Leaderboard

I have found a workaround for this scenario mentioned above. Enpass, youre not going to like this though. The only way to not have the master password opening the secondary vault is to simply delete the secondary vault when not in use then when i need it, resync it. This is THE ONLY way that full security can be achived in enpass because in order to open the secondary vault : 1. i would need to enter the master passrd first 2. Then, enter the cloud storage password to access the DB 3. Then, i would need to unlock the secondary vault with the super strong password So you see, the only way i can use Enpass securely is to not use it at all!!! Come on people, surely you can see the madness in this? mat

Because this adds an single point of failure. If the primary password is leaked, everything is leaked. Because there is information with different kind of security levels, this is essential. An other problem is, that in my company the use of PIN-codes and Biometric authentication like Touch-ID, is against the compliance we ensure customers. Also it is unsure if this is compliant with GDPR (because encryption keys are insufficient secured), which might result in fines up to 10.000.000 EUR (about 11.000.000 USD). It is the same Problem with 1Password. I don't get why this is still a thing. At the moment I am simply using multiple password managers. I hoped to be able to store everything in the same place. This features should not be so difficult to implement! Why is this no problem for everyone?

I can see how unlocking each vault separately might be appealing to some, but while it's technically more secure, practically speaking if you've unlocked Enpass, you've proven you're you, so why not have access to everything? Having said that, I agree it should be a choice.