Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 10/11/2019 in all areas

  1. 2 points
    Hello @Kashish I am currently reading the linked text. I am a little bit shocked because the explanation isn’t right. It is that much easy to collect the favicons. All the data is included in the head of the html output file of a request. For me that explanation in the text doesn’t make sense. - request to www.my-page.com - get the html source - look for the header and collect the favicon meta entries - follow the path/url - got the favicon I did this in the past multiple times. No problem. With the decision providing an own server you always have to pay and maintain an additional thing. You also have the whole traffic. I cannot understand this. Currently, the favicons are not embedded to the Enpass items. I prefer this. Maybe an optional and additional way. I like to see: - edit an entry - in the context menu to the image “fetch favicon” - embed the requested image to the entry I like Enpass and I appreciate the work of the team. Thanks. Regards.
  2. 1 point
    Hello there... I usually don't post comments on forums because most of the time I can find a solution for what I'm searching for. Now, the main reason I'm moving from 1Password to Enpass is because I read somewhere on the forum that WiFi sync will be implemented on the next update. Today I downloaded the Beta just to find out that WiFi sync is not there...! I believe I'm not alone in this quest. Many users like me are very concerned about keeping their data in Cloud servers. Not to mention that I own a Mac and a Windows PC and it would be very easy to synchronize the data between the 2 computers (or more) over WiFi. Don't forget the iOS version of Enpass also. Otherwise, the WiFi feature would be useless... Please, make it happen! We're all counting on you guys.
  3. 1 point
    Pratyush, Thanks So Much. That worked. shep71
  4. 1 point
    From the linked text/explanation: I find the explanation reasonable and the privacy/security-first design sufficient. Insinuating that if Enpass sends an anonymous POST query of an entry domain (for the purpose of requesting an associated favicon) then it naturally follows that Enpass might send entry credential info...is ludicrous.
  5. 1 point
    Hello @Diego, That's a valuable and a new suggestion. However, you can use Enpass browser extension to generate and fill a password for a password form field. Thanks!
  6. 1 point
    I too am unable to do an in-app purchase and get the same error: not supported. Is there a fix for this coming?
  7. 1 point
    Hey @pauloirply, We were able to reproduce this issue at our end and the dev team is now working towards a fix on this. Appreciate your patience. Thanks!
  8. 1 point
    No you can not. You need to have it with you on your smartphone, or installed on your PC at home or in the office.
  9. 1 point
    I really like enpass so much! But there is a fundamental security problem with the biometric unlock. face-id and fingerprint are not safe. you can hold someone's device in front of his face. or you press his finger on the device. We also leave fingerprints everywhere. They are even stored in many ID cards. this is a fundamental problem to unlock smartphones in this way and not a probem of enpass itself. but enpass should be more secure. its a pitty, that you need only seconds to overcoming the biometric unlock and all passwords are open! Enpass could become much safer with two very simple changes: 1. PIN & Biometric unlock at the same time. Please change the Enpass app so that the PIN and the biometric unlock are possible at the same time. Then a very short PIN could provide much more security. I would use a three-digit PIN and set the number of failed attempts to 1. After a single wrong entry, the master password must be entered. An attacker who overcomes the biometric unlock would thus only have a 1: 1000 chance. At the same time, the use of enpass remains very comfortable. 2. We urgently need a time-out for the biometric unlock. As in the desktop version, after a certain time (1 day) or when the device was restarted, the master password should always be queried. So it does 1Password - why not Enpass? It prevents attackers, who has captured the device from having all the time in the world to overcome the biometric unlock. Please implement this very simple features. You can set it by default to „only biometric unlock“ (without a pin at the same time) and set the biometric unlock timeout to „never“. So there will be no less comfort for people, that dont need higher security. kind regards Fabian
  10. 1 point
    Hi, Thanks for using Enpass and writing to us. We have noted down your valuable suggestion and forwarded it to the concerned team for further consideration. Thanks!
  11. 1 point
    Thanks for the update! Highly appreciated.
  12. 1 point
    Hey @Dougga, Sorry for the trouble you're going through. Please follow these troubleshooting steps and let me know if the problem persists. Open Enpass --> It will display a welcome screen --> Select Create new --> Create a Password. Now Go to Settings --> Vaults --> Tap on Primary and enable sync with Dropbox. Hope this helps!
  13. 1 point
    @Anshu kumar I would like to support the request for more information. While we know how to read the encrypted database at all, there is no proper information how the passwords are encrypted in the database (how to decrypt the "key" field in items, how to access additional vaults, etc.). The security whitepaper does not explain this. Without this information it is impossible to properly check the security of Enpass and come to a judgement. You were above lauded for not trying "security by obscurity" but one might differ considering this. So please give us more information. This would really be appreciated. Thank you!
  14. 1 point
    I am also waiting for the WiFi Sync to finally use Enpass.
  15. 1 point
    Hi all, Enpass is an offline password manager and doesn’t keep any of your information or Enpass data on any cloud/server. Two factor authentication is used in online services where the requested data is transmitted after validating the user through a second factor (generally an OTP on phone or email) and works as an extra protection, which is not at all required in case of offline services as your data is with you only. Lets consider for a moment, any how Enpass implements TOTP support (again, its a consideration), but how that OTP will be verified through server as we don’t have any information. Being offline is not a limitation of Enpass but gives you a peace of mind that your data is with you only. Also Enpass is an encryption software which recognizes your Master Password as the only key to get your data. So just think for a moment, if any one knows your master password why will he go into hassle of OTP stuff as he just need your database from device and open it using your compromised master password.
×
×
  • Create New...