Jump to content
Enpass Discussion Forum

Leaderboard

Popular Content

Showing content with the highest reputation since 05/29/21 in Posts

  1. Hello all, In this forum post, I would like to share an update from our development team regarding Enpass M1 Native Support. As is known, Enpass uses the Qt framework for its UI and is currently running on Qt 5.x. To support M1, Enpass needs to be updated to Qt 6.2, and unfortunately, the actual time required to complete this migration has taken longer than expected. Furthermore, a few modules have been dropped in this major release of Qt, as well as some features are still not working. Hence, there are some pending upstream issues that need to be resolved. Having said that, the updated release timeline for Enpass M1 Native Support is now Q2 of 2022. The Enpass team is always thankful for such loyal and active users. In the meantime, we look forward to your continued support and patience. Thank You.
    10 points
  2. Now that iOS 15 is out, you might want to look into creating an extension for Safari on iOS. It looks like you'll get much better integration and a better password experience that way.
    7 points
  3. Hi @all We were able to reproduce the bug on our end, due to which this issue is occurring. Our dedicated development team is working on a patch right now, which will be released very soon. Enpass appreciates your patience in the meantime.
    6 points
  4. I didn’t see any bugtracker on your site, so hereby a bugreport in the forum as well. When using enpass browser extension in Firefox or Chrome with sites which include iframes and forms the extension gives the following error in browsers console: Error: Promised response from onMessage listener went out of scope 80 background.js:8:59712 The extension then steals focus to the first field of the form, after that it’s impossible to select text on the iframed-webpage, the extension returns the focus directly to the form again. I created a page where I can reproduce this behavior: https://www.db-works.nl/enpass-bugreport/ , please check this site with steps to reproduce. Tested with: Windows 10 Enterprise Version 20H2 (OS build 19042.1165) Firefox 94.0.2 (64-bits) + Enpass extension for firefox version 6.7.0 Chrome Version 96.0.4664.45 (Official Build) (64-bit) + Enpass extension for chrome version 6.7.4 Hopefully you can fix this bug.
    5 points
  5. Enpass became aware of a critical remote code execution log4j vulnerability (CVE-2021-44228 194) on Friday 2021-12-10. We do not use Java in our product stack except Android app (log4j not being used). Hence, Enpass is not affected by this vulnerability.
    5 points
  6. Peter, try this if you’ve given up on accessing the original vault: Unlink your old vault from iCloud or where ever you sync it and move the vault from iCloud (or whatever) Create a new vault, restore the backup to that new vault, set up iCloud synching (or something similar), then delete Enpass from your phone. Reinstall it, register it with your email account and then restore the new vault from where ever you sync it. Unfortunately, on iOS at least, you cannot sync a new vault without knowing the password to the existing one. That’s why you need to remove and reinstall the app so you can get in.
    5 points
  7. Thanks @Ivarson. You are 100% right here. @sxc4567PIN locking is a convenience feature and only restricts app access. It does not close the underlaying SQLCipher database handle and an unencrypted database page may still be there in process memory. However, there is an additional level of encryption for the stored passwords with a per item obfuscation key to prevent direct visibility in memory for this case. Though, an attacker with advanced skills can still find the obfuscation keys and decrypt it. Locking with master password is the safest option for Linux as it will close all underlying resources too. Cheers:)
    4 points
  8. Hi @sxc4567 I can understand the risks associated with this unfortunate situation. We use both mlock (to exclude memory from swap) and madvice (to exclude memory from dumps) for critical memory allocations. Please read this old reply to understand how much of the sensitive data is available in memory as plain text at a given time and how memory sanitization works in Enpass. We are continuously working to improve the security of Enpass and prioritized a memory sanitization review task to specifically handle this situation. Regards,
    4 points
  9. Solved by myself. I managed to set up a new data base via the PC APP. After that, I changed the sync-type from DropBox on my iPad (which only had the trial version up to that point) to the new One drive - just for trial. It than asked me to combine both entries to one and that the new password will be set after sync for the new combination out of both data bases. That worked. So I precoeed the same way with the account on my iPhone and merged it. Now I have to check and possibly sort out double entries if there are any and I am done.
    4 points
  10. I'm using Vivaldi browser on Windows 11. To get my preferred keyboard shortcut "CTRL + E" to work, I had to disable this shortcut in Vivaldi itself because it was used in Vivaldi, too. Also, I had to set the shortcut for "Autofill or show Enpass" to "Global". When set to "Vivaldi" the shortcut doesn't work. I remember that this also was an issue in Bitwarden. Here I also had to set the shortcut to "Global" because it didn't work when set to "Vivaldi". Yes, that's not the perfect solution, but it works so far. Maybe Enpass is able to investigate here to get this fixed.
    4 points
  11. Hi @flyingbirds! Please keep in mind that Enpass is NOT 1Password, and I think they won't be a 1Password-clone. I also came from 1Pasword some weeks ago. Yes, it could be a little confusing if you are used to 1Password. But you will get used to Enpass, too. It takes some time, but that's how it is. I also can't go to Microsoft and say: "Hey, I come from Linux and Windows should work and feel just like Linux." But, never say never... Maybe Enpass developers are loving 1Password and want to come close to the 1Password-feeling.
    4 points
  12. Issue solved! I solved the issue by changing the synchronization mode to a different cloud service and then reselecting iCloud, providing all the authentication details and submitting the form. The iPhones now have a stable connection to iCloud and sync continuously. I will try the same on the Macbooks when they loose their authentication again. ---- Edit: Works like a charm now on iPhones and Macbooks!
    4 points
  13. If anyone is wacko here it's you, not to mention being outrageously rude to the devs.
    4 points
  14. Nevermind! I fixed it myself! I had the Windows store version installed! Installing the website version of the app fixed this whole issue! Jeez I have been living a lie all the time!
    4 points
  15. Hey thanks, Discordant. Apparently you were posting the same time I was. Your solution is spot on. Thank you for your help.
    4 points
  16. On your Mac, choose Apple menu > System Preferences, click Security & Privacy , then click Privacy. Select Files and Folders. Select the checkbox below an app to allow it to access files and folders in that location or you can add Enpass manually if needed. You may need to click the lock icon and authenticate before you can add or change any items listed there.
    4 points
  17. And to add to what @Discordantsaid, if you're using Gmail or Google Apps and let's say your email is user@gmail.com, you can create aliases on the fly. Say you're registering at BBC website, then you can write your email is user+bbc@gmail.com and every email sent to that email will arrive to your user@gmai.com email. Of course, you will not be able to send an email from user+bbc@gmail.com, but you will receive all sent to it.
    4 points
  18. I've created a ticket and they sent me the following link with the newest release 2.4.2. For me it's working again without any further changes (Windows ACLs,...). Finally! https://supfiles.synology.com/fsdownload/cJ5c835mF/KI43117
    4 points
  19. 1Password charges a lot for their service and they’re a big company, so they can afford to offer things like this. Enpass is less expensive and doesn’t charge a subscription fee, so you can’t really expect them to offer a bunch of third-party services for no charge. Honestly, it is easy to implement on your own with a gmail account or any hosted email service that lets you set up your own email aliases. I’ve been doing this for many years now. As noted, if you have iOS or a Mac and iCloud+ that is another easy option.
    4 points
  20. Well, @Welshdog, I do not appreciate rogue code when it comes to password managers, for obvious reasons, that's all. I like this product for the features and value it offers, but yes, that rogue code (for whatever reason it exists) does give me a cause to be concerned. And the only reason I say this is that I have never encountered any app from any developer that caused this particular issue in my 15 years of using a Mac. @Vinod Kumar thank you for your elaborate posts, I will read through them and respond further if the need arises. I have not been available and online a lot since I last posted. You responded just about a week ago, so I am glad I have not kept you waiting as much for a response. From what I gleaned as I skimmed over your posts, it seems you are confident that this will not be a privacy issue at any point in time, so that is good enough for me. Further, since you are talking about system configurations, I am ready to provide any in-depth log and report I can, should you want. Do let me know what I can do in that regard, though I wonder what we might be able to achieve, as you suggest this is not something in your control. iCloud is not customised by me in any way, everything is set to whatever the defaults are, and, frankly, I am not even aware of iCloud backing up my system files on the Mac, let alone the ability to configure such backups at user's end. I always understood iCloud to backup only the iOS and iPadOS files. The only other thing that comes to my mind is that since this issue is more in Apple's domain as you suggest, then shouldn't the developer company (Enpass) try and reach Apple and get them to fix this? It is possible that most users of your software will never even realise that rogue entry's existence, but when they do, they will unnecessarily panic, and they will only point at Enpass. Shouldn't Enpass work with Apple to have a fix for this, for Enpass's own short and long-term repute?
    4 points
  21. I don't quite get the question, but if you use the portable edition, you don't have to have any desktop apps installed, but if you want the autofill functionality in Firefox, the same plug in is needed as with the desktop versions of Enpass. To switch from desktop to portable versions, you're recommended to either start a new vault in the portable app and sync the items down from your cloud provider (if you used sync), or you make a backup from the desktop app and restore it during launch of the portable version.
    4 points
  22. I am really look forward to the extension as well. 1Password already has it live ! Also there is a bug on iOS 15.. previously i could open password protected pdf’s from mail on iOS, but choosing the password from enpass - but now that doesn’t work
    4 points
  23. The shown in foreground issue is finally fixed in the recent update - v6.7.3 (888) MAS. Yey for that There's still a visible flash from Enpass on the screen everytime I log in, but at least it's no longer necessesary to close the unlock window An entirely invisible (background) startup would be nice and hopefully implemented soon Mac mini | macOS Big Sur Version 11.5.2
    4 points
  24. There is another topic asking for SSH Agent support. Unfortunately, the topic has been already closed without further information whether this will be implemented or not. I would really love to have SSH Agent support in Enpass. My expected behavior of this implementation would be Enpass asking me to unlock the Vault once an SSH Agent request is made (just like auto fill in the browser extension) and then accepting the SSH Agent connection. Is this on the list to be implemented?
    3 points
  25. I think the "wacko leftist crap" was directed at me because I used the term "woke". (Apparently my political affiliation and my entire personal values in which I lead me life can be determined on a single word.) Anyways, I don't disagree with your comments. I actually found this thread because, I too, was confused by the change. I even agree with your (very articulate) explanations as to why the user base may be inconvenienced by having to train themselves a new keyboard command. My point was that I simply don't think it's worth getting raged up about (see #Jeetdoh's comments in this entire thread), as if this was a big conspiracy to undermine Enpass users. Life is too short, my friends.
    3 points
  26. You need to turn on synchronization of your chosen vault(s) and use the same service and location on both iOS and your desktop. (iCloud, Dropbox, NextCloud, etc.) or use WiFi synching and make sure both are on the same physical network and WiFi synching is enabled and active.
    3 points
  27. It isn't turned on by default. You need to go into the browser plugin settings to turn that feature on if you want it. If you use Safari's password filling feature and Enpass you should only have one of those two turned on for inline filling, or they will get in each others way visually (just as it does for 1Password). Make sure the Enpass extension is enabled in Safari, then select the hamburger menu item on the bottom left: Select Settings from the popup menu that appears. Then click Browser Settings. Then click the Safari Browser button at the top of the window: This will open a new settings window as a tab in Safari. In that window, turn on the switch next to the Show Inline Autofill Popup Menu item: From then on you'll see an Enpass logo on login/password fields similar to the way you see a key if you have Safari's password filling feature turned on.
    3 points
  28. Not sure what change was introduced in the latest version, according to the change log, the browser inline autofill was added. However, the Windows Hello feature is finally working as it should have been on version 6.7.4 (934) on Windows 10. You will need to disable and re-enable Windows Hello authentication in the Enpass app to achieve this. Hope this will not be reversed in the future updates.
    3 points
  29. Hi Enpass Users To make sure you are updated with our developments, we would like to inform you that our Windows signing certificate is expiring on 28 Nov 2021. From version 6.7.4 onwards all releases will be signed by a new certificate. Because of this new signing certificate, you might see a Windows SmartScreen warning after downloading & running the installer. Microsoft has reverted us that it is due to new versions, low download and install count initially. Request you to take affirmative actions while seeing the following warning popups. For more information and required steps, please refer the FAQ If you still face any concern or have any question, please reach us here or on support@enpass.io Cheers!! Note: It is a temporary warning and will not appear in the future when downloads reach a certain number.
    3 points
  30. I second this. I want to be able to select the "/" character to make the Shortcut Ctrl+/. Thanks.
    3 points
  31. Hi Enpass beta subscribers, We are working on introducing updates on browser extensions to make your autofill experience really amazing with Enpass. To support those upcoming extensions, we have made some changes in the desktop apps, and this beta is all about running a final compatibility check between this new desktop build and existing extensions. What to test: Keep using your existing browser extensions with this new build and they should work exactly as they used to. We have also changed the code-signing certificate for executables because the current one is expiring this month. So if you get a warning message from antivirus or a Windows smart screen warning, it is due to the new code-signing certificate. Please allow the executable to run, and you should be good to go! Fixes: Fixed an issue where a few of you were getting a message —This version of Enpass is out of date— on launching the Enpass app. Fixed an issue where some of the items were not imported from 1Password. The import process was breaking on importing items with large notes in items. Fixed an issue where Enpass was updating the password of another item with the same username. Getting beta versions: Windows – Store version (via Package Flight): Our beta subscribers can install the latest beta updates from the Windows Store. Windows – Website version (.exe setup): Download and install the beta from here. Bug reporting For any bugs or feedback, please drop your message here on forums or email us on support@enpass.io Cheers!
    3 points
  32. This may be late, but I wanted to note this here for anyone else who has this issue. The user above is saying they no longer have access to the registered email address. This link gives an explanation of how to solve that: https://www.enpass.io/support/kb/registration/how-can-i-change-the-registered-email/ If you don't have access to a registered copy of Enpass at all on another device of some kind, I suggest you contact support directly for assistance.
    3 points
  33. @Pivopiev Try setup Chrome/Firefox as default Browser and then try to sync in case if doesn't setup as your default Browser.
    3 points
  34. For security reasons where someone is requesting your passwords (I.e. law enforcement, school, work place) and has your device in their possession, please enable an option to ask for master password on a device reboot or when emergency mode is activated on mobile. Thank you.
    3 points
  35. Hi @Abhishek Dewan Ok, my mistake was probably that I always logged in with the TouchID of my MBA and didn't have the "Keep me signed in" option there. I've done it manually now and see if it lasts longer. Thanks
    3 points
  36. You set up the new vault locally and once you do, you will be able to select the vault from the preferences and click the Set Up Sync button. Then you choose NextCloud and your vault will be synched there automatically.
    3 points
  37. Thanks for your instruction. It works. Good job ENPASS team
    3 points
  38. It would be great if there was an exception to match url hostname for domains. so for some services with general domains I know I have a common id for but for some maybe a domain I or my company manage may have various systems I access under a common domain may be unique logins for sub-domains. Can we submit a feature request? Thanks
    3 points
  39. After looking closer at the apt install output I could see the version was indeed installed. I had never stopped 6.5 from running and was seeing the current running version. Once I closed and re-opened I seemed to be ok. Thanks for the response
    3 points
  40. I use Enpass on a Mac. Enpass Mac lacks simple Mac user interface conventions. Here are some suggestion towards that end. 1. Use arrow keys in text fields ( with text in the field) to navigate. • ↑ should put the caret at the beginning of the field • ↓ should put the caret at the end of the last character in the field 2. ↑ & ↓ + ⇧ should select text. • ↑-⇧ should select text to the left of the caret in the field • ↓-⇧ should select text to the right of the caret field 3. Edit Menu should always have basic, Cut, Copy, Paste, Select All, etc, menu items that function when in edit mode in any field & contain standard Mac text transformation items. This is the Enpass Edit menu as it is today. General Feature Requests 1. Ability to name custom icons so they are searchable in the Enpass icon selector window, and they are so named in the Application Support > Enpass > temp folder, rather than the number sequence currently used. 2. Please launch Enpass Mini at login without having to launch the entire program. • Be able to enter the unlock password in mini w/o having to launch Enpass & have full access to all passwords (like 1Password does). 3. Have Enpass Assistant always appear under the Enpass menu icon with either of its keyboard triggers. 4. PLEASE! Make the Assistant window movable, have the ability to resize the window, & remember size & placement between reboots. 5. A pref to set which monitor Assistant is displayed on multi-display setups. As it is right now, depending on the keyboard trigger used, Assistant ether is centered on the main screen, or shows up wherever the cursor is located—even if the cursor is on an inactive display. You don't know how many times I've had to search/look to find the Assistant window, or move my cursor to the active window & hit the key combo again to have it appear next to the cursor placement. This is SO counterproductive—especially for those who want/need to use the keyboard and not have to move my hands to my trackpad or mouse. 6. Have the Assistant window appear & disappear with the same keyboard command. This way I don't have to hit the show window command, then Escape Key to close it, my hands are already on the aforementioned keys ... so why not just do and if/then? If the Assistant is showing ... hide it with the same key command ... much more intuitive & useful that way. Okay ... thanks for listening to my babble. Guess that's it for now. Hopefully some or all of these features actually come to fruition & implementation—SOON.
    3 points
  41. Is there an upgrade price from pro lifetime to premium lifetime? It was supposed to be lifetime so if I want to upgrade I should get a special price surely
    3 points
  42. For me this bug is fixed in 6.7.2 under Ubuntu !! Thanks
    3 points
  43. I can confirm that. It seems like a quick fix. I hope it will start invisible after another update.
    3 points
  44. Hi all, Apologies for the delay in responding to your comments. We do monitor all our discussions and this issue is on our priority list. A fix will be available in next week release. Enpass will always try to do its best to hear out our user's concerns, thanking you all for the support and patience!! Cheers!!
    3 points
  45. Good morning. I had this same error with both my PC and Android on DSM 6.2 and DSM 7.0, some time around June/July 2021 syncing stopped. After the upgrade to DSM 7.0 I thought that would fix the issue. I looked to convert the permissions to ACL as noted here but tried something else first. What solved my issues was leaving the permissions as they were but I went into the file station, to the webdav folder, I right clicked on the folder where I store Enpass, went to properties, and checked, "apply to this folder, sub-folders and files" under owner this re-pushed the folder permissions down again and after I did that everything started working again. It appears an update may have broke the permissions on the webdav folders, that's why converting to ACL or re-pushing permissions seem to work. Just passing along what worked for me.
    3 points
  46. Hello Enpassians! Today, we're thrilled to release Enpass Beta v6.7 with one of the most awaited features- Wi-Fi Sync. This feature lets you sync data across devices using the local network or Wi-Fi, without using any third-party cloud service. For more information, please check out the Wi-Fi Sync webpage. Along with Wi-Fi Sync, the update brings some improvements and bug fixes. Check out the complete changelog: iOS Android Windows - Store version Windows - Website version macOS Linux Getting beta versions iOS (via TestFlight): Our beta subscribers can install the latest beta updates from the TestFlight app. Android (via Play Store): Beta versions can be installed directly from the Google Play Store by joining our open beta program by clicking Become a Tester. Windows – Store version (via Package Flight): Our beta subscribers can install the latest beta updates from the Windows Store. Windows – Website version (.exe setup): Download and install the beta from here. macOS – Website version (.pkg): Download and install the beta from here. Linux (64-bit distributions only): Download and install the beta from here. To test the Wi-Fi Sync across different platforms, you will need their respective beta versions as well. Check out our Beta Program for all platforms. Bug reporting We look forward to your feedback for this beta release of Enpass. If you uncover any bug, issue, or want to share your feedback, please open a thread in our Forums. This beta release is made available to beta testers only and is not recommended for production use at this stage. Cheers!
    3 points
  47. Yes. That should work fine. The syncing appears to compare the age of items and won’t copy older stuff over newer. Just to be safe, you should run a backup of the newest vault. This way if something goes wrong for some reason, you can revert.
    3 points
  48. Hi @UdhayanithiG, Thanks for raising the question. The short answer is NO. The article mostly discussed about autofill extension of online password managers which injects their UI/chrome into web page and interact with their server. This additional chrome can be exploited by clickjacking or exposed server endpoints can be accessed by additional scripts because they live in the same shared space i.e. the webpage. Here are few points how Enpass is immune to such attacks: 1. Enpass does inject only limited script to detect presence of forms that user may want to autofill. It does not inject any chrome/UI that can be clickjacked. The autofill UI is a separate process than the browser and immune to such attacks. 2. The connection between local application and browser extension is authenticated by user via manual pairing mechanism by user and communication is encrypted with a shared key which malicious scripts can't access. 3. Enpass, by default, requires user intervention before supplying any credential to webpage. In future, if Enpass introduce a feature that require additional UI injection in the webpage to increase user convenience that would certainly be inside the attack surface mentioned in the article. But be assured such a feature will be optional and you can keep Enpass extension in a configuration as it is today. Cheers:)
    3 points
×
×
  • Create New...