Jump to content
Enpass Discussion Forum

Leaderboard

Popular Content

Showing content with the highest reputation since 04/24/22 in Posts

  1. Hi @all We were able to reproduce the bug on our end, due to which this issue is occurring. Our dedicated development team is working on a patch right now, which will be released very soon. Enpass appreciates your patience in the meantime.
    6 points
  2. Hi @sxc4567 I can understand the risks associated with this unfortunate situation. We use both mlock (to exclude memory from swap) and madvice (to exclude memory from dumps) for critical memory allocations. Please read this old reply to understand how much of the sensitive data is available in memory as plain text at a given time and how memory sanitization works in Enpass. We are continuously working to improve the security of Enpass and prioritized a memory sanitization review task to specifically handle this situation. Regards,
    4 points
  3. Thanks @Ivarson. You are 100% right here. @sxc4567PIN locking is a convenience feature and only restricts app access. It does not close the underlaying SQLCipher database handle and an unencrypted database page may still be there in process memory. However, there is an additional level of encryption for the stored passwords with a per item obfuscation key to prevent direct visibility in memory for this case. Though, an attacker with advanced skills can still find the obfuscation keys and decrypt it. Locking with master password is the safest option for Linux as it will close all underlying resources too. Cheers:)
    3 points
  4. So, seeing as your response has changed from “Q2 2022” to “no ETA” in the span of 4 months, and there’s no M1 native version being tested in TestFlight even though we’re halfway through Q2, is it safe to assume that the M1 native version isn’t coming anytime soon? I’m about ready to jump ship over this issue. Enpass is literally the only app I use regularly that hasn’t transitioned yet, and it’s completely unacceptable. It has been nearly 2 years since the Apple Silicon transition was announced, and 18 months since these machines have been available to consumers. What’s taking so long?
    3 points
  5. Finally --- new update improves the search speed tremendously -- it's still much slower than 1Password (which is pretty much instant) but it's quite a bit more usable.
    3 points
  6. https://www.enpass.io/docs/manual-desktop/vault.html#cloud-setup You still can't use the same account for multiple vaults, only the same Provider (with different accounts). (with the exception of WEBDAV which let's you pick the path). Don't think they're intending to change this as they're describing "multiple vaults" as a segregation-possibility when sharing vault with someone, not segregating personal data.. Having that said, if you want to separate your personal data in separate vaults, doesn't make more sense anyway to use different cloud accounts?
    3 points
  7. No more issues with Dropbox in beta 6.8.2 for Android neither
    2 points
  8. Locking Enpass with a PIN active doesn't close the database AFAIK. If you lock it without a PIN being set, then it's closed properly. In Windows when Full-time TPM support is active, I believe the database is locked properly due to TPM handling the key rather than Enpass itself. I could be wrong though.
    2 points
  9. Hi @all, Thank you for your understanding. We apologize for any inconvenience caused by this matter. We were able to reproduce the problem on our end, due to which Dropbox authentication is frequently required. Our tech team is working on resolving this issue and a fix will be implemented shortly. Please bear with us while we get this resolved. Appreciate your patience and support in the interim. #SI-2785
    2 points
  10. This really is the core of the issue for me. Running through Rosetta hasn't had an impact on performance, and I haven't noticed a hit to battery. In a vacuum, this wouldn't be a problem, I knew what I signed up for when I got a first generation product. But this is a password manager. It's one of the few applications where fast, timely updates are very important. If there's an exploit in the future, should we just expect our data to be exposed for 2+ years while you guys wrangle your code gremlins? I've worked with Qt before, and quite frankly, I would be mortified if it took me 10 months (since Qt 6.2 was released) to integrate upstream changes. I can't imagine looking my boss in the eye and telling him that the reason something this fundamental is taking so long is because of some deprecations. Qt is a UI framework, it really shouldn't be taking this long to handle a few deprecations. I don't buy the excuse that it's truly taking this long to update your UI, and I don't even want to imagine what hell-spawn spaghetti code you're working with where some deprecations in a UI framework requires a total rework of your codebase.
    2 points
  11. I totally agree with @dahliamma and @pitchblack It is totally unaceptable that two years later, in most cases, this is the only not native application that we are running. You say in the recent release: I CAN'T beleive that your developers have released a BIG update without native support. The password manager perhaps is the most importan app in a computer (at least in my case). Is this a reliable company to trust my most precious data? I'm not sure.
    2 points
  12. Enpass 6.8.0.648 crashes Android 11 LinageOS 18.1-20220503-Nightly-dumpling. Cannot reproduce because as soon as it tries to open it crashes. My last version Enpass 6.7.1.572 worked just fine. Where can I find the Enpass 6.7.1.572 APK so I can have a working password manager? Thanks
    2 points
  13. Hi @Mohit Thapa I'm afraid the issue still exists in the Windows store version 6.8.0 (1048). Connection to WebDAV failing with a generic message "Could not connect to specified WebDAV folder. Check you username and password". Note that I can connect to the WebDAV folder in question from a non-Windows store version of Enpass or from Windows Explorer directly. So the problem is definitely not in credentials or URL.
    2 points
  14. Hey @MaxM Thanks for letting us know about this. Our developers are constantly keeping a tab over this issue and have informed me to request the user to try the new Enpass beta Version 6.8.0 (1049). Click here to download it and let me know if the issue persists.
    2 points
  15. Hi @Manish Chokwal, thank you for the hint, my enpass desktop app was way too old. I thought it would update automatically but I had to trigger the update manually. Now it works, thank you!
    2 points
  16. From my experience, it is not absolutely necessary to turn off the entire extension. It is enough to turn off the auto-fill pop-up in the extension settings. Then you at least have the possibility to continue using the normal/old browser extension. I hope, this will help you.
    2 points
  17. At this point Enpass works on "most" distributions, but not on all of them. Also, there is the need to add a repository and then install the application. My request is to make Enpass available as a AppImage, snap or flatpak. This way the support for Linux can be improved! I would suggest to use AppImage or Flatpak, since snap = canonical controlled.
    1 point
  18. Abhishek. I think you are misunderstanding the problem. It is not the size of the backup files that was causing the slowness, it was the size of the SQLCipher database. It appears that there was some sort of internal corruption or duplication that was being reflected in both the sync file and the backups. I am glad there was procedure to restore the integrity of the database. Maybe you would pass this information to the developers for their future reference. Thanks.
    1 point
  19. Hi @vool, In Enpass' latest extension version, the "Inline autofill" feature was introduced, and in order to use this feature, Enpass has to be the default password manager. As a result, the "Save and fill basic information" functionality has been disabled in the Edge browser. For re-enabling it, right-click on the Enpass extension icon in the browser -> Settings -> Disable the "Set as default" option. Let me know if you can now use Edge browser basic fill.
    1 point
  20. @Ivarson, Thank you for providing this information. This has been forwarded to our concerned team for further investigation. Any updates will be conveyed to you as soon as they are received. Thank you for your support and patience in the interim. #SI-2780
    1 point
  21. In version 6.8.0 (1056) it seems this issue is solved with the pop-up window never goes above the header. Thanks!
    1 point
  22. Hi @Ivarson Thanks for bringing this issue to our attention. I have forwarded this concern to our dedicated team for testing purposes. As soon as they update me, I will be sure to notify you on this forum. Enpass appreciates your patience and support in the meantime. #SI-2767
    1 point
  23. I got it working. I am not 100% sure what I did. I selected the open with option I am not sure what I did to get it to come up. I selected enpass. As soon as i did that it prompted me for my master password and it came up. It did nor prompt me for my Microsoft password. I would assume It was already authenticated as I had already signed onto it on the browser I was using.
    1 point
  24. Update: Sorry for the delay. Got the "Autofill using Accessibility" option working. Took some experimenting, but excluded Enpass from apps slated for sleep and it's now functioning as desired. Got to hand it to you team, it's a great app. The Desktop version works flawlessly too.
    1 point
  25. I'm not certain, but I suspect the trouble I encountered may be related to the trouble reported by @wmc in topic 28288, Enpass 6.7.4 (933) loses connection to databas. TLDR Before you make any changes to your Enpass setup, make certain you have a recent backup of your Enpass vault. If you use Enpass Windows API (Win32) edition--you download the installer from the Enpass website--remove/uninstall Enpass Microsoft Store edition if it is installed. If Enpass Microsoft Store edition is installed, it will appear as Enpass Password Manager in the Windows Settings (Apps > Apps & features) app. If installed, Enpass Windows API edition will also appear in this list and will appear simply as Enpass. Do not uninstall this edition. Repair Enpass Windows API edition. In Windows Settings > Apps > Apps & features, select Enpass and click the Modify button. Elevate privileges through User Account Control if necessary/prompted. Click Repair. After repair completes, reboot your computer. After rebooting, the first time you attempt to have Enpass fill login fields, you will be prompted to authorize Enpass browser extensions to access Enpass (you will see a prompt for and automatically be provided a 6-digit code). I encountered this separately for Google Chrome and Microsoft Edge, but not Mozilla Firefox. In Firefox, it simply worked. I guess authorization for the Enpass Firefox extension survived Enpass repair, etc. While I can't pinpoint exactly when this started, I think the upgrade to 6.7.4 (933) wasn't as seamless/smooth as usual. I don't think the problem was related to updates to Chrome or other browsers. I encountered the same trouble in Google Chrome, Microsoft Edge, and Mozilla Firefox. I discovered that I had both the Enpass Windows API (Win32) and Microsoft Store (modern app) editions installed. It's unclear to me how this happened. I recall installing the Microsoft Store edition some time ago, perhaps around the time Enpass was first available in the Store app. I decided to continue using Enpass Windows API edition instead, and I thought I had uninstalled Enpass Microsoft Store edition. This wouldn't remove the Enpass app from my "purchased" apps or Microsoft Store app library. I'm wondering if a subsequent Enpass update or possibly a Windows/Microsoft Store app update caused the Enpass app to reinstall... Hope this is helpful.
    1 point
  26. Thank you for making this! It's really useful!
    1 point
  27. @Ivarson, I would like to share that this issue has been also reproduced on our end also and our team is working on it, it will be fixed in the future updates of Enpass. Thank you for reporting this issue. #SI-2740
    1 point
  28. Abhishek, I am attaching a folder listing of my vault backups that shows the progress of the problem with repository size (and presumably the source of the speed problem). The jump from 3.7MB to 4.4MB does not seem significant, but then it jumps to 17MB and then to 39MB and ultimately to 380MB (where the performance issues became significant). My efforts to recover brought the file size back to 39MB but it still seems too large. I am reluctant to try to recover back to the 4MB range as I would lose some significant entries. Do you have any suggestions as to a way to clean up the vaults, or any suggestions about alternative recover mechanisms? Thanks
    1 point
  29. Abhishek, I am glad to hear the garbled item fix is on the horizon. As to the slowness, I was able to resolve it after noticing the sync database and the backups had grown significantly. Here significantly means the sync database growing from about 38MB with over 500 items to almost 500MB and the backup file growing from 18MB for three different vaults to over 350MB. I was able to shut off sync on the two windows computers, and an Android phone, and then reinstall on one of the Windows machines starting with a backup. Then setting up sync again on the other devices. All seems to be humming along as before now. If I can provide any more information about the root cause of the problem, I will need some direction. However, I am content for now that everything is working well.
    1 point
  30. Hi @MaxM, Thank you for reporting the presence of this issue. We have reproduced the bug on our end, due to which you are unable to connect to the WebDAV. Our concerned team is working on resolving it, and a fix will be implemented in the upcoming update cycle. In the meantime, we appreciate your support and patience. SI-2681
    1 point
  31. I'm aware, it was more a question to people (coming from Samsung Pass) if they've been able to export data at all from Samsung Pass, but it seems they don't provide any such method, which sucks. So Enpass isn't to blame.
    1 point
  32. Hi @Sh4aa I have duly noted your interest regarding this feature and shared it with the dedicated team so they may implement it in the future Enpass versions. Your support and patience in the meantime are appreciated. #SI-2752
    1 point
  33. Hi @Sh4aa, Welcome to the Enpass community. I appreciate your efforts in taking the time to provide your feedback. I have taken note of your point and your suggestion has been forwarded to the concerned team for further consideration. Thanks for your patience and support. #SI-2752
    1 point
  34. Hi @Sh4aa, Thanks for reaching out to us. I would like to share that I have duly noted your feedback and it has been forwarded to the concerned team for further consideration. #SI-57
    1 point
  35. Happy Enpass user. Happy forum user now. Thanks to folks that un-firewalled my IP. I'm looking forward to using Enpass for many years. Bye-bye 1Password. It served me well for many many years, but they outgrew their britches.
    1 point
  36. Many people use Samsung DeX, specially on tablets and in a work environment. Right now the app is not supporting this mode and people always has to turn off the Samsung DeX to login to some app or just to create a new entry on the Enpass app. Please consider this integration, it could be really helpful.
    1 point
  37. @Pratyush Sharma, @Abhishek Dewan See how KeePassDX solved it https://github.com/Kunzisoft/KeePassDX/pull/1114 and https://github.com/Kunzisoft/KeePassDX/commit/c0ac01a34a022b2508897e5e210d067631264612
    1 point
  38. https://www.enpass.io/downloads/#extensions
    1 point
  39. Hi @mrSLK and @moderato_burrito, I developed a workflow which is doing that. You find it here: https://github.com/v-braun/alfred-enpass Please let me know if it worked for you or you had any issues. Looks fine on my machine but maybe there are still some bugs. You need to set it up on first run, therefor u need to provide the location of you vault (directory) and the masterpassword. Because there is no API from Enpass, I need to access the DB directley to read the records. IMPORTANT: the password is not stored anywhere as cleartext. It will be stored within your keychain. This is why a keychain popup may appear on first run (on setup of the workflow). Have fun and please let me know if there are any issues Thanks a lot to the entire Enpass team! I am a user since the first days of Enpass.
    1 point
  40. Why are you posting in an existing, non-related thread? You should create a new one, or contact support directly if you have a subscription. You're safest bet would be if you had Cloud Sync setup in the old installation, then you'd simply create a new vault now and choose restore from cloud when setting it up. If not, then it depends on whether you formatted your drive. If you didn't, Enpass creates backups automatically under your personal folder which could be accessible and restored from.
    1 point
  41. @hyoungx https://stacksocial.com/sales/enpass-plan-lifetime-subscriptions Here is your discount.
    1 point
  42. I switched to BitWarden today. Some things seem better, some things not as good... but I have not encountered any serious issues that literally interrupt my productivity. So I guess that's a win.
    1 point
  43. What a pity, I would love to see this feature implemented, because I have the impression Enpass is creating too much entries for some sites/apps, or I don't use it properly... but I get many duplicates I'd love to be able to clean, in the way I would merge both cards into one to keep the information if there is a slight different.
    1 point
  44. Such sad news that Enpass is treating users like this. I'm not an Enpass user; I have been seriously considering purchasing the lifetime plan, but when I read this topic I see many fundamental issues that make me sure this would not be a wise choice. Passwords are one of the most serious piece of information you can handle. You can totally ruin a person's life (and I'm not exaggerating) by handling them in a wrong or insecure way. For that reason, it's primordial that you choose a password manager that you will fully trust. Breaking this golden rule is a big no-no and I must say by reading this topic, I already see many red flags: Making 2 different promises and breaking both of them. No matter how much you try to justify, not matter how much you play with the words to say it's fine to do it, this is breaking trust and breaking and breaking what you made users believe they were buying Making use of word "tricks" to differentiate "pro" users from "Premium" users. Really? These are practices very well-known to what scam companies do, and although I'm not saying you're one of them, I'm definitely saying you're behaving like one Using excuses to justify your own decisions and behaviour: "we need to raise more money... the lifetime plan was not sustainable.. bla bla..". Again: you as a company made that decision to sell that plan at a certain price, making a promise in the past, knowing the risk, but also getting all the benefits from it: attracting thousands of people that for sure gave you a good cash position for a while. What comes next? Free users will have access to their passwords blocked until they pay a ransom? This message is not a complaint, after all, I'm not even a customer (although I would be if it wasn't for your unethical behaviour), this is just a free piece of advise that I'm giving as a would-be-user for whoever is making those disastrous decisions within the company without any serious thoughts on the consequences. Sad to see companies like this with such a great potential throwing it all away
    1 point
  45. Im a developer too, and it well may be that the database stores performed transactions, call it an audit trail if you will. So deleting passwords also creates data. This is why I'm a bit wondering why you are so concerned about 'size'. It's for me a rather meaningless metric if it works as expected and poses no hindrance.
    1 point
  46. As a programmer I can say that a smaller file size does not mean it's better per se. You can store data in many ways and some make it more readable, some make it smaller and some make it that data is more recoverable. E.g. Site:x Username:y Password:z Vs S:x U:y P:z Vs <site>x</site> <username>y</username> <password>z</password> In case 1, it's a basic storage. In case 2, there's minimal size, but it's less readable. In case 3, if data gets corrupted, you'll know since <password>x)_~€¿ will not be valid, while Password:x)_~€¿ is. Storage isn't that expensive anymore, so a 1mb vault vs a 5mb one doesn't say much. Hell, it might even be stored the same way, but the encryption is different which may make it bigger.
    1 point
  47. I've been using Enpass for many years now. I've seen their software improve while their decision making worsens. First Enpass started as a lifetime purchase only with updates and no more payments. Then they moved those people into "PRO" status where people get lifetime use, are tracked with accounts. Now they create additional tiers so that "PRO" which are original users get stuck and don't receive the updates. Today premium users can get lifetime too and eventually they will fall behind too with the creation of a new tier. What will it be? Let's assume in 2022 they publish "Enterprise Tier" or whatever and PRO is even further down from the original promise etc. I totally understand that Enpass needs to make money to continue developing but you took a wrong path. Enpass should have never promised lifetime updates to begin with. (Should have charged for major updates instead) In any case, this will be messy and affect Enpass reputation. The best options for Enpass is to say they're sorry and either provide original users with the latest updates for free as they promised in the start or to say , scratch that, we lied, we need money as a bussiness or we can't continue, we won't give newer features for free sorry BUT here, we will move you to upper tier for a minimum fee because we appreciate you helping us get here. Basically giving a great discount to founders so that they can have a premium lifetime status. Then Enpass can provide regular updates to all users as they normally do. Just don't lie anymore please. I know many want everything for free and I understand that's not how it works but your job is to make things clear and so far you haven't done it because your initial promise was impossible to fulfill to begin with. (It's like socialism, you start saying you give everything for free until you realize you need money to come from somewhere to continue) One last thing. For the love of God please remove the red ad ASAP. It kind of seems like Enpass wants to trigger founders.
    1 point
  48. Any updates here? I'm using Fedora Silverblue and it's sad to see no support for flatpak or Appimage.... All I can do is run enpass in toolbox via terminal and also I can't use it with browser outside of toolbox. Would be great to have flatpak pkg
    1 point
  49. Hi, all I builded flatpak package for enpass. I have a question: can I share it on flathub (https://flathub.org)? I want to get permission for this from the project team.
    1 point
  50. Hi, For Linux users I think it would make sense to release a Flatpak version of Enpass. Also currently Enpass Beta + Firefox Dev Edition in Flatpak + Enpass WebExtension doesn't work. I am able to curl the Enpass service from inside Firefox Flatpak (at least I get the same empty reply as when running the curl from outside) so I guess there is some validation happening from the Enpass app that doesn't work.
    1 point
×
×
  • Create New...