the best password manager

I started looking for a replacement. Initially I found BitWarden which looked compelling as a replacement paid cloud password service. However I was looking for an application I can run locally and then backup on a cloud service of my choice. Turns out, there is really only one – Enpass. It has an excellent, streamlined interface. It runs fast, is well-supported, and encrypts all of its data through the strongest cryptography available.

One of my initial concerns is that Enpass doesn’t support 2-factor-authentication in the normal way, using a Google Authenticator style time-based code. But as I learned more, that actually makes sense because that would require a centralized server and Enpass runs entirely locally. Instead, you can create a keyfile that goes on a flash drive. So logging in requires typing a password in, plus plugging in the flashdrive with the keyfile. Both must be present to unlock Enpass so the keyfile serves as the ‘second factor’.

So what led me to Enpass in the first place? Two years ago LastPass was hacked for the second time and I decided that was the end of my relationship with it. A sophisticated hacker (or group of hackers) targeted LastPass developers at home and stole the master encryption keys. While LastPass claimed that only encrypted passwords were stolen, it eventually admitted that some data was not encrypted.

Related posts