diff --git a/apps/encryption/appinfo/register_command.php b/apps/encryption/appinfo/register_command.php
index 4fdf7ecec3..0f03b63560 100644
--- a/apps/encryption/appinfo/register_command.php
+++ b/apps/encryption/appinfo/register_command.php
@@ -21,10 +21,17 @@
  */
 
 use OCA\Encryption\Command\MigrateKeys;
+use Symfony\Component\Console\Helper\QuestionHelper;
 
 $userManager = OC::$server->getUserManager();
 $view = new \OC\Files\View();
 $config = \OC::$server->getConfig();
+$userSession = \OC::$server->getUserSession();
 $connection = \OC::$server->getDatabaseConnection();
 $logger = \OC::$server->getLogger();
+$questionHelper = new QuestionHelper();
+$crypt = new \OCA\Encryption\Crypto\Crypt($logger, $userSession, $config);
+$util = new \OCA\Encryption\Util($view, $crypt, $logger, $userSession, $config, $userManager);
+
 $application->add(new MigrateKeys($userManager, $view, $connection, $config, $logger));
+$application->add(new \OCA\Encryption\Command\EnableMasterKey($util, $config, $questionHelper));
diff --git a/apps/encryption/command/enablemasterkey.php b/apps/encryption/command/enablemasterkey.php
new file mode 100644
index 0000000000..f49579a3b8
--- /dev/null
+++ b/apps/encryption/command/enablemasterkey.php
@@ -0,0 +1,86 @@
+<?php
+/**
+ * @author Björn Schießle <schiessle@owncloud.com>
+ *
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OCA\Encryption\Command;
+
+
+use OCA\Encryption\Util;
+use OCP\IConfig;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Helper\QuestionHelper;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Question\ConfirmationQuestion;
+
+class EnableMasterKey extends Command {
+
+	/** @var Util */
+	protected $util;
+
+	/** @var IConfig */
+	protected $config;
+
+	/** @var  QuestionHelper */
+	protected $questionHelper;
+
+	/**
+	 * @param Util $util
+	 * @param IConfig $config
+	 * @param QuestionHelper $questionHelper
+	 */
+	public function __construct(Util $util,
+								IConfig $config,
+								QuestionHelper $questionHelper) {
+
+		$this->util = $util;
+		$this->config = $config;
+		$this->questionHelper = $questionHelper;
+		parent::__construct();
+	}
+
+	protected function configure() {
+		$this
+			->setName('encryption:enable-master-key')
+			->setDescription('Enable the master key. Only available for fresh installations with no existing encrypted data! There is also no way to disable it again.');
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+
+		$isAlreadyEnabled = $this->util->isMasterKeyEnabled();
+
+		if($isAlreadyEnabled) {
+			$output->writeln('Master key already enabled');
+		} else {
+			$question = new ConfirmationQuestion(
+				'Warning: Only available for fresh installations with no existing encrypted data! '
+			. 'There is also no way to disable it again. Do you want to continue? (y/n) ', false);
+			if ($this->questionHelper->ask($input, $output, $question)) {
+				$this->config->setAppValue('encryption', 'useMasterKey', '1');
+				$output->writeln('Master key successfully enabled.');
+			} else {
+				$output->writeln('aborted.');
+			}
+		}
+
+	}
+
+}
diff --git a/apps/encryption/tests/command/testenablemasterkey.php b/apps/encryption/tests/command/testenablemasterkey.php
new file mode 100644
index 0000000000..c905329269
--- /dev/null
+++ b/apps/encryption/tests/command/testenablemasterkey.php
@@ -0,0 +1,103 @@
+<?php
+/**
+ * @author Björn Schießle <schiessle@owncloud.com>
+ *
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OCA\Encryption\Tests\Command;
+
+
+use OCA\Encryption\Command\EnableMasterKey;
+use Test\TestCase;
+
+class TestEnableMasterKey extends TestCase {
+
+	/** @var  EnableMasterKey */
+	protected $enableMasterKey;
+
+	/** @var  Util | \PHPUnit_Framework_MockObject_MockObject */
+	protected $util;
+
+	/** @var \OCP\IConfig | \PHPUnit_Framework_MockObject_MockObject  */
+	protected $config;
+
+	/** @var \Symfony\Component\Console\Helper\QuestionHelper | \PHPUnit_Framework_MockObject_MockObject */
+	protected $questionHelper;
+
+	/** @var  \Symfony\Component\Console\Output\OutputInterface | \PHPUnit_Framework_MockObject_MockObject */
+	protected $output;
+
+	/** @var  \Symfony\Component\Console\Input\InputInterface | \PHPUnit_Framework_MockObject_MockObject */
+	protected $input;
+
+	public function setUp() {
+		parent::setUp();
+
+		$this->util = $this->getMockBuilder('OCA\Encryption\Util')
+			->disableOriginalConstructor()->getMock();
+		$this->config = $this->getMockBuilder('OCP\IConfig')
+			->disableOriginalConstructor()->getMock();
+		$this->questionHelper = $this->getMockBuilder('Symfony\Component\Console\Helper\QuestionHelper')
+			->disableOriginalConstructor()->getMock();
+		$this->output = $this->getMockBuilder('Symfony\Component\Console\Output\OutputInterface')
+			->disableOriginalConstructor()->getMock();
+		$this->input = $this->getMockBuilder('Symfony\Component\Console\Input\InputInterface')
+			->disableOriginalConstructor()->getMock();
+
+		$this->enableMasterKey = new EnableMasterKey($this->util, $this->config, $this->questionHelper);
+	}
+
+	/**
+	 * @dataProvider dataTestExecute
+	 *
+	 * @param bool $isAlreadyEnabled
+	 * @param string $answer
+	 */
+	public function testExecute($isAlreadyEnabled, $answer) {
+
+		$this->util->expects($this->once())->method('isMasterKeyEnabled')
+			->willReturn($isAlreadyEnabled);
+
+		if ($isAlreadyEnabled) {
+			$this->output->expects($this->once())->method('writeln')
+				->with('Master key already enabled');
+		} else {
+			if ($answer === 'y') {
+				$this->questionHelper->expects($this->once())->method('ask')->willReturn(true);
+				$this->config->expects($this->once())->method('setAppValue')
+					->with('encryption', 'useMasterKey', '1');
+			} else {
+				$this->questionHelper->expects($this->once())->method('ask')->willReturn(false);
+				$this->config->expects($this->never())->method('setAppValue');
+
+			}
+		}
+
+		$this->invokePrivate($this->enableMasterKey, 'execute', [$this->input, $this->output]);
+	}
+
+	public function dataTestExecute() {
+		return [
+			[true, ''],
+			[false, 'y'],
+			[false, 'n'],
+			[false, '']
+		];
+	}
+}