Jump to content


Popular Content

Showing content with the highest reputation since 01/22/2019 in all areas

  1. 4 points
    Unfortunately the new enpass version brings multiple annoyances, reduced efficiency, and a complete disregard to GUI design rules. The interface is counter intuitive and counter productive. There is no consistency throughout the experience, and my actual work process became much slower, either trying to find the required functionality, or waiting for enpass to perform its tasks. To open the enpass windows app, you have to click on the taskbar icon, click the 3 lines menu, and select open enpass. In the previous version it was a simple double-click on the taskbar icon. When searching for credentials in the enpass windows app, there's a delay of at least 4 seconds before the enpass application responds to any input. After a computer restart I have to wait for at least 10 seconds for the chrome plugin, while it searches for the windows application. In the previous version it was an instant password prompt. There are multiple other minor annoyances which when put together, significantly affect my efficiency when looking for passwords. And even though I paid for the iOS app, today I started searching for a new password manager software. It's a shame really because enpass was amazingly good before this "upgrade". Approving this "upgrade" for public release was not a very good decision. Please take this as constructive feedback, since I'm a fan of enpass and I would love it to succeed. This new version though was a bad decision.
  2. 3 points
    I talked with a colleague about password managers and he suggested 1Password. On the website of 1Password I saw on the "Tour" site (https://1password.com/tour/) some features of 1Password. One feature is very interesting and increasing the security: They show which sites in your vault support TOTP but the user has not set up TOTP. Here is a screenshot from the 1Password site: Suggestion In Enpass add the entry "Missing TOTP" in the section "Password Audit". Here you should show all password entries, where TOTP is possible but not set up by the user. Here is a list of services that support TOTP: https://twofactorauth.org/ We had a Doxxing scandal in Germany where a young guy published many private information stolen from accounts of German politicians and German celebrities. This guy was able to steal the data because the accounts used very weak passwords (like 123456) and were not secured with TOTP. So this feature increases the security a lot!
  3. 3 points
    Hello, I think being able to sync multiple vaults with one cloud would be a big benefit! I love the idea of multiple vaults in Enpass, but having to use different clouds is a bit of a pain - I would like to have them all in one place. Could you please add support of multiple vaults for the same cloud? Thanks!
  4. 2 points
    When configuring Enpass to automatically start on login, the Enpass main window is visible. Is there any way to start Enpass just showing the tray icon without showing the main window? I'm using Enpass 6.0.1 on Ubuntu 18.10 with KDE.
  5. 2 points
    Hello, I upgraded to 6.0 today and was really looking forward to the vault feature in the hope that one vault would be shared while the other would not. My setup consists of 3 windows devices and 2 android devices (each with their own PRO licence). I managed to generate the new vault but when I come to tell it to sync to the same google drive location I get an error telling me that this is not possible. In my opinion the name of the first vault was system generated while 2nd vault onward require a name. Can't this name be used to generate a unique file name? Thanks and Regards,
  6. 2 points
    I'm going to repeat myself but please support yubikey feature. IT's pretty simple, yubikco is giving all the API we need to do this: We know that it should be for web app but if you say was the ONLY usecase then -> we wouldn't use it to auth in windows 7 locally -> we wouldn't use it to auth in keepass locally -> we wouldn't use it to auth to QubesOS and decrypt the device LOCALLY Should I continue? Yubikey CAN and SHOULD be used to decrypt encrypted assets in ALLL password manager. We should never pretend to know better since there are always better version of ourselves and in this case it's also true. If theoreticians of security and cryptology use it then we should too. simple as that.
  7. 2 points
    Steam implements TOTP with a different alphabet. The basic algorithm seems to be the same as usual TOTP, but the representation of the token is different. An example implementation can be found here: https://gist.github.com/mooop12/1af7f0ffc8f28ea76f27abcba1e6da01 It would be cool if Enpass added support for these token types (maybe even as part of Enpass 6? :-) ) To not clutter the UI, maybe you could take the road of Bitwarden which uses a URL scheme to support different token types (no schema = default TOTP token, special token however could be steam://xyz123abc456).
  8. 2 points
    There are too many universally experienced bugs for a small support / development team to chase in an organized fashion that will not result in a much degraded product that will be much harder to maintain and upgrade going forward. Many of the bugs create security issues (e.g. the failure of Enpass browser extensions to block access to web login sites until the Enpass master password is entered, then subsequent failure to load the info from the vault for the page with the login controls (UID, password). A number of bugs impact stored data integrity and reliability. E.g., browser extensions seem to "forget" Enpass has been installed and working fine in with a particular "Master Password" in the past, and reports it has not completed set-up, needs a master password to be created, or previous data restored. However, despite selecting auto-backup creation in version 6, no backups get created, and attempts to restore from the local computer lead to a Google login page. (?!?) Further, the database form, format and location used to store the "vault" has changed from v 5 so that the process of "rolling back" will be tedious with many manual actions required by the user while understanding it is highly likely that v5 will not be able to use a v6 vault for its data. Version 6 install / uninstall make a mess of the Windows registry leaving multiple entries with duplicate information that is incorrect. For example, after installing v 6.0.2 the registry contains no entries referencing this version but does have entries referencing the previously installed 6.0.1 (239) referenced as There are multiple keys in HKCR that contain the exact same info. HKCR\.enpass_card should reference one of the subsequent classes in HKCR from its "OpenWithProgids" key, but there are at least EIGHT OTHER Progids in HKCR all for same "@{SinewSoftwareSystems.EnpassPasswordManager_6.1.239.0_x86__fwdy0m65qb6h2?ms-resource:...". Thus the uninstaller needs to be fixed so that it cleans up all the entries it leaves behind when the software is uninstalled since this splattering of multiple keys with duplicate data may be at the source of some worsening issues each time a new v6 install / uninstall / re-install is attempted. Although I haven't attempted it, I believe this shotgun blast of Enpass version 6 registry entries left behind after its uninstall will make a rollback to version 5 problematic especially for Windows users not versed in registry editing and the subtleties of changes in Enpass database form, format and location. For these reasons the Enpass development team needs to withdraw all version 6 releases and provide A FULLY TESTED UTILITY TO COMPLETELY REMOVE TRACES OF VERSION 6 FROM THE REGISTRY / SYSTEM FILE STORES, AND CONVERT THE V 6 DATABASE BACK TO A VERSION 5 COMPATIBLE "WALLET" SO USER CAN THEN SUCCESSFULLY RE-INSTALL AND OPERATE WITH VERSION 5. This will then give the developers and Enpas QC engineers time to re-engineer v6 from top to bottom with REAL unit testing AND REAL THOROUGH in-house use case testing BEFORE releasing to beta testing or the "stable release" channel.
  9. 2 points
    The new UI definitely leaves a lot to be desired. I know the Enpass team worked hard on it, but I think they just started from the wrong philosophy. They've had lots of feedback, and have participated in these forums to varying degrees (I get the impression that Enpass is not the primary paying job for any of them, so that's understandable), so I hope for some improvements over time — but it may be a while since redesigning a redesign is major work. This stinks, but there's a workaround: Settings > General > System-Wide Hotkey could save you a step. (At least, that's where to find this preference on Mac. I think it's in roughly the same place on Windows, but I don't have my Windows machine in front of me right now.) I've already complained a few times about the removal of CMD+E for opening the full window from the mini window. Can't imagine why that hasn't been restored. Doesn't seem like it would be that much work to map that key command, but then I'm not a code guy.
  10. 2 points
    Hello, The Auto-Downloading the Favicon was removed of the final version ? Will it back soon ? Thanks ^^
  11. 2 points
    I can also confirm that. As I said previously: one step forward, two steps back...sadly.
  12. 2 points
    Hello, I have some improvements for the Password Generator in Enpass. Include Symbols Currently you allow to Exclude certain symbols in the password generator. It would be very helpful when I would include certain symbols (like the _ or the #) because some websites don't accept all symbols. When users include symbols then only those symbols should be used. Allow to adjust generated passwords When I generate a password please allow me to adjust it (in the green heading where I see the generated password). This way I can remove a single character from the password and replace it with an other character. But I also can enter a password and check how secure it is. I have some "special" colleagues and family members that use unsafe passwords and this way I can convince them that they should use Enpass. Best regards OLLI
  13. 2 points
    I have 8 vaults but i don't have 8 different cloud accounts. Each vaults has it's own name so I don't see why it is not possible to store in the same folder or to sync with one account. Folder sync would be a very nice feature but it's not working properly. See cases below. Case 1: I use Enpass on a Windows and on a linux machine. If I set the Folder sync on Windows then it's not working on Linux as Linux doesn't have drive letters and has different folder naming. If I change the folder on Linux then that won't work on Windows. Leg shot. Case 2: I create a new vault on my computer and I configure Folder sync. There is no way to open this vault on mobile phone or on tablet because the path doesn't exist on mobile. Top of that the problem in Case 1 come up. Second leg shot. Let me know if I'm doing something wrong!
  14. 2 points
    I don't think this works for common (not custom) cloud services like Google Drive, Dropbox and OneDrive. Or at least, when I've created vaults I've never been asked where I want them stored within my cloud directory structure. If I'm missing something, I'd love to know what it is.
  15. 2 points
    Hello, in Enpass I have created an Identity and also filled many fields. But some fields can not be filled when I select the identity. Suggestion: A very comfortable way would be to right-click in a form field and select "Enpass -> Fill Identity -> " and here a sub-menu with all fields of the identity are shown. So I can for example select “Enpass -> Fill Identity -> Street” and Enpass fills in the street that is stored at the identity. Best regards OLLI
  16. 2 points
    Hey guys, Thanks for your suggestion. I have noted it down and it will be available with the future version of Enpass. Thanks!
  17. 2 points
    v6 enpass Android webdav sync error code 908401. enpass windwos webdav sync error code 908409. I sent a feedback email 7 days ago, I've been waiting too long.
  18. 2 points
    As a former software engineer, technical lead and software architect for major aerospace software systems, I know a thing or two about what happens when proper design, development test and release procedures get short-cutted and this appears to be what happened here. The result is a product which can either go forward with lots of band-aids, bailing wire and spit holding it together (making maintenance a nightmare with limited reliability and success) OR a product that can be withdraw, reworked without the pressure of dealing with multiple daily reports of wide-ranging and serious bugs. I am attempting to be constructive based on my experience with software development in both types of environments - when development followed a sound set procedure through the process from design to release, and when shortcuts were taken to satisfy political, management, or marketing desires. I'm merely asking Sinew Software to withdraw a release that was clearly "not ready for prime time", and redo the effort properly with the technical process, issues and progress dictating release schedules rather than whatever pushed this one out the door before it was finished. Other major software development organizations have done this in the past, and users who see a company ready to admit a mistake then take proper action to fix it generally end up with higher regard and satisfaction with the developer than for those developers who "press on" with a bug-laden product, trying to pretend all is copacetic. In the end, the latter decision hurts the bottom line and ends up defeating whatever management / marketing decision drove the "pre-mature" release. I have downgraded to version 5, turned off auto-update for the extensions in the various browser that allow that, instead of having purchased the prime option on v 6 which was my intention though I did not need the features, but more as a reward for a an application and browser extensions I used and found perfectly met my need. But now, unless they take the proper action to fix ALL the issues in version 6 (withdraw, re-work, re-release being the proper way instead of endless little ad-hoc patches), I will be done with any / all products related to Sinew Software an use one of the password managers built into my internet security suites or available from another vendor at a reasonable price.
  19. 2 points
    Hi @Sivakumar K, Enpass 6 keeps history of every field not just passwords. Right click on a password and choose "History" from context menu. Cheers:)
  20. 2 points
    Hi @Vinod Kumar, Although what you described about sharing vaults with other people totally makes sense, the use case described first by @chribonn and confirmed by @Toby Osborne and @rgsiiiya is quite different! Specifically, it's about syncing several my own vaults using one my own cloud account. To make a dramatic comparison, imagine that you were allowed to have just one google docs document per google drive account. That would be outstandingly inconvenient. But this is exactly what Enpass 6 does! Sharing vaults and having multiple vaults are orthogonal features. I hope you will sort things out at some point. Thank you.
  21. 2 points
    Firstly I love the new look and the new features but like @chribonn I can't use vaults for my use case; from a business perspective, I would like to make a vault for each client; unfortunately, I don't have 30 or so Google accounts to hand. I can understand that the vault name could change and so runs the risk of messing up the sync, perhaps just letting us choose where the file gets stored would work, that way we could just create subdirectories for each vault. Please add multiple vaults to sync with a single account.
  22. 1 point
    I totally agree with your assessment of Enpass 6. I've read about the problems that Enpass 6 users claim to face on these forums and on the Google Play store. However, I don't feel them. The communication with browser extensions such as Edge, Chrome, and Firefox on Windows 10 works much better with version 6 than with previous versions. It is working great on Android.There are those who complain that they had to use the master password again after installing version 6, but they forgot the master password and had saved it to their Enpass. It is unfair to blame Enpass for users forgetting their master password and a master password should not be stored on Enpass since it should be stored on paper. Storing a master password on Enpass is like storing my house keys in my house when I'm outdoors, so I would not be able to open the door to my house.
  23. 1 point
    Thanks for forcing me to update to was once a great desktop app. Now some of the features that were free on the free desktop app have to be paid for...thanks!
  24. 1 point
    Do you work for Enpass ? No one told us either that we need to pay again if we upgrade. If it's a different app as what they are claiming it to be, why offer it as an upgrade? They should have just named it a differently like Enpass 2. I've seen apps in the App Store do this.
  25. 1 point
    I rarely ever comment on these kinds of forums re update problems, but the experience with this update was so piss-poor (and still is) that I decided to do so anyways. I'm not even going to get into the details, but updating to v.6 required me to reset my Windows 10 setup (rollback) ignore frequent "error 400" messages figure out why Enpass didn't connect to my OneDrive account (my backups aren't in any default location) search endlessly for answers in fragmented help/support files/forums (it was pure chance that I found the answers) check if this update was actually legit !!! (I seriously doubted that at some point and thought Enpass must have gotten hacked) ... Several hours later I've got the new version running and - (place drum roll here) - I find out I've got to pay for features I once had. I have yet to (re-)configure/(re-)install the Opera browser extension (what a pain in the neck) and I haven't even looked at the Android version yet. My take? Many, many people who are not somewhat computer-savvy are going to pull their hair out over this one and I suspect that many people will consult outside help to get the update to work. Now, if this were some random app, I wouldn't care, but for hours today, I thought I had - permanently - lost access to the most important information in my possession, bank account , credit card, payment services etc., PASSWORDS! I'm sorry, but what Enpass forced on its customers here (unsuspecting customers at that) is and was an absolute catastrophe! Never again. I'm out ... even if the functionality costs more elsewhere. I've lost all trust (in a few hours) Bye.