Encryptr

Is it for you? Encryptr isn't for everyone, but it might be for you if...

• You're looking for something simple and very easy to use.
• You want something that is free (as in beer).
• You value the importance/security of open-source software.
• You would like your passwords to synchronize easily between computers.
• You don't require a browser plugin to autofill login/password fields on websites.
• You would like something that looks & feels the same on Windows, Mac, Linux, Android and iOS
• You don't mind not having 2-factor authentication as an extra level of protection.

Not computer savvy? Here's a quick intro:

You need a password manager. Everyone does. That's because the absolutely worst thing to do for your online security is to use the same password on multiple websites/accounts/services. Also, your passwords should be as complex as possible, and that can be hard to remember. Password managers solve this by generating long complex passwords and remembering them for you. All you have to do is make sure you change your various accounts to use those passwords and that you memorize one password (the "master password": the only long complex thing you have to remember) to let you into your password manager. The password manager will store you passwords in an encrypted format (any number of them you need), so anyone who doesn't have that master password won't be able to get into your stuff. Some password managers - including Encryptr - also synchronize your passwords (don't worry: in encrypted, unreadable form) between computers. So if you use Encryptr on a new computer, just install it, enter your master password and off you go.

The thing about chosing a master password will apply whichever password manager you opt for, Encryptr or not. So, if you're a beginner at all this, and since that master password is going to be so important to keep all the other passwords safe, please read some good advice about how to make a strong password. One of the best articles online about this is by the security expert Bruce Schneier: Choosing Secure Passwords

Encryptr vs other password managers

In brief:

• Encryptr is very user friendly compared to the other password managers, like LastPass, Dashlane and Keepass. It's one of the best choices for people who don't feel very comfortable with using computers.
• It lacks several features the other password managers have, like password audits, browser plugins (autofill) and 2-factor authentication. That's not a crticism because Encryptr aims to remain simple, and that's fine.
• Encryptr doesn't require ANY personal information from you. Not even an email address.
• Encryptr is not a service that will email you with updates about the latest security concerns/leaks.
• Like Keepass, it is open source, which means that the code that went into making it can be inspected, so it's more likely to be secure; mistakes in the code are more easily found than with closed-source password managers.
• Like LastPass and Dashlane, Encryptr will synchronize your passwords between computers. It does this by sending them in the encrypted form to a central server. If hackers break into that server, it won't matter because the encrypted data is no good to them (as long as you chose a good master password).
• Unlike some other password managers, Encryptr works on all major platforms natively: Windows, Mac, Linux, Android and iOS. That's rare and should be applauded. For example, Lastpass works on Linux, but only via the browser plugin system. Dashlane on Linux? Forget it. Keepass on Mac? Tedious to get it to work, and even then, it's not nice. Encryptr works on everything. Very nice.

Criticisms

Criticism 1: To use passwords from Encryptr you have to copy them to your computer's clipboard. (You can do this by double clicking the password field, even when the password is blurred out.) That's very nice. But unlike more sophisticated password managers, Encryptr doesn't clear your clipboard after a few seconds. (E.g. in Lastpass and Keepass you can choose how long that password is in your clipboard, ie how long you can still paste it into something.) Encryptr doesn't wipe the clipboard so your password for a site can hang around in the computer's memory until you switch off your computer or copy something else. That's not the best security practice.

Criticism 2: Encryptr is developed actively, but seemingly very slowly.

Criticism: 3: No options exist in Encryptr to add 2FA (2-factor authentication). This is something that I hope is included in the future. If you don't know: 2FA is simply a second method of making sure you are who you say you are. The most common way of doing this is to send a code to your phone so the login is from someone who both has the correct phone and the correct password. (That would stop anyone even if they had your password.) There are other 2FA methods.

[Edited by JohnFastman, March 03]

[Edited by JohnFastman, March 03]