Jump to content
Enpass Discussion Forum

paulsiu

Members
  • Posts

    51
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by paulsiu

  1. Note that I am having the same issue on Linux PopOS 22.04. Initially I thought I had to reinstall the enpass and extension, but I have done that 3x already and the issue did not go away. One workaround so far is to make sure tha the enpass desktop is unlock and then disable the extension in firefox and then re-enable it. This seems to fix the issue temporary.

  2. I am having some difficulty with using Enpass with ChromeOS. I have the android app Enpass install and the Enpass extension installed in Chrome.  In the android app, I attempted to do the following:

    1. In the android app's settings -> Autofill -> Android Autofill Service. I toggle it and it and tries to set enpass as the android app. When I tried this, it display a dialogbox saying "Make sure you trust this app". When I press OK, the checkbox is not checked. It only gets check if I set the autofill service to none.

    2. Toggle "autofill in chrome browser". This connects to the chrome extension.

     

    The problem is that connection keeps being loss. what am I doing wrong and why doesn't step #1 work?

     

     

  3. On 11/3/2023 at 5:51 AM, Abhishek Dewan said:

    Hi @paulsiu

    Creating backups and restoring your data will retain all the saved passkeys. However, when exporting your vault to CSV or JSON formats, please note that passkeys will not be included in the export/import process.

    Thanks, have Enpass thought about if they will do this in the future or if you will have ways to import passkeys from other vendors. I imagine that there is no published standard of how to represent passkey in JSON or csv.

  4. I would like to add a warning about windows hello setup. The link you proviced mentioned that Window Hello uses TPM to securely store key values. On older devices without tpm, that is not the case. When you enable windows hello, you are required to create a pin. If you have a Windows computer without TPM, the PIN value are stored in a secure location. The problem is that many of these machine probably also do not have disk encryption. You can buy an utility to bruteforce your pin.

    https://blog.elcomsoft.com/2022/08/windows-hello-no-tpm-no-security/

    I believe Enpass smartly forces you to enter the master password on startup if you don't have a TPM, so fortunately hacking the PIN will not allow them into the vault, but it would allow them to acquire the PIN to login.

    There are two things you can do to mitigate.

    1. Encrypt your drive, which should prevent access to the secure element.

    2. Make a really long pin simialar to a good password using letter, numbers, and special characters. Most people don't know that you can use keys other than numbers. If you are using fingerprint, you would not need to enter the pin often.

  5. Thank you for the clarification.

    I would like to add that despite its lack of use caes for portable usage. It's extremely useful as a backup verification. I like to make backup of the vault, but I also like to test that the backup works. One easy way to do this is to setup Enpass Portable and restore the vault and check if all of the entires are in place.

  6. I was wondering if you have any guideline to use enpass portable. If I setup enpass portable on a USB drive, what can I do to best secure it. I have two concerns.

    1. There is a copy of the vault on the drive. The vault is encrypted, so I supposed even if they get the vault they can't easily decrypt the file.
    2. What are the likelyhood that the copmputer I use it on contains a keylogger and logs my master password?

    I am wondering about the use caes of the portable enpass. Is it supposed to be used on public computers?

  7. Thanks, I was wondering if I would be able to just create a portable version that has the 3 executable on the same drive assuming I used a format compatible with all 3 like fat32.

    As for Chromebook, the idea is to avoid installing anything. I supposed I can employ using the linux layer or use the android app.

     

  8. I am traveling to some relative and would like to setup Enpass portable for travel. I am a bit confused over the product so I hope someone can answer my questions.

    1. I notice that there are multiple version of the enpass portable: Mac, Windows, and Lnux. Is the way to do all 3 be creating a fat32 usb drive and then install all 3 version on the USB?
    2. What is the recommendation for the data files, should I sync with the cloud version or should I just export to a separate vault? One reason for the export, I have notice that the version on the portable is older. I am using enpas 6.8, the version portable is 6.6. I am worry about corruption while syncing.
    3. How would the product work on a Chromebook. Do I need to enable Linux and run the Linux version?
  9. Thanks for your response, but no drop down appear on the field. The website in question is at:

    https://ownyourfuture.vanguard.com/home/login

    This is what I get when I use firefox inspector on the password field.

    <input _ngcontent-qtc-c95="" autocomplete="false" onfocus="this.removeAttribute('readonly');" autocapitalize="none" id="pword" type="text" required="" vuiinput="" maxlength="20" formcontrolname="pword" class="vui-form-control vui-input-stable ng-pristine ng-invalid ng-touched" aria-describedby="alert-2" aria-invalid="true">

    I think the problem is that the field doesn't have a type="password". Is there a way to add some sort of hint to the password entry in enpass to indicate which field is the password?

  10. Hi,

    Thank you. I was able to find another computer, disconnect the sync, restore it, and copy out the notes and then resync.

    While the issue is fixed, I am alarmed that the issue occurred in the first place. What can I do to prevent syncing issues. The problem is that if someone goes wrong, I won't know until much later.

×
×
  • Create New...