Enpass Review: Quick Expert Summary
Enpass is a fully offline password manager that offers a completely free desktop version for Windows, macOS, and Linux users — no limited features, password storage limits, or any other restrictions.
Enpass handles the basics of password management well, and it includes features like:
- Unlimited password storage.
- Unlimited password vaults.
- Password generator.
- Auto-save and auto-fill.
- Password sharing.
- Password auditing.
- TOTP (time-based one-time) code generator.
- Biometric logins (mobiles + supported computers).
It’s great that Enpass users can create as many vaults as they want, which makes it very easy to organize all logins and other data. I also think Enpass’s password generator is good, and the auto-save and auto-fill worked well — although the auto-fill includes a couple of frustratingly unnecessary steps to work. Enpass’s password auditing feature is also decent, but other password managers have much better password analyzing features.
However, Enpass has a few serious downsides. First, a lot of the features are difficult to set up and use (including the Keyfile which is supposed to be an alternative to two-factor authentication). Second, Enpass’s password sharing feature is completely insecure — sharing logins via email is Enpass’s default sharing option! Third, because Enpass is an offline password manager, users need to subscribe to a third-party cloud service to be able to back up and sync passwords across devices.
I think there are many better password managers on the market. But considering that Enpass’s desktop version is free and that the mobile subscriptions are pretty affordable (there’s also a lifetime subscription that’s cheaper than most competitors’ yearly plans), you may want to give it a try.
|Overall Rank||#11 out of 52 password managers|
|Free Plan||Unlimited passwords (desktop); 25 passwords (mobile)|
|Operating Systems||Windows, Android, Mac, iOS, Linux|
Enpass Full Review
Enpass handles basic password management functions well and has some useful features, but it’s complicated to set up and needs third-party services in order to sync passwords across devices, which will be a downside for many users.
In addition to its completely free desktop version that comes without any limits or restrictions, Enpass offers very affordable mobile plans for both individuals and families, as well as a lifetime-purchase option that is undoubtedly a good value.
Enpass Security Features
Enpass uses industry-standard AES 256-bit encryption. This is one of the most secure and advanced encryption methods available, used by governments and banks around the world to protect their data.
Unlike password managers that store user data in the cloud, Enpass is a fully offline password manager. This means that user data is saved locally, on your device, and not on Enpass’s servers. Offline password managers are generally considered very secure because your data never leaves your device, but they have one downside — they don’t back up or sync passwords. Enpass has come up with 2 solutions to this problem. To back up all of your data and sync all of your passwords across your devices, you can:
- Download a portable version of Enpass — access your password vault on any Windows, macOS, or Linux device via a USB stick.
- Use a third-party cloud service provider — some of the supported providers include Dropbox, iCloud, Google Drive, and OneDrive.
While I appreciate that Enpass offers 2 ways for users to back up and sync their data, I think that both of these options may be somewhat confusing for non-technical users. Plus, users may need to pay an additional subscription fee for cloud services. Top competitors like Dashlane or LastPass, automatically sync user data across all devices, and there are also password managers like Sticky Password that let you choose whether you want to store your data locally or on the company’s secure servers.
Unlike the best password managers on the market, Enpass doesn’t offer regular two-factor authentication (2FA). However, Enpass lets users create a “Keyfile”, which is used as a second factor of authentication to log into your Enpass vault. Enpass also offers biometric authentication options for both Windows and Mac devices that support biometrics. Biometric logins are also supported on mobile devices.
Overall, Enpass is pretty secure, but it needs some improvement. I’d like to see Enpass add regular 2FA and integrate its own cloud storage option instead of asking users to choose a third-party option — which would likely confuse many non-technical users. However, for a password manager with a totally free desktop version, I think Enpass is ok.
Enpass’s password vaults securely store your passwords and other sensitive information — including credit card details, bank account information, insurance policies, ID cards, drivers licences, and lots more.
By default, Enpass stores all of your data in a primary vault that is created upon installation. However, Enpass lets users create an unlimited number of vaults — great for organizing and sharing data with other Enpass users.
Creating vaults is pretty simple. All you have to do is click on the vaults logo on the top of the display and select Create New. You can also go to Settings, click on Vaults, and click on the “+” button at the top right corner.
When you create a new vault, you need to set up a password to encrypt the data in the vault (just like a master password). While this does add another layer of security to each password vault, I haven’t seen many competing password managers require users to set new passwords for separate vaults. For example, 1Password allows you to create and share multiple vaults with other users without setting passwords for specific vaults.
Once you’re done setting up your Enpass vaults, you can start adding passwords and other sensitive information to each vault. There is a wide range of categories for organizing user data — including Login, Credit Card, Identity, Note, Password, Finance, License, Travel, Computer, and Miscellaneous. Some of these categories have subcategories as well. For example, when you choose Finance, you can add a bank account, insurance policy, loan/mortgage, mutual fund, stock investment, or other finance info.
When adding a new login, you can choose from a very long list of websites, like Facebook, Twitter, Amazon, Wikipedia, and many others. If the site you’re looking for isn’t on the list, you can add it manually, customizing the entry based on your needs. For example, you can add, remove, or rearrange fields, select different icons, and add tags and notes.
Enpass also lets you create an unlimited number of identities. The default sections include personal information, home address, contact details, work details, work address, social, and additional details, but you can also add as many fields as you like. I think it’s really cool that you can add as much information about yourself as you want, but I prefer RoboForm’s approach — a wide range of pre-made templates in addition to one customizable template.
Overall, creating, accessing, and customizing Enpass vaults is very simple. I think it’s really cool that Enpass gives users complete freedom over how they will organize passwords and other data, and I like that users have to set up passwords for each new vault — although this can be a bit inconvenient for users with plenty of vaults.
Enpass’s Keyfile is an optional feature that can be used as a second factor of authentication when logging into your Enpass account. The Keyfile is a file with an encryption key that you can generate when adding or changing your master password. This file is saved on your computer, and each time you want to log into your Enpass account, you have to type in your master password and open the Keyfile from your computer.
While some users may appreciate the Keyfile, I found it to be too difficult to access and use.
Here’s what I had to do to set up the Keyfile:
- Go to Settings, choose Security, select Change master password.
- Enter the master password, click on Continue.
- Click Advanced at the bottom of the screen.
- Click Generate Keyfile, and then save the file on my PC.
- Enter the master password in the Enter new password and Confirm new password fields (I don’t understand why this step is necessary — I didn’t change my master password!)
- Click Done.
It’s important to keep in mind that you won’t be able to log into your Enpass account if you lose your master password or Keyfile. Unlike some password managers like LastPass which have multiple recovery options, Enpass doesn’t provide a way to recover your data. Instead, you’d need to reset your Enpass account — which means the loss of all your data.
Overall, I don’t think that Enpass’s Keyfile is a good enough alternative to 2FA. Because users choose where to save the Keyfile on their computer, it can easily get lost or stolen (anyone with access to your computer also has access to the Keyfile). Plus, the Keyfile isn’t as easy to set up and use as regular 2FA — I’m not sure that most users will understand what the Keyfile is or know how to access its settings.
2021’s best password managers all offer several 2FA options, so I’d really like to see Enpass include 2FA in its offering. That said, Enpass’s Keyfile does function as a second factor — I just don’t think this solution can compete with traditional 2FA in terms of security, convenience, or ease of use.
Enpass lets users share both individual entries and vaults — even on the free plan! This is great, as most password managers restrict sharing in their free versions, hoping that the users will pay for an upgrade.
However, I can’t say I’m happy with the way Enpass handles password sharing. When I wanted to share an item with a colleague, I was shocked to learn that Enpass’s default sharing settings are completely unsecured.
As soon as I selected an item to share, Enpass warned me against using unsecured sharing, but the message I got was wordy and confusing:
As the message suggested, I went to Advanced Settings and found out that Pre-Shared Keys (PSK) are passwords that you can either create or generate using Enpass’s password generator (the default option is to generate easily pronounceable passphrases). I needed to create one for every person I wanted to share passwords with. Then, I had to share the Pre-Shared Key with them so they could use it for accessing the data I shared with them.
Once I set up my Pre-Shared Keys, I went back to complete my password sharing test — and was astonished to see that Enpass has secure password sharing OFF by default!
To enable secure password sharing, I had to select Encrypt with PSK. By then, I was able to figure out that “PSK” meant “Pre-Shared Key” — but Enpass really shouldn’t make users guess what each setting means!
Before encrypting the passwords I wanted to share with a Pre-Shared Key, I wanted to see what unsecure sharing looked like. So, using the default (unsecured) sharing option, Enpass gave me the option to share the password via email or copy it to the clipboard. I picked the email option, and the program automatically generated the message shown in the screenshot below:
After I went back and encrypted my password with PSK, sharing via email was a little more secure — it didn’t contain any sensitive information!
If you want to share a vault with someone, you can do it via your cloud service. However, keep in mind that you need to give the other user the login details of the cloud service as well as the password vault. Also, because vault sharing isn’t done through Enpass, there’s no way to actually set up permissions — the person you’re sharing the vault with can do whatever they want with the passwords!
Honestly, I think Enpass’s sharing feature is pretty bad. There’s not one thing I like about the way Enpass shares user passwords — generating Pre-Shared Keys for each person you want to share a password with (and then sending them the key!), having to change the default sharing settings from unsecured to secure, sending sensitive information via email, and even sharing cloud service logins for vault sharing!
If you’re looking to share passwords with other users, there are tons of better options than Enpass. I recommend Dashlane or LastPass, but most competitors also have decent sharing options — definitely better than Enpass! On the other hand, if you don’t need to share passwords with others and never plan on using Enpass’s password sharing feature, Enpass may not be that bad for you.
Auto-fill & Auto-save
To auto-fill and auto-save passwords, users need to install Enpass’s browser extension — which is available for Chrome, Firefox, Safari, Edge, Opera, and Vivaldi.
The Enpass browser extension is pretty minimalistic, showing user logins, favorites, credit cards, and identities. There’s also a password generator and a search bar for quickly finding the logins you need.
However, when you do find a login for a specific site, you have to click on the login, then click on the information icon, and then finally click on the website. With competing password managers like LastPass, you only have to click on the login once to open the associated site.
Enpass also doesn’t automatically input logins or passwords (which most password managers do) into appropriate fields. Instead, you have to open the browser extension and double-click on a login for a site you’re on.
Similarly, to use Enpass’s password generator, you have to go to the extension and click on the generator’s icon to open it. However, after you fill in your new account details, Enpass will automatically prompt you to save them — at last, something that can be done with just one click!
Overall, Enpass’s auto-fill and auto-save features worked well during my tests, but I felt that the extension required too many unnecessary clicks to generate new passwords and fill in login fields. This isn’t a big deal, but I do prefer password managers whose auto-fill feature is really automatic, like 1Password and Keeper. That said, Enpass does auto-save passwords, and its auto-fill feature is pretty decent once you get used to opening the extension every time you want to log into a site.
Password Audit & Password Generator
Enpass’s Password Audit includes basic password security monitoring tools that show weak, duplicate, and compromised passwords. During my tests, I deliberately created a couple of weak and identical passwords, and Enpass identified all of them. Next, I scanned my passwords against the Have I Been Pwned database (a website that checks whether emails or passwords have been compromised in a data breach), and Enpass found 1 compromised password.
Enpass’s security monitoring features are basic — especially when you compare them to 1Password’s Watchtower or LastPass’s Security Challenge. But it is great to see that Enpass includes some security tools with its free desktop version, as not all password managers offer password auditing — even with their paid versions.
After I audited all of my passwords, it was time to change them using Enpass’s password generator. I could choose whether I wanted to generate pronounceable passwords (passphrases) or passwords that included symbols in addition to letters and numbers. Pronounceable passwords can contain up to 15 words, whereas passwords that aren’t easily pronounceable can contain 4-100 characters. Users who additionally want to customize their passwords can choose to separate passphrases with underscores, spaces, periods, hyphens, hashes, dollars, or commas. For passwords that aren’t pronounceable, users can choose to include or exclude certain characters.
As for Enpass’s password generator, I think it’s really good. It’s user-friendly, has a lot of customization options (including creating passphrases up to 15 words long), and it makes it simple to generate strong and random passwords.
Enpass’s TOTP (time-based one-time passwords) generator is a two-factor authentication (2FA) code generator that can be used for specific logins (instead of applications such as Authy or Google Authenticator).
The TOTP generator stores and generates 2FA codes that expire every 30 seconds for websites that support 2FA.
Setting up the TOTP generator is easy both on the desktop and mobile apps. On desktop, all you have to do is add a one-time password to an entry (login entries have this field by default, but you can add custom fields to other entries). On mobile, users simply need to scan a QR code.
Once set up, the TOTP generator worked fine on both my desktop and smartphone, although I found it a bit easier to use on mobile. I also like that I could see the TOTP for my logins in my Apple Watch.
The TOTP generator is much simpler to understand and use than many other Enpass features. I like how easy it is to set up and access the TOTP generator, especially on mobile devices. Overall, the TOTP generator is a pretty cool extra that most users will appreciate.
Enpass Plans and Pricing
Enpass offers a completely free desktop version, a limited free version for mobile, and 3 subscription options for mobile. Unlike most password managers which limit the functionality of their free plans, Enpass provides desktop users with unlimited access to all of its features — no restrictions whatsoever!
Mobile users can also use Enpass for free — but they can only store up to 25 passwords, which isn’t enough for most users.
For its paid mobile plans, Enpass offers both subscription and one-off payment options.
Here’s what you get with every Enpass plan.
Enpass Free Desktop Version — Unlimited Local Password Storage
Enpass’s free desktop version is supported on Windows, Mac, and Linux, and it includes:
- Unlimited password storage.
- Unlimited vaults.
- Password & data sharing.
- Password generator.
- Auto-fill & auto-save (browser extension).
- Third-party cloud service connectivity.
- Password security audit.
- TOTP generator.
While you can use Enpass’s free version across all of your computers, you’ll need to integrate a third-party cloud service provider of your choice if you want to sync your data between devices.
I think it’s really cool that Enpass gives free users access to all of its features. However, Enpass is a pretty basic password manager, and there are better free products on the market, including LastPass’s free plan which includes basic 2FA. On the other hand, even LastPass has limitations on its free plan (for example, you can only share passwords with 1 other user), and Enpass lets you use all of its features without any restrictions.
Enpass Free Mobile Plan — Limited Password Storage
Enpass’s free mobile app plan is pretty limited.
- 25 password storage limit.
- 1 secure vault for your data.
- Password generator.
- Biometric login.
- Smartwatch compatibility.
- Password sharing.
- Password auditing.
- TOTP generator.
25 passwords isn’t nearly enough for most users (even Dashlane gives you 50) — if you want a free password manager with unlimited storage on mobile, LastPass is a good alternative. However, Enpass’s free plan is good if you just want to try out Enpass on your phone before you subscribe.
Enpass Subscription for Mobile — Unlimited Storage and Devices
This plan is offered as a half-yearly, annual, or lifetime subscription, and it includes:
- Unlimited password storage.
- Unlimited devices.
- Unlimited vaults for your data.
- Biometric logins.
- Smartwatch compatibility.
- Password generator.
- Password sharing.
- Password auditing & website breaches.
- Identification of 2FA-supported sites.
- TOTP generator.
While the half-yearly and annual plans are reasonably priced, the lifetime subscription is the best value plan — it’s the same price as most competitors’ yearly plans. There’s also a family plan which is the same as the individual plan, but it adds up to 6 users.
Enpass Ease of Use and Setup
Installing Enpass is pretty simple — downloading and setting up the password manager doesn’t take more than a couple of minutes.
After I installed Enpass, I had to create a new account and set up a master password. I chose a somewhat weak master password, and Enpass warned me that the password I typed in wasn’t strong enough. However, I was surprised that Enpass still accepted the weak password despite the warning.
During the setup process, I was also offered to install a browser extension. I installed it on my Chrome browser, and when I typed in my master password to open the extension, Enpass opened a new window with an authentication code.
Once I typed in the authentication code, the browser extension was fully set up. I could easily access my passwords, vaults, and the password generator from the extension.
The browser extension is very intuitive — it’s much more user-friendly than the desktop version! My only complaint is that users need to perform several (unnecessary) steps to auto-fill login details. Other than that, I think the browser extension is pretty good.
When the desktop app and browser extension were all set up, it was time for me to import some of my passwords. It took me a couple of minutes to locate the import options (open Menu, go to File, click on Import), but once I found them, it was pretty easy to import my passwords into Enpass.
Enpass supports importing data from a wide range of password managers, including 1Password, Bitwarden, Dashlane, Keepass, KeepassX, Keep, LastPass, mSecure, RoboForm, SafeinCloud, Splash ID, Sticky Password, and True Key. You can also import your passwords from Chrome or a pre-formatted CSV file.
Next, I wanted to sync my data across multiple devices — since Enpass is an offline password manager, I had to use a third-party cloud service. I synced my data using OneDrive, which was pretty easy and took only a couple of minutes. However, while I had no problems syncing my passwords, I think some non-technical users may struggle with it.
Non-technical users may also struggle with secure password sharing and setting up Enpass’s Keyfile — I had to use Enpass’s FAQ to figure out how these features work, and it took me some time to understand how to properly set them up.
Overall, some of Enpass’s features are easy to use… and some aren’t. Installing the password manager, importing passwords, and getting around the vault is simple. However, syncing data across devices, sharing passwords, and setting up the Keyfile isn’t. Enpass isn’t as intuitive as Dashlane or 1Password, but if you don’t mind exploring its settings and reading its knowledge base until you figure out how everything works, then Enpass could be ok for you.
Enpass Mobile App
Enpass mobile app is available for both iOS and Android. The apps are easy to install — all you have to do is download the app from the Google Play Store or Apple Store, create an account (or log into an existing one), adjust a couple of settings, and you’re good to go.
Enpass’s mobile app supports biometric logins, meaning you can log into your account using Face or Touch ID — no master password is required!
As for the other features, most of them are the same as in the Enpass desktop app. The categories are the same, you can customize your entries, and there’s a website breach monitoring feature which isn’t included in the desktop version.
During my tests, Enpass’s auto-save and auto-fill options worked well, and setting up the TOTP generator was even easier than on desktop — I only had to scan a QR code!
I also like that Enpass’s mobile app is compatible with Apple Watch as well as Android Watch. I found this feature quite convenient as it let me quickly access logins and credit card information via my Apple Watch. I also think it’s pretty cool that you don’t have to use a master password on a smartwatch — instead, you can just set up a 4-digit access code.
Overall, the Enpass mobile app is more intuitive and easier to use than the desktop version. While it’s not as intuitive as something streamlined like NordPass, all of Enpass’s features are included in the app and they all work well.
Enpass Customer Support
Enpass offers 4 customer support options — including a community forum, email support, a knowledge base, and product guides.
Enpass’s support forum is pretty good. The community is pretty active, and Enpass’s staff is quick to answer user questions and concerns. Although I found answers to some of my questions just browsing the forum, I also wanted to see how long it would take for someone to answer my question. So I registered on the forum, posted a question, and received a very helpful and detailed answer in about 7 hours.
I also emailed a question to Enpass support and also received an answer in about 7 hours.
Enpass’s website also has a very detailed user guide as well as an excellent knowledge base. Both the user guides and knowledge base are very useful for understanding and setting up Enpass’s features.
Overall, I found Enpass customer support pretty good. I was able to locate all the information I needed in the knowledge base and user guides, and I was pretty happy with the email and forum support.
Is Enpass worth using in 2021?
Enpass is a decent password manager, but it’s nowhere near as good as the best password managers in 2021. That said, Enpass offers a free desktop version without any limitations, includes a solid range of features, and has reasonably priced mobile plans, including a lifetime subscription that is cheaper than most competitors’ annual plans.
Enpass also provides unlimited password storage, unlimited password vaults, a password generator, password sharing, auto-save and auto-fill, a TOTP generator, and password auditing. I like that I could create as many vaults as I wanted, which made it very easy for me to organize all of my passwords. I also think Enpass’s password generator is pretty good, the auto-save and auto-fill features worked well during my tests, and I appreciate that there’s password auditing — although it’s pretty basic.
On the other hand, the way that Enpass does password sharing is pretty bad — it’s unsecured, unintuitive, and it can seriously compromise your accounts. Enpass doesn’t have traditional two-factor authentication (2FA), but instead lets users generate a Keyfile as a second form of verification. This solution is far from ideal — setting up the Keyfile is difficult and anyone with access to your computer can access the Keyfile. Finally, Enpass is a fully offline password manager, which means that you need to use a third-party cloud service provider to sync your data across all devices. While offline password managers are very secure, having to subscribe to cloud services just to be able to access all of your data on all of your devices is a hassle.
If you’re looking for a feature-rich and easy-to-use password manager, I think Dashlane, 1Password, and LastPass are much better options. However, if you just want a basic, cost-effective password manager and are ok with navigating complicated settings, Enpass is fine.
Plus, Enpass’s desktop version is free, and there’s also a free mobile version (although limited), so you can try it out risk-free and see if it’s right for you.
Enpass — Frequently Asked Questions
- Does Enpass have a free version?
- Can I recover my Enpass account?
- Can I share passwords from my Enpass database with other people?
- Does Enpass really work on smartwatches?
Does Enpass have a free version?
Yes. Enpass has a desktop version that is completely free — users get access to all of the features and there are no restrictions whatsoever.
Enpass also has a free mobile version that allows you to store up to 25 passwords — but that’s not really enough for most users. If you’re looking for a free password manager for your phone, LastPass is a better option, as it comes with unlimited password storage.
Can I recover my Enpass account?
No. You can’t recover your Enpass account if you lose either your master password or your Keyfile — which is used as a second factor of verification, although it’s not as secure or intuitive as regular two-factor authentication (2FA).
If you lose your master password or your Keyfile, you need to reset your Enpass account, and then all of your data will be lost.
If you’re looking for a password manager with multiple recovery options, LastPass is a good choice.
Can I share passwords from my Enpass database with other people?
Yes. Enpass allows unlimited sharing of individual items or vaults. However, when sharing passwords through Enpass, you need to make sure the right settings are turned on, as secure sharing options are turned off by default.
If you want to share a vault, you need to have access to cloud services and share your cloud service login and vault password with the person you’re sharing the vault with.
To be honest, I think Enpass’s sharing features are really bad. The best password managers in 2021 all have better, more secure password sharing features than Enpass.
Does Enpass work on smartwatches?
Yes. Enpass can be used on both the Apple Watch and Android Watch. Enpass pairs with your smartwatch via bluetooth, so you can access your data — like credit card PINs, passwords, and more — without having to reach for your phone. The smartwatch app also has built-in security features to protect data if your smartwatch becomes lost or stolen.
Not many password managers offer smartwatch compatibility, so it’s great that Enpass has options for both iOS and Android users — even with its free version of the mobile app.