Security basics

Security basics in Enpass

Enpass provides the strongest possible security for your password vaults. Here is a high-level overview of some Enpass security features.

Master Passwords

In Enpass, the password of your first vault serves as the Master Password for accessing the app. A strong Master Password should include symbols, letters, and numbers, and should avoid using birthdays, names and other common or public information. Your Master Password should be long, but easy to type on both your computer and your phone. If you use Enpass to generate all your account passwords, your Master Password is the only password you’ll ever have memorize.

• Read more about Master Passwords in Enpass

Unlocking with face or fingerprint ID

Enpass can be unlocked using face or fingerprint recognition on devices that support biometric identification like Touch ID or Windows Hello. To enable biometrics in Enpass, go to Settings > Security, and look for Quick Unlock (Mac or Windows), Auto Locking (iOS) or Biometrics (Android).

• Read more about unlocking Enpass using biometrics

Autolock options

Enpass can be set to automatically require a password, PIN or biometrics after certain events or after a certain amount of time has passed. To set Autolock options, go to Settings > Security, and look for Autolock When (Mac or Windows) or Auto Locking (iOS or Android).

• Read more about uutolocking options in Enpass

Clipboard memory

You can choose how long content copied from your Enpass Items stays on your devices clipboard before being automatically cleared. The default setting is 30 seconds. To change this duration, go to Setting > Security, and look for Clipboard (Mac or Windows) or Clear Clipboard After (iOS or Android).

• Read more about Enpass clipboard settings

Password health & breach monitoring

When you launch the Enpass desktop app, or select Audit in the mobile app, the Audit Dashboard displays a summary of your password health, including information about:

• Items with compromised, identical, weak, or expired passwords

• Items at risk because of recent website breaches

• Items that could be upgraded to security using two-factor authentication or passkeys

• Read more about using the Audit Dashboard in Enpass

Multi-factor authentication

With Enpass, you decide where and how your data is secured. This means when you store your data on cloud service like OneDrive, Google Drive or Dropbox, you’ve already created an extra layer of security: Anyone trying to steal your passwords from an Enpass vault would need to:

• Target the user personally (not a centralized server laden with password vaults)

• And know which cloud services you’ve used for your vaults, and get your credentials to login

• And get past each cloud account's multi-factor authentication

• And know your Enpass master password

• Read more about multi-factor authentication of Enpass vaults

Related Topics

• Security & Biometrics

• 2FA & Passkeys

• Vaults & Syncing

• Enpass Security Whitepaper