Jump to content
Enpass Discussion Forum

Jo Ried

Members
  • Posts

    4
  • Joined

  • Last visited

Jo Ried's Achievements

Newbie

Newbie (1/14)

  • First Post
  • Week One Done
  • One Month Later
  • Reacting Well Rare
  • Conversation Starter

Recent Badges

0

Reputation

  1. Hi @Abhishek Dewan Hi @Noah Williams I am glad to hear that Enpass is planning to support FIDO Passkey soon, as was reported here in the forum. Is there already a plan when the Enpass version with Passkey will be available? iOS 16, Android 9, Windows Helo already support Passkeys in my opinion. Enpass, i.e. a comprehensive solution, can absolutely score points here for all those who, like me, are on the way with several operating systems (Linux, Win, macos, iOS, android in my case). But the availability of the Enpass version with keypass support will be very crucial.
  2. Thanks for moving the question to ssh request, but there is still the open question regarding WebDAV will Enpass copy the file to a insecure location?
  3. I use a WebDAV connection with a self-signed certificate for local synchronization. The DNS name that is automatically assigned by my router is very popular in Europe/Germany, nas.fritz.box. Enpass works perfectly with this setup because I can explicitly tell it not to verify the certificate because it's self-signed. But am I creating a security vulnerability by doing this? Enpass automatically syncs the vaults when I open it. If someone wants to steal my vault, they will see that there is a DNS request for dns.fritz.box and create the DNS themselves. On the second attempt, when Enpass tries to sync, the hacker will accept every user and password and will now know the WebDAV DNS name, user, and password. What happens when Enpass tries to sync and sees that there is no file? Will the file be created and copied, or will there be an alert? If it is simply copied, my password file could be stolen when using hotel Wi-Fi. If there is an alert, I will know that someone is trying to steal my vault file. I know that self-signed certificates are not a good idea. It would be great if Enpass could use ssh(fs) for file syncing.
  4. I tried to figure out what does this function is for? I'm currently switch from Lastpass to Enpass and I'm looking for a function which covers, stores and show the password history! cheers
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Privacy Policy