Password Manager Enpass 6: new design, desktop premium features
Enpass released a new version of the company's password manager some days ago. Enpass 6 is available for all supported operating systems and the biggest release yet; it features a new design and security model, and introduces premium features to the desktop clients for the first time.
Enpass is available as a desktop program for Windows, Linux and Mac, as a Windows 10 UWP application, for Android and iOS devices, and as browser extensions. Also, Enpass portable is available.
Tip: Read our initial review of the password manager Enpass for an overview of the program, service, and functionality.
The desktop versions are free to use and don't limit users in regards to the number of password entries; the mobile versions are available as free, limited to 20 item versions, and one-time payment versions that do away with the limitations (pay once per platform).
Enpass 6
One of the changes in Enpass 6 is the introduction of premium features to the desktop versions. More precisely: to the Mac OS X and Windows 10 UWP versions of the password manager.
Users who run the Win32 version don't get access to the premium additions, and Linux users get them all for free.
On Windows, Enpass Premium adds Windows Hello and dark theme support, and options to create custom categories and templates. On Mac, Enpass Premium supports Touch ID, and the creation of custom categories and templates.
Enpass asked third-party company VerSprite to audit the new version of the password manager; VerSprite found 2 vulnerabilities that it rated medium but no high or critical issues.
Enpass changed the security model of Enpass 6; it switched to PBKDF2-HMAC-SHA512 and increased iterations to 100K. A whitepaper was released that provides detailed information about security features of the password manager. The new security model is shared across all programs and apps.
Enpass 6 supports keyfiles to unlock the password manager; this is a new security feature that protects the password database with a keyfile next to the master password. Attackers who manager to obtain the master password would need access to the keyfile as well to access the password database.
Secure Sharing, a function to share passwords with others, supports the use of Pre-Shared Keys now for that extra bit of security.
Users of Enpass 6 are not limited anymore to a single vault. The new version of the password manager introduces support for multiple vaults that users can switch between, e.g. separating multiple work vaults or work and home vaults. Each vault requires the selection of a different cloud account for synchronization; Enpass should consider finding a better solution for that as the implementation is less than optimal.
Enpass' Trash and Archive functionality changed as well. Items that are deleted by users of the password manager are moved to the Trash automatically so that they may be recovered (if deleted accidentally).
Passwords may also be moved to the archive where they remain accessible but are not included in searches anymore; good for keeping old passwords out of the way without deleting them.
Closing Words
Enpass ticks the right boxes for the most part when it comes to paid password managers; it is possible to just use the desktop version of Enpass and do so entirely free. If you want mobile support, you may need to buy the premium version as the free mobile version is limited to 20 password entries only. Premium versions offer lifetime access and are not subscription-based.
Enpass stores data locally on the device and may sync it using various cloud providers.
Now You: Do you use a password manager? If so, which and why?
I use the “Intuitive Password” password manager, it has more features.
@Josh: online storage, no thanks.
Am I the only one who thinks going by the screenshots, it looks almost identical to the new version of 1Password on desktop?
Definitely ripping off some of the design. I’ve used Enpass in the past but it had too many annoying niggles on the Mac, and so I’ve switched to 1Password instead and haven’t looked back.
I have been using Enpass for a couple of years now. I left LastPass and the only thing I missed was the Auto identity fill for filling in personal info. This new version now has that option even though I haven’t tried it yet. I have this on Windows 10, Linux Mint, and my Pixel 2 XL phone and they can all sink passwords together using a cloud service of your choice in their list.
I was wondering if you were going to write a story about Enpass Martin. I like this password manager alot.
Password Safe – Free open source. Nuff said.
Fuck these shitty password managers, they store your data insecurely and everything is in the cloud. These companies are sitting targets, look how many times LastPass got broken into.
BitWarden
Password-Safe
KeePassXC BEST PASSWORD MANAGERS!
yes, password safe is the best
Enpass leaves a lot to be desired for a free PWM when I check the chart at PC Mag:
https://www.pcmag.com/article2/0,2817,2475964,00.asp
PC Mag is reviewing v5. v6 checks many more boxes they do not have checked, e.g. importing from browsers and more.
After reading comments here recently, I switched from lastpass to bitwarden and am very happy. Seems much better on iOS, and desktop version works across all browsers. No cost at all to run.
V5 was good and well thought-out. V6, with its bland “metro/flat” interface (yes, another one), removal of Firefox “legacy” support and various other regressions confirms yet again that newer, flashier versions are not always for the best.
I’m not a fan of bulky metro interface, especially hard to navigate flying options panel which took the place of standard window.
Upon first launch after update my firewall blocked connections to: 35.161.178.150, 35.162.6.243, 40.77.229.123 which I doesn’t find nice to put this mildly. I was using enpass only because it was one of better offline managers right after keepassxc. Lack of options controlling what manager does online and for what purposes connects to the home (checking for new versions or sending “statistics”) I find offensive and unacceptable and also reason enough to look for another offline alternative.
Not mention that the tray icon behavior was changed and instead of restoring full window, it shows pop-up with passwords list. To open main window now you gotta reach for menu option under the button which screams that person responsible for this idea doesn’t know UX rules. Also the upgrade to the new version didn’t transfer half of my settings and I had to manually tweak everything again to what was selected before the release.
And for last word, there’s another reason which makes me wonder if its safe to use enpass – India’s Information Technology Act – Section 69, regarding mandatory decryption. They are operating from Gurugram, India and gods forbids if they will be forced to provide access to their computers…
It would be hard for India to demand decrypting your vault since Enpass is never in possession of it, i.e. it’s never transmitted over or stored in their facilities.
I used to use enpass but seeing what a mess they were making of the v6 betas made me wonder if they knew what they’re doing. I’ll probably look at it again after a few point releases but will stick to bitwarden at least for now.
You should try again. I think it’s a big improvement over the previous version.
What makes Enpass better than its competitors are its well-thought multi-field templates, multi-field auto-filling, on-par linux version, very good android client, and reasonable pricing. Sure you can achieve many such things with other softwares, even free ones, but Enpass is just so easy and well designed out of the box.
I didn’t dislike it before, it was fine. However the state of the betas (some more like alphas) they were shipping didn’t inspire confidence in their abilities. And if user facing issues were a problem you wonder what it’s like under the hood. Like I said I’ll probably look at it again in the future but not right now.
AdGuard has released their DNS service: adguard.com/en/blog/adguard-dns-announcement/
It supports DNS over TLS/HTTPS, and you can set it up on Android 9 as well directly from Settings: imgur.com/qBnQfkZ.png
It filters trackers and ad networks (?), and while you could make the argument that a DNS resolver should resolve every domain, regardless of what it serves, for phone usage I think it’s great where you are kind of limited in terms of adblockers and whatnot. I personally will use this on my phone and Yandex.DNS on my PC.
The DNS issue came up with Penguin Proxy–for whatever reason.
However, Martin already wrote an article about Mozilla using Cloudflare as the Default Trusted Recursive Resolver; so,if one is using Firefox, the “default” DNS server is Cloudflare regardless of what one “thinks” he/she is using.
May want to check in about:config and look at trr. Blank it out or change it.
Whilst interesting what’s that got to do with a password manager?
@Yuliya: what does this have to with password management?
@Klaas Vaak, a so HARSH freedom lover and privacy fighter like my dear Yuliya also use Yandex.DNS on her PC. You really should give it a try! Don’t stop! Never!
https://www.ghacks.net/2013/11/12/first-look-yandex-dns/
https://yandex.com/legal/confidential/
@CHEF-KOCH: if you tried to entertain me with your comment, you failed miserably.
You may not like Yuliya’s comments, for whatever reason, but she is entitled to her opinion and is free to express it as long as she does not hurt or insult anyone; to my knowledge she has not.
Best you keep focused on your uBO copying activities.
Nothing. I thought maybe Martin wants to write an article on this.
It’s been around for ages, it’s just a new blog post about it.