ttk

@Amandeep Kumar Are you serious? I have switched from Authentik to Keycloak because of the lack of updates in this thread for several weeks. I wasn't aware that you completeley stopped working on this issue, because the availability of my Authentik instance is crucial for your development work - but good to know that you planned with testing against my instance without ever notifying me. I would have assumed that a serious development company would be able to quickly deploy their own Authentik instance to be not depending on other instances they have no control over. Besides that, you would have landed in my fail2ban filters nevertheless, since it is rather unusual for requests with IPs originating from india to access the landing page but not try any login attempts, or try them and fail because you would not have any valid passwords. But yeah, i switched my SSO provider because of this issue, maybe i should look into switching my password manager as well, since this is not the trustworthy behaviour i would expect.

I have a fresh installation of Firefox on mac OS and want to set up the enpass extension. I have installed the extension and want to fill in the first password. Now my problem occurs: The extension briefly displays the pairing code. In the exact same second, Enpass crashes (or at least the window closes). This causes the Extension to close the tab with the pairing code. After restarting Enpass and unlocking, the pairing code entry window is still displayed (so i assume it did not really crash). However, if i had luck with memorizing the code during its short display time, it is not accepted by Enpass anymore. So currently i am unable to pair the extension to the main Enpass app. I also do not get a crash log, since apparently Enpass hasnt crashed completely, however, the window is disappearing, and there is no dock icon anymore. Any help is greatly appreciated.

@Abhishek Dewan it has been several weeks now...how hard can it be?

@Abhishek Dewan Do you already have some updates? This issue is quite annoying and keeps me from fully rolling out Authentik in my environment. Should i keep an eye on Enpass releases or on Extension releases?

I could not reproduce it reliably. It seems that this occurs when Enpass stays locked for longer periods of time. I have captured one occurence, but apparently the screenrecorder wasnt able to capture the extension overlay as well, so now i'm trying to get a new recording with OBS Studio.

Hey, the software versions are the same as here: Regarding URLs: This happens regardless of which URL i am visiting. This has more to do with how long Enpass has been locked. Since this happens total randomly and not on every login attempt, i have a hard time recording it. I will try to keep an eye on my screen recorder and let it run just in case whenever i execute a login action.

I have the following problem: 1. Enpass is locked. 2. I right-click on a password form in the browser to let it fill the password 3. It shows the vault password prompt which i enter 4. The extension unlocks and briefly shows the entry for the current page, but after half a second "loses focus" and show all entries in the vault 5. Workaround: Hide the extension, and do the procedure again, so that it is opening unlocked, and only showing the entry for the page i want to have my password entered in. What can i do to prevent the behavior in step 4?

Hi, that are good news. I will have an eye on new enpass versions and try it out subsequentially.

Sure. It is on Windows 10 Pro, Patchlevel 19044.2486. However, i think this also happens on a Mac with OS X Ventura. Does not happen on iOS. Enpass is version 6.8.4. Chrome is version 109.0.5414.120 - but this issue occurs on Firefox as well. Enpass Extension is 6.8.0.

I have a setup where i am securing some applications with an Authentik SSO server. It does not work very well with Enpass. This is my problem: 1. I open the URL to the application. It is forwarded to the SSO login form. The form has the callback URL to the application as HTTP GET parameters in the address bar, e.g. "https://authentik.simonszu.de/if/flow/default-authentication-flow/?next=%2Fapplication%2Fo%2Fauthorize%2F%3Fclient_id%3DSCEmh1dhqxFlmPM30asa7dPqxs3dMBskX87Kx8DE%26redirect_uri%3Dhttps%3A%2F%2Fcomics.simonszu.de%2Foutpost.goauthentik.io%2Fcallback%3FX-authentik-auth-callback%3Dtrue%26response_type%3Dcode%26scope%3Demail%2Bprofile%2Bak_proxy%2Bopenid%26state%3D1qTRKfZVO07F-Hh7I44_8vaurt9GzaNTETUy1igmH08" 2. I select the Authentik Login item in Enpass via the Chrome extension. The item has "https://authentik.simonszu.de" as the saved URL, since that is the most common denominator between all SSO-secured applications as well as the admin interface of the SSO server. 3. As a result, the Enpass extension causes Chrome to open a new tab, with the address bar containing only "https://authentik.simonszu.de/if/flow/default-authentication-flow/?next=%2F", so, no reference to the callback URL to the actual application any more. 4. If i try to do step 2 again in the new tab, Enpass does not fill the credentials, but rather opens a third tab, containing the same address in the address bar as in step 3. 5. I can repeat step 3 and for for infinite time, causing Enpass and Chrome to open more and more tabs, and not logging in properly. Is there a flag where i can tell Enpass to simply fill in the credentials, and not trying to open the URL it has defined in the login item in a new tab? That would be nice.

If only the big red "YOU HAVE BEEN BREACHED, ACT IMMEDIATELY" alert could be hidden somehow. Since when you click on it, you need to pay. But it cannot be hidden, even if i do not want to use the premium features. Shitty UX is shitty.

I disagree. Github is for distributing source code, and eventually releases made from this source code. Just uploading binary artifacts without the code is not what git and Github was made for. If you need a backup of the installation, download the standalone client, and store it somewhere safe for yourself.

Hi, one of the reasons why i preferred Enpass over other password managers like Lastpass and 1password was that the developers just distribute the binary, and everything else like sync and so on was completely in my own hands. No connections to other servers, nothing. This was great, since i believe a password manager should do as little communication as possible. Until now i was very happy with Enpass. But now i have some serious questions about the new favicon feature. The announcement says that Enpass downloads it from the developer's server, and you need to enable the feature on each client separately, so i assume each client downloads the favicons separately. So, in concern of data security and privacy, i'd like to know why this decision was made. Each website provides its icon as https://url.tld/favicon.ico. Why isn't Enpass able to download this file directly, but instead phoning home with all URLs which are stored in my vault? Why is it dependant on some kind of managed service now? Why aren't the icons stored in the vault in the same way as attachment files are stored? If you guys have a reasonable explanation for this design decision, i'd like to hear it, since a password manager is a tool of high trust. Since Enpass downloads the icons when the vault is unlocked, and sends all the URLs to the developers, what guarantees me that it doen't do the same with all password data? I do not want to audit it's connection attempts with tcpdump every time an update was made. At least the other cloud based password managers do the sync with their servers with the encrypted vault file.

OK, there is an undocumented option. Just start Enpass with the "-minimized" flag.

I have a very stripped-down desktop environment on Linux (i3wm). Therefore i have some issues with the autostart option. At first, the Autostart-checkbox didn't work for me. I have reached out to the twitter support, and they told me what technique they are using for this option: "A file named Enpass.desktop should be created there at /home/.config/autostart." - this helped me to re-create a custom autostart script like i had with Enpass 5. However, i am missing the startWithTray option. Since the Enpass UI lacks the "Start minimized" option on Linux, and i3wm has no support to start applications minimized on its own, i currently get a full Enpass window on every boot plus a systray icon. I have to manually close the main window to have Enpass properly running "in the background". I am disappointed that there is no more option to start Enpass minimized on the command line.

I am using Enpass with a tiling window manager on Linux. Due to the nature of tiling window managers, there is no such concept as "Minimize windows". So after starting Enpass automatically on login, it spawns the systray icon and the main window, and ignores the "Minimze to tray" setting. I have to manually kill the window to persist the systray icon and not having a momentarily useless window on my desktop. I know that my use case (Linux with tiling window manager) is somehow special, but this problem is well-known among the users of tiling WMs. So i am asking for maybe a command line flag which one can pass to the Enpass binary which results in Enpass not drawing its main window, but only the systray icon. If one needs the main window after that, he can still spawn it via a click on the systray icon. Thank you very much.

Hi, this is already a feature request:

Apparently yes. It is still very cheap if you compare it to other password managers (except KeePass)

I have used 1password for long time on iOS, macOS, Windows and Android. But currently i am switching to linux, since apple's new hardware disappoints me. 1password has no linux support, so i checked the alternatives. LastPass has monthly subscription model, RoboForm as well. I tried KeePass as well, it has a great ecosystem, but it was too tinker-y for my taste, e.g. Browser integration (you have to install a plugin for KeePass, KeepassHTTP, and a browser extension, and all...) Keep in mind, i am coming from apple ecosystem where it "just works" in around 65-70%. I selected Enpass because it has a 1password style approach (which KeePass hasn't), plus the switch was cheap (just a mobile app, desktop is free). I payed around 60€ in 2013 fir 1password, plus 8€ for mobile app. Enpass has no forced Cloud Sync option like LastPass, and like 1password is slowly forcing its users into. Enpass has official Linux Support and isn't very tinker-y. It works out of the box for me. So, my main reason for Enpass was: Linux Support, no forced cloud use, works out of the box. If you come from Keepass, i'd recommend Enpass over 1password. It has lower price, no monthly subscription model, and lets you keep the control over your data.

+1 This would make Enpass perfect for me. The added support for attachments already made it feature complete for me (i am switching from 1password), but also having nice optical features (and not slowly forcing its users into its own cloud sync) would add the cream on top of it all.

Yeah! I was very much looking forward to this feature. Now i can finally switch from 1password. Awesome work, guys, thank you very much. You'll get a payment of a mobile app from me very soon (or at least, Google will get it and forward it to you some time)

Any updates on this? The current absence of this feature is the only thing keeping me away from switching my password manager from 1password to enpass. I know about the feature in the beta version, but i'd like to use stable versions on mission critical applications like password managers.

Hi, i want to import a 1password database which is in OPvault format. So, i went to 1passwd, and selected "export all items". This happened on macOS Sierra. The result was a folder called "1Password 2016-11-24, 10_56 AM (842 items and 1 folders).1pif". This folder wasn't recognized as a bundle, like the Photo Booth Library or something, just as a folder. Inside of this folder are 3 elements: a folder called "attachments", a folder called "previews", and a file called data.1pif. I selected the import tool in enpass, selected 1password OPvault as the input format, and in the final file chooser dialogue, i selected the data.1pif file, because i couldn't select the containing folder. As a result, the import failed, because it said the file isn't a valid 1pif format. To be clear, this is exactly the file 1password outputted for me. So i struggled, and finally chose 1password agilekeychain as the input format. This time i could select the containing folder, and the import seems to succeed. But after watching the Import section in Enpass, i only see around 350 items. This does not match with the 842 items mentioned in the containing folder name. So, do i have to fear that during the migration process i lost just about 500 items? I do not want to manually check each database against each other, because it's a long and tedious process. So, please, can you tell me why a Opvault-Import of an opvault export file fails, but an agilekeychain import of an opvault export file seems to succeed but drops about 500 items from the database? In a related context, i'd like to have the ability to add small files to an Enpass item, since during this migration process, all of my license key files attached to software license items in 1password are lost (but they aren't up to 500 items, just around 20 or so).