Enpass

Wow, interesting what other people's reaction to this app is. One reviewer calls it expensive. Well, now, only the mobile apps require payment, and the Pro version is $12. That's considerably less than, for example, 1Password charges, and 1Password is pushing everyone to an annual fee model.

I love that I can store the passwords where I want, and that they're not stored at Enpass. There have been too many database breaches for me to trust a company to keep my data safe.

KeePass, and its variants, are just too difficult to use on a daily basis. I tried it, I really did, but it was way too kludgy. Enpass works almost as seamlessly as 1Password, which is high praise from me. (I purchased 1Password updates for several years before their pressure to use their cloud drove me away.)

Password export is now available in json, csv, and txt formats, so the former complaints about exports should be resolved.

They have not yet released their source, and I understand people for whom that is a problem. However, apart from that largely ideological argument, I find Enpass to be the best contender currently available for Password Management. This is despite 1Password's generally superior UI.

(On the subject of Open Source vs. Closed Source software, unless you can go through the source yourself - not just in terms of ability, but also of time - you have no way to prove that software doesn't do things it says it doesn't do. And, an update could change what you had vetted into something else. At some point, you need to evaluate software on its merits, and decide whom you want to trust, and to what degree.)

[Edited by alternative1234, August 21]

I hadn't even heard about the LostPass vuln until I saw the warning here on Alternativeto.net. Clicked through to the Betanews article and was shocked at what I saw. Someone mentioned Enpass in the comments below, I gave it a spin and ended up deleting my Lastpass account a few days later. It was a pretty simple matter to export all 1000+ plus Lastpass entries I had accumulated over the years and import them into Enpass using .csv file.

Only thing lacking is support on some more esoteric platforms such as Snow Leopard and BSD. I actually prefer it to Lastpass in many ways.

This used to be a great app. It was expensive, but very good. Especially their UWP app on windows. Now though, they are rescinding their UWP app and forcing you to use a sub... and I mean sub standard Windows App. Their new Windows app doesn't scale at all and half of my passwords are now unaccessible due to the poor implementation. To make matters worse, despite having paid a premium for this app a couple of years ago, in order to get some of the features that I used to get with the expensive version I originally bought, it would appear that I have to give the developer more money. This is a classic bait and switch move from a cynical developer. Use anything other than this

you can store the encrypted passwords into any place you think is safe. you're free to copy it to anywhere you like.

Compare to LastPass, the Windows app is one billion times more responsive.

POSITIVES:
I like that my passwords are stored more securely in Google Drive (using additional security).

Cloud security, availability, synchronization.

Cross platform.

Fast

Browser integration.

Portable

The license fee for the mobile pro version is a reasonable cost, IF they keep improving the product.

WISH:
Wish I can simply open the UI by clicking on the tray icon.  But instead I have to right-click tray icon, click Restore, click a down arrow, then click Show Enpass.  Too many nested clicks!

Enpass says it has the following advantages over competitors:

• unlike Lastpass, Dashlane, 1Password, Roboform and Keeper, Enpass doesn't store your encrypted password database on their servers. Therefore they can't be hacked and lose your data (like, e.g. might have alread happened to Lastpass).
• they use SQLCipher, which is open source, as the method for encrypting your data.
• Enpass works on Mac, Linux, Windows, Android and iOS

But there are problems with Enpass:

• because Enpass isn't open source, we don't know what the rest of their code is doing. They say users can verify that Enpass isn't sending sensitive data out by using a packet sniffer, like Wireshark. But that's meaningless because an update tomorrow could change all that and they could capture millions of people's passwords.
• The Enpass people say the reason they haven't open sourced their app is because they want to make a bit of money. This is misleading because plenty of open source applications make money. Ironically, Invision Power Board, the open source software Enpass use to run their own forums proves this: when you buy Invision Power Board, you get the source code. Moreover, quite a few people on their forum have told Enpass that the reason they're not paying is precisely because Enpass isn't open source and they can't have the same level of trust as if it were. These people say they would happily donate/pay if the app was open source. Enpass have no answer to this. They go quiet when all this is pointed out to them (read the discussion here). Not a good sign.
• Enpass uses a unique format for their password database, which isn't compatible with any other software. They make importing your passwords (E.g. from rivals like Lastpass) very easy. But if you want to export it, the options are much less convenient.
• Enpass has no 2-factor authentication options (unlike Lastpass, Dashlane and the others)
• Enpass doesn't support using a keyfile to strengthen the password strength (unlike open source alternatives like Keepass, MacPass, KeepassX, KeepasXC and Keeweb).

Why there is no reason to use Enpass:

You can get better functionality of Enpass in an open source solution, like KeepassXC.

• KeepassXC is open sourced, so you don't have to worry that it's snooping on you - you can inspect the code
• It supports using keyfiles to strengthen your password
• It uses a format for your database that many open source apps can open (it's compatible with Keepass, MacPass, KeepassX and Keeweb). It's also compatible with mobile apps like KeePass2Android and MiniKeePass (iPhone/iPad)
• It has all the advantages of not giving your data to third parties
• KeepassXC works on Mac, Linux and Windows exactly the same way
• It integrates with Firefox and Chrome-related browsers via either the PassIFox or ChromeIPass extensions.

So forget Enpass; you can be more secure and confident and have all the same/better functionality with open source software.

A Quick Guide to Configuring PassIFox with KeepassXC:

Install the PassIFox addon & restart the browser. Open your password database with KeepassXC. On Linux/Windows go to Tools > Settings > Http and check "Enable KeepassXC HTTP protocol". (On Mac it's KeepassXC menu > Preferences > Http for the same option). Go to a website you want to log into (e.g. Protonmail.com). Try to login. You'll get a popup at the top of your Firefox window saying that PassIFox isn't configured. Click to configure it. It will ask for a link to be established between it and KeepassXC. You can call that whatever you want. Once you do this, you can attempt to login again. It will ask you to confirm that the plugin is allowed to get the info from the password manager for the website it detected. You can choose to allow and set it to be remembered. From that point on, it will always be autofilled. Every website you go to that it detects you have a login for it will ask this permission. But once you tell it to remember, it will remember forever. So you only have to give permissions the first time. That's it.