Enpass Password Manager review
The main purpose of password managers is to remember all those unique username and password combinations that you create for all your online and offline accounts, credit cards, smartphone PINs and other data that needs to be secure and is therefore hard to remember.
Password managers come in several flavors. You can divide them up into local and remote password managers for instance. Local solutions, KeePass comes to mind as it is my preferred password manager, store all data locally by default.
That's great as it is up to you, and only you, to keep the database secure. Remote password managers like LastPass on the other hand store the data online by default. While you hand over some responsibility in the process, they often improve data synchronization in the process.
Enpass is a password manager for various desktop and mobile operating systems that offers both options. All desktop versions are free of charge and not limited in any way while mobile versions are limited to 20 data sets unless a life-time Pro versions is bought.
Update: The company introduced a premium model for desktop versions with Enpass 6. Desktop versions are not limited to 20 data sets like mobile versions are; premium versions add functionality, e.g. support for Windows Hello on Windows 10.
This review looks at the Windows desktop version specifically. All versions share that they store the data locally by default. In fact, Enpass does not offer native options to store passwords online on their servers or access them using a web interface. There are syncing options that you can enable but they use third-party services like Dropbox, Google Drive, or OneDrive, WebDav, OwnCloud, or custom folders on a PC or network that you want to sync the data with.
The data is always synced in encrypted form when that option is enabled.
Another nice to have feature is support for more than a dozen password managers that you can import data sets from. Support are for instance LastPass, KeePass, 1Password, Dashlane or RoboForm.
The data itself is protected by a master password and encrypted with 256-bit AES "with 24,000 rounds of PBKDF2 using the peer-reviewed and open-source encryption engine SQLCipher".
Enpass works similar to KeePass in that it provides little browser or program integration by default. Unlike KeePass, it is not offering a global shortcut to send sign-in data to browsers or other programs, and it is also not supporting plugins to extend the password managers functionality.
This means that it is limited to storage and synchronization. If you need to enter passwords, you need to copy and paste the data manually each time, and the same is true for new passwords and logins that you create.
Enpass ships with a password manager that you can use to create custom passwords based on your preferences, e.g. that have a certain lengths and include at least x letters, digits and special characters. This password manager is integrated in the add dialog which makes the whole process a bit easier but still not as easy as password managers do that support browsers and capture the information while you enter them in the browser.
Verdict
Enpass is obviously not the right program for users who prefer password managers that support logging them in automatically, capturing new accounts automatically or filling out forms but if you want a local password storage with optional synchronization support that puts you in full charge of your data, then this program may be worth a try especially since it has all major operating systems covered.
Downloaded for free? Where do they get the money then? No way. I prefer any standalone open source program like Password Safe or whatever.
Enpass is just awesome, espacially with the owncloud integration – keep all your data in private places! :)
And available on all plattforms: Android, IOS, Windows, Mac, Linux!
I use “Intuitive Password” online password manager. I have tried many password managers and I keep coming back to Intuitive Password. It is absolutely the easiest to use, will suggest dynamic passwords for me, it works on all devices (mobile phones, tablets, laptops and desktop PCs) without installation. It is free but has an inexpensive yearly subscription if necessary. One of the best part is if I need to fill in a user name and password on a specific site, I just click on the little login button shown on the plugin, and Intuitive Password will fill in the info requested for me. There is not a word great enough to express my feelings on this awesome product!
That’s an Australian product. Would never put my passwords on servers in that country (nor US, UK)
https://enpass.io/enpass-browser-extension/
is pretty sweet. WAY safer than syncing browser login/pwds. just my 2c.
@RottenScoundrel
“I wrote my own password manager and it auto-copies for me, but I have to paste it. But, hey, what do I know.”
How about 40 years of wisdom. The last time i checked, that is still earned the hard way. Thank you for your input.
>> especially since it has all major operating systems covered
Hmmmm, nah, couldn’t be written in Java? Now there’s a security stronghold for your passwords. LOL
OK, back to real life, anyone who does NOT copy/paste their passwords into a webpage is just waiting in line to be back-stabbed. Copy and paste is about as secure as it can get without actually typing the passwords in. Not 100% secure, but 30% ahead of the very best of the browser integrated toys. Just one old programmer’s thoughts after some 40 years of wrestling with “safe” stuff.
I wrote my own password manager and it auto-copies for me, but I have to paste it. But, hey, what do I know.
i agree with copy and paste…just one thought: i use password safe, very similar to keepass. if you copy and paste to form, then minimize program to taskbar, it deletes any info on clipboard so your password does not just hang around ..
Integration with browser:https://chrome.google.com/webstore/detail/enpass-password-manager-r/kmcfomidfpdkfieipokbalgegidffkal
KeePass + Dropbox = <3
tbh, I never used keepass' browser integration, I just have it copy to clipboard. Guess i'm old fashioned like that, but meh…
Being old fashioned isn’t always worth it, KeePass can circumvent clipboard and keyloggers if you use it right.
To me, it’s useless without browser integration.
Enpass, LIKE KEEPASS, has browser integration!
There is browser integration….
https://www.enpass.io/enpass-browser-extension/