Hi,
thanks for looking into this.
To produce the bug I select any message in the Fastmail web interface, click 'move to', and select some folder from the dropdown menu. After I hit 'enter', an Enpass popup appears asking me whether I would like to update my login credentials to the bogus password 'PIN'.
This is with Enpass 5.4.1, Ubuntu 14.04, and Chrome 56.0.2924.87 .