In principle you should be skeptic with all password managers, especially if they are not open-source.
This is why we created Enceeper. We wanted an open-source client (the Enceeper App) that will encrypt everything (using end-to-end encryption) prior to sending any information over the network (the Enceeper Service). You can verify yourself what we claim and be assured that others have done this for you (the community that uses Enceeper). The source code of the client (and it’s dependencies) is hosted on GitHub and is available for anyone to review.
The Enceeper Service does not hold plain text versions of your passwords. Everything is encrypted locally on your device using end-to-end encryption before being transmitted. On top of that we utilize HTTPS as an additional layer of security and privacy. Even your master password never leaves your device. It is used as a means to verify that you know the master password without revealing it to the Enceeper Service (proof-of-knowledge).
The master password is used to both authenticate you to the Enceeper Service (proof-of-knowledge) and also decrypt the passwords stored into your account. In fact the master password should be a passphrase in order to provide adequate security and also be memorable. This passphrase, along with your email, are the only things you need to remember in order to never lose access to your account and its contents.
The only thing we can do is help you backup your data (in case you remember your master password in the future) and delete your account in order for you to create a new one. This is an important requirement to protect you and your data (no backdoors).
Well yes and no.
All information is encrypted locally in your device using end-to-end encryption before being transmitted, so you must make sure that the environment your operate the Enceeper App is safe.
The information the Enceeper Service holds is limited to various metadata that are required (absolutely necessary) in order to provide the targeted functionality. On top of that we will never share or sell you data with anyone.
If we assume that the environment you operate the application is secure, then yes your encrypted data is secured and the non-encrypted data (like your email) that do not contain any of your secrets are safeguarded by us.
Enceeper takes security very seriously when it comes to handling your sensitive data: your master password and your passwords.
Your passwords are never sent to the Enceeper Service without being encrypted locally with end-to-end encryption (AES256).
Since the master password you choose at registration time is used during the encryption process above (although indirectly), it is vital that it is never sent or stored on the server in an easily crackable form. To help with this goal, Enceeper uses the Secure Remote Passwords (SRP6a) encrypted key exchange protocol.
SRP is an interactive protocol which allows a server to confirm that some client knows a password (proof-of-knowledge), and to derive a strong shared session key, without revealing what the password is to an eavesdropper. In addition, the server does not hold the actual password: instead it stores a “verifier” created by the client. If the server’s private data is revealed (by a server compromise), the verifier cannot be used directly to impersonate the client.
Now you should have a basic understanding of how Enceeper uses industry-leading best practices to keep your data safe, and allow you to focus on what matters most.
At Enceeper we understand how cryptography works, this is why we do not try to write our own crypto. On the contrary we utilize cryptographic primitives from popular and reputable crypto libraries that are written and maintained by experts. All information is encrypted using the SJCL and TweetNaCl cryptographic libraries.
The following algorithms are used to secure your account and encrypt the information we store in order to provide the required functionality:
All of the above algorithms are considered unbreakable with proper implementation (this is our part) and a strong master password (this is up to you - the master password is used to derive the encryption key).
The Enceeper App performs all cryptography related calculations on your local device, before being send to the Enceeper Service. The Enceeper Service is only storing encrypted representations of your data, so it is not possible by our team or anyone else to reverse this process and view your unencrypted information.
Your data are automatically synced to our infrastructure and there is no need for you to backup anything. If you want to access your account from another device, simply install the Enceeper App and login. The application with fetch a fresh copy of your encrypted information from our cloud servers.
If you are having network problems or our infrastructure is facing a downtime you can use the Enceeper App in offline mode. The application automatically stores your data locally to your device in encrypted form, in order to facilitate the offline functionality.
We at Enceeper take information security very seriously. We carefully audit our source code, the way we release software and how we manage our infrastructure.
However, if the Enceeper Service becomes a target and your data is accessed by an unauthorized third part, your information is still protected. This is because the Enceeper App is using end-to-end encryption and utilizes state of the art cryptographic primitives (algorithms, shcemes, hash functions, protocols etc). As long as your master password is strong enough, your data is safe from any illegitimate access.
All information associated with your passwords (and relevant metadata) is protected using end-to-end encryption. Also the registration and authentication procedures are utilizing protocols to perform a proof-of-knowledge (the fact that you know the password), so your master password never leaves your device.
But certain information in Enceeper cannot be encrypted. This includes:
In order to be certain about the authenticity and integrity of the files contained in each Enceeper release, you will need to verify them. This guarantees that the file you just downloaded was originally created by Enceeper and the contents haven’t been tampered with (intentionally or by accident).
We use SHA512 to create checksums of the files included in each release and GPG for signing the file that contains the checksums. In order to verify your download you will need take the following steps:
To achieve the above goals you must execute the following commands:
# Get the Enceeper distribution public key gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0x4B1D74E2734E9F87E4BCC00E1F3B5E7E40ECDEE1 # Verify the signature using the above key gpg --verify SHA512SUMS.gpg SHA512SUMS # Only print valid checksums sha512sum -c SHA512SUMS 2>&1 | grep OK
If you do not see the file you are about to use in the output of the last command (with an OK suffix), then you must not trust the files you just downloaded. Remove them and get a fresh copy from a known good source.
A detailed tutorial (with minor differences) is available on how to verify your Ubuntu downloads.
Slots are ways to access your passwords, so for each one of your passwords there is one or more slots associated with it. The first slot is automatically created and is used by your account to access your password. Each time you request another way to access a specific password an additional slot is created (when you manually add a slot or when sharing a password). Removing those slots will revoke access to this password, but keep in mind that if the other party has cached the password you will need to destroy this password and create a new one (with a new value).
While technically feasible (and easy to implement), this would be a weak point in our security approach. An attacker could target our servers and inject malicious code to the online version of the Enceeper App, in order to steal your master password. This is totally different from targeting our development machines and our build process, in order to inject malicious code inside the binaries. This is why we decided not to provide a web accessible version of our App.