry out [marketing] campaigns that allow us expand the use of the application,” said Espinosa Villanueva.
“The main challenge for a startup like NoMorePass is to enter the global market. So far, we have focused on conducting different marketing tests to determine what works. Once we raise more funding, we'll be able to invest in marketing."