I shared last year that I had moved from 1Password to Enpass for my password management needs. Enpass worked well, but there were some extra features that would be nice to have, along with UI design improvements. It’s been a long wait, and now finally Enpass 6 has just been released yesterday.
Enpass 6 brings improvements in a few important areas:
- For Windows users, Windows Hello is now supported to quick unlock the Enpass password vault. This relieves you of having to repeatedly type in your master password every time the vault is locked. You’ll still have to provide the master password when you initially open the Enpass app.
- The underlying security model that protects the password vault has been improved. Enpass 6 moves from PBKDF2-HMAC-SHA1 to PBKDF2-HMAC-SHA512 and iterations have been bumped-up to 100K.
- For those paranoid, the security of Enpass 6 has been audited by a third party, VerSprite, from Atlanta, US. This is probably the best thing apart from having the source code to scrutinise ourselves.
- The Enpass app on every platform has a new design, though I won’t say they have complete parity in their look and feel. Everyone’s been crazy about dark themes nowadays, and this has come to the Mac, Windows, Linux, and Android apps. This may be just UI, but a beautiful UI makes using Enpass more enjoyable.
There are several more changes which Sinew Software Systems, the company behind Enpass, has shared in their blog post announcing Enpass 6. I mentioned the above four because they are important improvements to me. Enpass 6 has other new features like multiple-vaults support, password sharing, and more.
As a quick recap, one of the key features that I sought in Enpass is the support of password vault syncing over WebDAV. Enpass doesn’t provide any cloud storage service of their own, but allows you to easily configure syncing over OneDrive, Dropbox, Google Drive, iCloud, and WebDAV. You can also simply tell Enpass to put sync by putting files in a designated folder, and leave it to yourself to keep that folder synced on your own.
WebDAV was the most convenient method for me. I run my own Nextcloud server, and I simply tell Enpass to use a folder in there. In this way, password syncing is not dependent on any other third party service provider.
Enpass’ pricing strategy is very friendly. The new Enpass 6 introduces new premium pricing for their desktop apps which were previously free. As an introductory offer now, it’s just a one-time US$5.99 per platform (Mac and Windows). The Mac and Windows apps remain fully functional if you don’t want to pay. The premium tier only adds extras:
- Unlock using Windows Hello
- Dark theme
- Create your own Categories
- Create your own Templates
The mobile apps are currently selling for US$5.99 per platform as well. The free versions are crippled, unchanged from before, limiting you to just 20 password items for your testing and evaluation.
As 2018 draws to a close and you start thinking about plans for the next year, your new year’s resolutions, etc, I encourage you to consider improving various aspects of your online security posture. If you’re not yet doing it, you should start using really good passwords which are unique to every online account you have. There is no way you can commit all of them to memory, so a good password manager is something you need to have.