Encryptr: Open source cloud based password manager
Encryptr is based on the Crypton JavaScript framework. The whole idea behind the Crypton concept is to enable developers to store data on the remote server in such way that the server doesn’t know what that data is.
All Crypton-based applications are built solely on the client, so the server is used only as a medium to access the database which stores the data.
Crypton uses end-to-end encryption and provides high-level APIs for managing user accounts, data storage and information sharing. SpiderOak, the company behind Crypton, calls it a “Zero-Knowledge Application Framework”. If you are interested in digging into the technical aspects, I would advise you to check out this paper on Crypton.
The people behind Crypton are very security minded, they’ve commissioned two third party audits in the past couple of years. The results are publicly available.
According to the SpiderOak web site, a third audit is in the pipeline, but it seems that no one is reading press@spideroak.com, so I don’t have more info on this, or whether all the issues discovered in the second audit were patched.
As the whole point of Encryptr is to have fast and secure access to your online safe containing passwords and personal data, it had to be available for all the major operating systems. Currently Encryptr supports Windows, OS X, Linux and Android. Unfortunately, there is no iOS application available, but I was told that it is practically ready to launch in the very near future.
Using the application is a piece of cake, as the majority of the interesting (crypto) stuff is taking place in the background. After typing in the appropriate credentials you are greeted with a basic-looking user interface that shows the private data you’ve added into your account.
By default, Encryptr uses three predefined templates for adding new data – Credit Card, Password and General. The first two contain all the fields that you would expect and General is used for entering other non structured data.
As mentioned, the user interface is very simple, maybe even too austere and there are definitely functionalities that could be added to it. Now, the user can add items, read and delete them, and browse them by scrolling (note: the scroll bar is missing in the OS X version, so you need to scroll with your mouse), or search. While the search is really fast and works flawlessly, it would be nice if you could list just Passwords or Credit Cards, list the items by creation date, or even have some type of revision data.
If you are using any other standalone password manager, you will certainly find Encryptr a bit ascetic. This is a free version of the product and there are plans for a commercial variation, so I presume this one will stay light and all the features will go into the paid version.
If security is very high on your list of priorities, you could maybe disregard the loss of functionality in Encryptr, but in that case, you would probably have an issue with the non-existence of two factor authentication. The developer mentioned to me that 2FA is in the “to do” list, but there is no timeframe on rolling this out.
The software (Encryptr version 1.2.0; Crypton 0.0.4) was tested on Windows 8.1 and on OS X. Encryptr is open source and free to use.