Enpass Review: Quick Expert Summary
Enpass is a fully offline password manager that offers a completely free desktop version for Windows, macOS, and Linux users. The free version includes unlimited password storage and all of Enpass’s features except breach monitoring and identification of accounts that support 2FA.
Enpass handles the basics of password management well, and it includes features like:
- Unlimited password storage.
- Unlimited password vaults.
- Password generator.
- Auto-save and auto-fill.
- Password sharing.
- Password auditing.
- TOTP (time-based one-time password) code generator.
- Biometric logins (mobiles + supported computers).
It’s great that Enpass users can create as many vaults as they want, which makes it very easy to organize all logins and other data. I also think Enpass’s password generator is good, and the auto-save and auto-fill worked well — although the auto-fill includes a couple of unnecessary steps to work. Enpass’s password auditing feature is also pretty good, but other password managers have more advanced password analysis features.
However, Enpass has a few serious downsides. First, a lot of the features are difficult to set up and use (including the Keyfile which is supposed to be an alternative to two-factor authentication). Second, Enpass’s password sharing feature is completely insecure — sharing logins via email is Enpass’s default sharing option! Third, because Enpass is an offline password manager, users need to sync via Wi-Fi or subscribe to a third-party cloud service to be able to back up and sync passwords across devices. Top competitors like 1Password, on the other hand, offer easy device syncing, intuitive and secure password sharing, and multiple 2FA options.
Overall, there are many better password managers on the market. But considering that Enpass’s desktop version is free and that the premium subscriptions are pretty affordable (there’s also a lifetime subscription that’s cheaper than most competitors’ yearly plans), you may want to give it a try.
|🏅 Overall Rank||#11 out of 54 password managers|
|🔐 Encryption||256-bit AES|
|🎁 Free Plan||Unlimited passwords (desktop); 25 passwords (mobile)|
|💸 Starting Price||$23.99 per year|
|💰 Money-Back Guarantee||30 days|
|📀 Operating Systems||Windows, Android, Mac, iOS, Linux|
Enpass Full Review
Enpass is a decent offline password manager, but it lacks a lot of features and functionality that can be found in some of the best password managers on the market. It handles basic password management functions well and has some useful features, but it’s complicated to set up and you can only sync passwords across devices via a shared Wi-Fi network or a third-party service, which will be a downside for many users.
Enpass’s free version comes with every feature except the breach monitoring and 2FA identification, and it restricts you to 25 passwords on mobile. The premium version offers all features and unlimited passwords across desktop and mobile and is very affordable for both individuals and families. There’s also a lifetime purchase option that is undoubtedly a good value.
Enpass Security Features
Enpass uses industry-standard AES 256-bit encryption. This is one of the most secure and advanced encryption methods available, used by governments and banks around the world to protect their data.
Unlike password managers that store user data in the cloud, Enpass is a fully offline password manager. This means that user data is saved locally, on your device, and not on Enpass’s servers. Offline password managers are generally considered very secure because your data never leaves your device, but they have one downside — they don’t back up or sync passwords. Enpass has come up with 3 solutions to this problem. To back up all of your data and sync all of your passwords across your devices, you can:
- Download a portable version of Enpass — access your password vault on any Windows, macOS, or Linux device via a USB stick.
- Use a third-party cloud service provider — some of the supported providers include Dropbox, iCloud, Google Drive, and OneDrive.
- Sync via Wi-Fi — connect your devices to the same Wi-Fi network to sync your data.
While I appreciate that Enpass offers options for users to back up and sync their data, I think that they may be somewhat confusing for non-technical users. Plus, users may need to pay an additional subscription fee for cloud services. Top competitors like Dashlane or LastPass automatically sync user data across all devices, and there are also password managers like 1Password and Sticky Password that let you choose whether you want to store your data locally or on the company’s secure servers.
Unlike the best password managers on the market, Enpass doesn’t offer regular two-factor authentication (2FA). However, it does let you create a “Keyfile”, a file on your computer with an encryption key that is used as a second factor of authentication to log into your Enpass vault. It also offers biometric authentication options for both Windows and Mac devices that support biometrics. Biometric logins are also supported on mobile devices.
Overall, Enpass is pretty secure, but it needs some improvement. I’d like to see Enpass add regular 2FA and integrate its own cloud storage option instead of asking users to choose a third-party option — which would likely confuse many non-technical users. However, for a password manager with a totally free desktop version, I think Enpass is ok.
Enpass’s password vaults securely store your passwords and other sensitive information — including credit card details, bank account information, insurance policies, ID cards, driver’s licenses, and lots more.
By default, Enpass stores all of your data in a primary vault that is created upon installation. However, it lets users create an unlimited number of vaults — great for organizing and sharing data with other Enpass users.
Creating vaults is pretty simple. All you have to do is click on the vaults logo on the top of the display and select Create New. You can also go to Settings, click on Vaults, and click on the “+” button at the top right corner.
When you create a new vault, you need to set up a password to encrypt the data in the vault (just like a master password). While this does add another layer of security to each password vault, I haven’t seen many competing password managers require users to set new passwords for separate vaults. For example, 1Password allows you to create and share multiple vaults with other users without setting passwords for specific vaults.
Once you’re done setting up your Enpass vaults, you can start adding passwords and other sensitive information to each vault. There is a wide range of categories for organizing user data — including Login, Credit Card, Identity, Note, Password, Finance, License, Travel, Computer, and Miscellaneous. Some of these categories have subcategories as well. For example, when you choose Finance, you can add a bank account, insurance policy, loan/mortgage, mutual fund, stock investment, or other finance info. You can also use Enpass to store important documents, as it allows file uploads (up to a maximum 5 MB per file).
When adding a new login, you can choose from a very long list of websites, like Facebook, Twitter, Amazon, Wikipedia, and many others. If the site you’re looking for isn’t on the list, you can add it manually, customizing the entry based on your needs. For example, you can add, remove, or rearrange fields, select different icons, and add tags and notes.
Enpass also lets you create an unlimited number of identities. The default sections include personal information, home address, contact details, work details, work address, social, and additional details, but you can also add as many fields as you like. I think it’s really cool that you can add as much information about yourself as you want, but I prefer RoboForm’s approach — a wide range of pre-made templates in addition to one customizable template.
Overall, creating, accessing, and customizing Enpass vaults is very simple. I think it’s really cool that Enpass gives users complete freedom over how they will organize passwords and other data, and I like that users have to set up passwords for each new vault — although this can be a bit inconvenient for users with plenty of vaults.
Enpass’s Keyfile is an optional feature that can be used as a second factor of authentication when logging into your Enpass account. The Keyfile is a file with an encryption key that you can generate when adding or changing your master password. This file is saved on your computer, and each time you want to log into your Enpass account, you have to type in your master password and open the Keyfile from your computer.
While some users may appreciate the Keyfile, I found it to be too difficult to access and use. Here’s what I had to do to set up the Keyfile:
- Go to Settings, choose Security, select Change master password.
- Enter the master password, click on Continue.
- Click Advanced at the bottom of the screen.
- Click Generate Keyfile, and then save the file on my PC.
- Enter the master password in the Enter new password and Confirm new password fields (I don’t understand why this step is necessary — I didn’t change my master password!)
- Click Done.
It’s important to keep in mind that you won’t be able to log into your Enpass account if you lose your master password or Keyfile. Unlike some password managers like LastPass which have multiple recovery options, Enpass doesn’t provide a way to recover your data. Instead, you’d need to reset your Enpass account — which means the loss of all your data.
Overall, I don’t think that Enpass’s Keyfile is a good enough alternative to 2FA. Because users choose where to save the Keyfile on their computer, it can easily get lost or stolen (anyone with access to your computer also has access to the Keyfile). Plus, the Keyfile isn’t as easy to set up and use as regular 2FA — I’m not sure that most users will understand what the Keyfile is or know how to access its settings.
2023’s best password managers all offer several 2FA options, so I’d really like to see Enpass include 2FA in its offering. That said, Enpass’s Keyfile does function as a second factor — I just don’t think this solution can compete with traditional 2FA in terms of security, convenience, or ease of use.
Enpass lets users share both individual entries and vaults — even on the free plan! This is great, as most password managers restrict sharing in their free versions, hoping that the users will pay for an upgrade.
However, I can’t say I’m happy with the way Enpass handles password sharing. When I wanted to share an item with a colleague, I was shocked to learn that Enpass’s default sharing settings are completely unsecured.
As soon as I selected an item to share, Enpass warned me against using unsecured sharing, but the message I got was wordy and confusing:
As the message suggested, I went to Advanced Settings and found out that Pre-Shared Keys (PSK) are passwords that you can either create or generate using Enpass’s password generator (the default option is to generate easily pronounceable passphrases). I needed to create one for every person I wanted to share passwords with. Then, I had to share the PSK with them so they could use it for accessing the data I shared with them.
Once I set up my PSKs, I went back to complete my password sharing test — and was astonished to see that Enpass has secure password sharing OFF by default! To enable secure password sharing, I had to select Encrypt with PSK. By then, I was able to figure out that “PSK” meant “Pre-Shared Key” — but Enpass really shouldn’t make users guess what each setting means!
Before encrypting the passwords I wanted to share with a PSK, I decided to see what unsecure sharing looked like. So, using the default (unsecured) sharing option, Enpass gave me the option to share the password via email or copy it to the clipboard. I picked the email option, and the program automatically generated the message shown in the screenshot below:
After I went back and encrypted my password with PSK, sharing via email was a little more secure — it didn’t contain any sensitive information!
If you want to share a vault with someone, you can do it via your cloud service. However, keep in mind that you need to give the other user the login details of the cloud service as well as the password vault. Also, because vault sharing isn’t done through Enpass, there’s no way to actually set up permissions — the person you’re sharing the vault with can do whatever they want with the passwords! This is really poor — 1Password by comparison lets you set various permission levels when you share your vaults, and there’s no third-party service involved.
Honestly, I think Enpass’s sharing feature is pretty bad. There’s not one thing I like about the way Enpass shares user passwords — generating Pre-Shared Keys for each person you want to share a password with (and then sending them the key!), having to change the default sharing settings from unsecured to secure, sending sensitive information via email, and even sharing cloud service logins for vault sharing!
If you’re looking to share passwords with other users, there are tons of better options than Enpass. I recommend 1Password or Dashlane, but many other competitors also have decent sharing options — definitely better than Enpass! On the other hand, if you don’t need to share passwords with others and never plan on using Enpass’s password sharing feature, Enpass may not be that bad for you.
Auto-fill & Auto-save
To auto-fill and auto-save passwords, users need to install Enpass’s browser extension — which is available for Chrome, Firefox, Safari, Edge, Opera, Vivaldi, and Brave.
The Enpass browser extension is pretty minimalistic, showing user logins, favorites, credit cards, and identities. There’s also a password generator and a search bar for quickly finding the logins you need.
However, when you do find a login for a specific site, you have to click on the login, then click on the information icon, and then finally click on the website. With competing password managers like LastPass, you only have to click on the login once to open the associated site.
Once the site you want to log into is open, you can select the right login details from a dropdown menu and Enpass will auto-fill them for you. This worked pretty well in my tests, and is a big improvement — up until recently Enpass made you open the browser extension and double-click on a login to access auto-fill.
The auto-save works well too — each time I’d log into a website that wasn’t already in my vault, an option to Add to Enpass would pop up, and the item would be auto-saved to my vault.
When you set up a new account, Enpass’s password generator will automatically pop up and offer to create a strong password for you. And once you’ve filled in your new account details, Enpass will automatically prompt you to save them to your vault.
Overall, Enpass’s auto-fill and auto-save features worked well during my tests, but I felt that the extension required too many unnecessary clicks. This isn’t a big deal, but I do prefer password managers whose auto-fill feature is really automatic, like 1Password and Keeper. That said, Enpass does auto-save passwords, and its auto-fill feature is pretty good overall.
Password Audit & Password Generator
Enpass’s Password Audit alerts you to breached, compromised, identical, weak, and expired passwords, and lets you know if you have inactive 2FA on any 2FA-supported accounts. The breach monitoring and 2FA alerts are only available to Enpass Premium users, but free users get the basic audit. In my tests, I discovered one of my passwords was weak, one was compromised, and 2 had inactive 2FA. In each case, when I clicked on the account, I got details of the current password and a link to go and change my login details for that account.
Enpass uses the Have I Been Pwned database to check whether emails or passwords have been compromised in a data breach. If it does find a breach, you get information on the date of the breach, the types of info that were breached, and a link to further information. This is pretty good — RoboForm, for example, doesn’t give you any details about the breaches it finds.
That said, Enpass’s security monitoring features are still fairly basic — especially when compared to 1Password’s Watchtower or LastPass’s Security Challenge, which both give you an overall security score and advice on how to improve it. But it is great to see that Enpass includes some security tools with its free desktop version, as not all password managers offer password auditing — even with their paid versions.
After I audited all of my passwords, it was time to change them using Enpass’s password generator. I could choose whether I wanted to generate pronounceable passwords (passphrases) or passwords that included symbols in addition to letters and numbers. Pronounceable passwords can contain up to 15 words (the default length is 6 words), whereas passwords that aren’t easily pronounceable can contain 4-100 characters (with a default of 20).
Users who additionally want to customize their passwords can choose to separate passphrases with underscores, spaces, periods, hyphens, hashes, dollars, or commas. For passwords that aren’t pronounceable, users can choose to include or exclude certain characters. I really like this range of options — top competitors like RoboForm don’t generate passphrases at all, let alone allowing you to choose how you separate the words in a passphrase.
I was really impressed with Enpass’s password generator. It’s user-friendly, has a lot of customization options (including creating passphrases up to 15 words long), and it makes it simple to generate strong and random passwords.
Enpass’s TOTP (time-based one-time passwords) generator is a two-factor authentication (2FA) code generator that can be used for specific logins (instead of applications such as Authy or Google Authenticator). The TOTP generator stores and generates 2FA codes that expire every 30 seconds for websites that support 2FA.
Setting up the TOTP generator is easy both on the desktop and mobile apps. On desktop, all you have to do is add a one-time password to an entry (login entries have this field by default, but you can add custom fields to other entries). On mobile, you simply need to scan a QR code.
Once set up, the TOTP generator worked fine on both my desktop and smartphone, although I found it a bit easier to use on mobile. I also liked that I could see the TOTP for my logins in my Apple Watch.
The TOTP generator is much simpler to understand and use than many other Enpass features. I like how easy it is to set up and access the TOTP generator, especially on mobile devices. Overall, while it’s not a unique feature (1Password and RoboForm also offer TOTP generators), it’s a pretty cool extra that most users will appreciate.
Enpass Plans and Pricing
Enpass offers a completely free desktop version, a limited free version for mobile, and 3 premium options. Unlike most password managers which limit the functionality of their free plans, Enpass’s free plan provides desktop users with everything except breach monitoring and identification of 2FA-supported logins. Mobile users can also use Enpass for free — but they can only store up to 25 passwords, which isn’t enough for most users.
For its paid plans, Enpass offers both subscription and one-off payment options, and all plans come with a 30-day money-back guarantee. Here’s what you get with every Enpass plan.
|Lite Free||Premium Individual Plan||Premium Family Plan||Premium Lifetime Plan|
|Platforms||Mac, iOS, Windows, Android, Chrome OS, Linux||Mac, iOS, Windows, Android, Chrome OS, Linux||Mac, iOS, Windows, Android, Chrome OS, Linux||Mac, iOS, Windows, Android, Chrome OS, Linux|
|Number of licences||1||1||6||1|
|Price||Free||$23.99 / year||$35.99 / year||$99.99 / year|
(unlimited on desktop, 25 on mobile)
(unlimited on desktop, 1 on mobile)
|Auto-fill and auto-save||✅||✅||✅||✅|
|Password security audit||✅||✅||✅||✅|
|2FA site identification||❌||✅||✅||✅|
Enpass Lite Free Plan — Unlimited Local Password Storage on Desktop
Enpass’s free version includes:
- Unlimited password storage on desktop (25 password limit on mobile).
- Unlimited vaults on desktop (1 vault on mobile).
- Password & data sharing.
- Password generator.
- Auto-fill & auto-save (browser extension).
- Third-party cloud service connectivity.
- Biometric login.
- Smartwatch compatibility.
- Password security audit.
- TOTP generator.
You can use Enpass’s free version across all of your devices, and I think it’s really cool that free desktop users get access to the vast majority of features — only the breach monitoring and identification of 2FA-compatible sites are premium only. On mobile, the free plan is more limited. A 25-password limit won’t be enough for most users, and all the best free password managers offer an option for unlimited passwords on mobile.
Overall, Enpass is a pretty basic password manager, and there are better free products on the market, including LastPass’s free plan that includes basic 2FA, or Dashlane’s free plan that comes with data breach monitoring and more. On the other hand, even LastPass and Dashlane have limitations on their free plans (for example, Dashlane only lets you store passwords on 1 device, and LastPass makes you choose between mobile or desktop devices), whereas Enpass’s free plan has fewer restrictions.
Enpass Premium — Unlimited Storage and Devices
This plan is offered as an annual or lifetime subscription. It includes everything in the free plan, plus:
- Unlimited password storage (desktop and mobile).
- Unlimited vaults for your data (desktop and mobile).
- Breach monitoring.
- Identification of 2FA-supported sites.
While the annual plan is reasonably priced at $23.99 / year, the lifetime subscription is the best value plan — at $99.99 / year, it’s the same price as most competitors’ yearly plans. There’s also a family plan which is the same as the individual plan, but it adds up to 6 users for $35.99 / year.
Enpass Ease of Use and Setup
Installing Enpass is pretty simple — downloading and setting up the password manager doesn’t take more than a couple of minutes. After I installed Enpass, I had to create a new account and set up a master password. I chose a somewhat weak master password, and Enpass warned me that the password I typed in wasn’t strong enough. However, I was surprised that Enpass still accepted the weak password despite the warning.
During the setup process, I was offered to install a browser extension. I installed it on my Chrome browser, and when I typed in my master password to open the extension, Enpass opened a new window with an authentication code. Once I typed in the authentication code, the browser extension was fully set up. I could easily access my passwords, vaults, and the password generator from the extension.
When the desktop app and browser extension were all set up, it was time for me to import some of my passwords. It took me a couple of minutes to locate the import options (open Menu, go to File, click on Import), but once I found them, it was pretty easy to import my passwords into Enpass. Enpass supports importing data from a wide range of password managers, including 1Password, Bitwarden, Keepass, KeepassX, LastPass, mSecure, RoboForm, SafeInCloud, Splash ID, and Sticky Password. You can also import your passwords from Chrome or a pre-formatted CSV file.
Next, I wanted to sync my data across multiple devices — since Enpass is an offline password manager, I had to either sync via my Wi-Fi network or use a third-party cloud service. I tested both methods, and each was pretty simple and took only a couple of minutes. However, while I had no problems syncing my passwords, I think some non-technical users may struggle with it.
Non-technical users may also struggle with secure password sharing and setting up Enpass’s Keyfile — I had to use Enpass’s FAQ to figure out how these features work, and it took me some time to understand how to properly set them up.
Overall, some of Enpass’s features are easy to use… and some aren’t. Installing the password manager, importing passwords, and getting around the vault is simple. However, syncing data across devices, sharing passwords, and setting up the Keyfile isn’t. Enpass isn’t as intuitive as Dashlane or 1Password, but if you don’t mind exploring its settings and reading its knowledge base until you figure out how everything works, then Enpass could be ok for you.
Enpass Mobile App
Enpass’s mobile app is available for both iOS and Android. The apps are easy to install — all you have to do is download the app from the Google Play Store or Apple Store, create an account (or log into an existing one), adjust a couple of settings, and you’re good to go.
Enpass’s mobile app supports biometric logins, meaning you can log into your account using Face or Touch ID — no master password is required! As for the other features, most of them are the same as in the Enpass desktop app. The categories are the same, and you can customize your entries.
During my tests, Enpass’s auto-save and auto-fill options worked well, and setting up the TOTP generator was even easier than on desktop — I only had to scan a QR code!
I also like that Enpass’s mobile app is compatible with Apple Watch as well as Android Watch. I found this feature quite convenient as it let me quickly access logins and credit card information via my Apple Watch. I also think it’s pretty cool that you don’t have to use a master password on a smartwatch — instead, you can just set up a 4-digit access code.
Overall, the Enpass mobile app is more intuitive and easier to use than the desktop version. While it’s not as intuitive as something streamlined like 1Password, all of Enpass’s features are included in the app and they all work well.
Enpass Customer Support
Enpass offers 4 customer support options — a community forum, email support, a knowledge base, and product guides.
Enpass’s support forum is decent, with an engaged community and responsive staff. I found informative responses to my questions just by browsing the forum. However to test their responsiveness, I registered and posted a question. I received an incredibly helpful and comprehensive answer after about 7 hours — highlighting the forum’s effectiveness.
I also emailed a question to Enpass support and received an answer in about 7 hours. This is a decent response time for an email query — though 1Password’s email support team are even quicker and will respond in 2-3 hours.
Enpass’s website also has a very detailed user guide as well as an excellent knowledge base. Both the user guides and knowledge base are very useful for understanding and setting up Enpass’s features.
There’s no live chat like you get with Dashlane or Keeper, but this is a really unusual feature in a password manager, so I wouldn’t expect it anyway.
Overall, I found Enpass’s customer support to be pretty good. I was able to locate all the information I needed in the knowledge base and user guides, and I was pretty happy with the email and forum support too.
Is Enpass worth using in 2023?
Enpass is a decent password manager, but it’s nowhere near as good as the best password managers in 2023. That said, Enpass offers a free desktop version with very few limitations, includes a solid range of features, and has reasonably priced premium plans, including a lifetime subscription that is cheaper than most competitors’ annual plans.
Enpass also provides a decent range of features, including unlimited password storage, unlimited password vaults, a password generator, password sharing, auto-save and auto-fill, breach monitoring, a TOTP generator, and password auditing. I like that I could create as many vaults as I wanted, which made it very easy for me to organize all of my passwords. I also think Enpass’s password generator is pretty good, the auto-save and auto-fill features worked well during my tests, and I appreciate that there’s password auditing and breach monitoring.
On the other hand, the way that Enpass does password sharing is pretty bad — it’s unsecured, unintuitive, and it can seriously compromise your accounts. Enpass doesn’t have traditional two-factor authentication (2FA), but instead lets users generate a Keyfile as a second form of verification. This solution is far from ideal — setting up the Keyfile is difficult and anyone with access to your computer can access the Keyfile.
Finally, Enpass is a fully offline password manager, which means that you need to use a third-party cloud service provider or your home Wi-Fi network to sync your data across all devices. While offline password managers are very secure, having to subscribe to cloud services or sync via Wi-Fi to access all of your data on all of your devices is a hassle.
If you’re looking for a feature-rich and easy-to-use password manager, I think 1Password, Dashlane, and LastPass are much better options. However, if you just want a basic, cost-effective password manager and are ok with navigating complicated settings, Enpass is fine. Plus, Enpass’s desktop version is free, and there’s also a free mobile version (although limited), so you can try it out risk-free and see if it’s right for you.
Frequently Asked Questions
Does Enpass have a free version?
Yes. Enpass has a really good free desktop version — users get access to every feature except the breach monitoring and the 2FA account identification.
Enpass also has a free mobile version that allows you to store up to 25 passwords — but that’s not really enough for most users. If you’re looking for a free password manager for your phone, LastPass is a better option, as it comes with unlimited password storage on unlimited devices (but you have to choose between desktop and mobile devices).
Can I recover my Enpass account?
No. You can’t recover your Enpass account if you lose either your master password or your Keyfile — which is used as a second factor of verification, although it’s not as secure or intuitive as regular two-factor authentication (2FA).
If you lose your master password or your Keyfile, you need to reset your Enpass account, and then all of your data will be lost. If you’re looking for a password manager with multiple recovery options, LastPass is a good choice.
Can I share passwords from my Enpass database with other people?
Yes. Enpass allows unlimited sharing of individual items or vaults. However, when sharing passwords through Enpass, you need to make sure the right settings are turned on, as secure sharing options are turned off by default. And if you want to share a vault, you need to have access to cloud services and share your cloud service login and vault password with the person you’re sharing the vault with.
If you want to share a vault, you need to have access to cloud services and share your cloud service login and vault password with the person you’re sharing the vault with.
To be honest, I think Enpass’s sharing features are really bad. The best password managers in 2023 all have better, more secure password sharing features than Enpass.
Does Enpass work on smartwatches?
Yes. Enpass can be used on both the Apple Watch and Android Watch. Enpass pairs with your smartwatch via bluetooth, so you can access your data — like credit card PINs, passwords, and more — without having to reach for your phone. The smartwatch app also has built-in security features to protect data if your smartwatch is lost or stolen.
Not many password managers offer smartwatch compatibility, so it’s great that Enpass has options for both iOS and Android users — even with its free version of the mobile app.