Why does Enpass connect to the Internet when used completely offline?

If all your vaults are stored locally and offline, there are still a few features of the Enpass app that require network activity:

• Password Audit: The Enpass app anonymously connects to an Enpass server to retrieve updates on compromised-password lists, website breaches, and 2FA-supported websites, for use in the app’s password-audit features.
• License Validation: Every 24 hours, the Enpass app connects with an Enpass server to validate your subscription or license. This validation includes the use of non-sensitive technical data (like device and software specifications) and current subscription or license details.
• Checking for Alerts: The Enpass app anonymously connects with an Enpass server regularly in order to provide users with alerts when security breaches and exploits are exposed. This process uses a GET query that sends version number and OS name. On Android devices, the query fetches the association of domain-name definitions with their Android app package name. This process helps improve the Autofill experience.

Why does Enpass recommend turning on “Check for Alerts” in Settings?

Enpass does not retain any user data (except for newsletter subscribers and those who opt-in to the beta program), but by activating Settings > Advanced > Check for Alerts, you can receive in-app alerts when dangerous security breaches or exploits are exposed. This is the only method by which Enpass can provide these additional security benefits.