Compass is a “Secure Auto-Login & Password Manager,” positioned as a tool for secure automatic login and password management. Its copy explicitly covers login scenarios for websites, Steam, Riot, apps, and more. Users can create a master password, import passwords saved in their browser, and enable one-click login for frequently used websites. The product claims that “passwords are encrypted on your device, and no one can see them, including us,” making it more of a personal password vault and autofill tool.
In terms of protection mechanisms, Compass highlights zero-knowledge encryption, independent keys, one-time keys, verified encryption, and elliptic-curve encryption. It also says a one-time key is created for each login, suggesting a degree of forward-secure design: even if a future key is compromised, past records should remain protected as much as possible. It also supports “sharing without revealing passwords,” meaning users can grant others login access without directly exposing plaintext passwords. As for deployment, the text indicates it can be downloaded and installed on phones, tablets, and computers, and used across devices. However, it does not explain the cloud sync architecture, where data is actually stored, whether self-hosting is available, or the details of end-to-end synchronization.
Pricing information is simple: it is completely free for personal use and can be used after installation. There is no mention of an enterprise plan, family plan, paid premium features, or payment methods. Management features include a master password, browser password import, automatic login configuration, and a help center. However, there is no disclosure of audit logs, abnormal-login alerts, an admin console, group-based permissions, SSO, or directory service integrations. For integrations, the currently confirmed capabilities are automatic login for websites, Steam, Riot, and apps, plus password import from browsers.
Its advantages are that it is easy to get started with, free for personal users, covers common website and game login scenarios, and emphasizes zero-knowledge and on-device encryption. Password sharing without exposing plaintext passwords is also practically useful. The main weakness is the lack of publicly available security evidence: there is no visible third-party audit, compliance certification, company location, data storage location, or service-level information. It is suitable for individual users, users with many gaming accounts, and people who want an alternative to saving passwords in their browser. For enterprises, compliance-sensitive industries, or teams that need centralized control, the available information is currently insufficient, so cautious evaluation is recommended.
The copy does not provide information about access from mainland China, download channels, or payment options, so its availability in China is unknown. If you need more mature alternatives, you may compare Bitwarden, 1Password, Keeper, Dashlane, NordPass, or KeePassXC. For enterprise selection, special attention should also be paid to audit reports, compliance certifications, admin consoles, and local network accessibility.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on compasslock.com official site.
compasslock.com is an Unknown Cybersecurity provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach compasslock.com directly.