TN_Dude

Given that it would be a simple toggle, the user could opt to never use it. Or, in my case, where I'm using it on my home PC, it wouldn't be a security concern. Plenty of security related software allows toggling the visibility to make sure you didn't fat finger your password. Regardless, thanks for forwarding this on.

Please add the option to view the password you entered on the login to Enpass screen. Often when logging in, I enter the incorrect password and can't see what I entered.

I just installed MalwareBytes Firewall Controller and am seeing an attempted outgoing connection to Akamai via a powershell script. Does Enpass use those two technologies?

I'm using Enpass on Windows 11 and it does not require a .enpasskey extension. The dropdown for selecting the key file gives the default option of .enpasskey or All files (*). I'm currently using a file with an extension that is not .enpasskey. I do wish the dropdown would eliminate the .enpasskey extension and just have the All Files (*) option.

I don't rely or even look at what Enpass or any other site tells me is "good enough". With computers getting faster and clusters of computers getting cheaper, those suggestions have a relatively short expiration date. Over time, what was once "good enough" no longer is. I'm using a long password and letting Enpass keep track of it (meaning I don't care that it might be longer than necessary). I'm going with passwords that should be good for the foreseeable future, if not my lifetime.

Do you have enough disk space to export to? I ran into that problem.

It sounds like you are seeking permission to use weak passwords. I grant you permission. The point of password managers is to use the most secure passwords possible. I, for example, make mine 40 characters with all character types included in its construction. I do that because I don't have to type them in. That is the password manager's job. For the few passwords I might have to type in (such as my Chromebook password), I use a passphrase with enough words for at least 30 characters, but that is easy to type and remember. It sounds like your use case would be better served by Bitwarden or Proton Pass where there is access to your vault via their web page. When on another person's computer, you'd simply have to log in (using the memorable passphrase I mentioned above), then you'd have access to your passwords that you could copy/paste. I was a LastPass user when their vault was stolen. That taught me a valuable lesson about secure passwords. As such, I appreciate that Enpass is entirely self hosted. I do use Proton Pass for non-financial passwords that can be shared and that wouldn't damage me if stolen/hacked (such as Facebook, forums, news sites, etc.).

I'd love to see a setting added that would allow capturing the URL where only the domain is saved. An example would be something where a URL's domain was followed by something like: /en/login/oauth?bla would only save the domain in the login's URL field. Likewise, when you are resetting a password and Enpass sees the password and URL changed (because the password change URL often has a bunch of rubbish following the domain), it'd save just the domain to the login's URL field. As an added request, if the URL of the page you are on doesn't match the URL in the URL field, it'd be nice if it asked if you wanted to add a second URL rather than overwriting the current URL. NOTE: I tried using actual URLs for examples but doing so gets my post rejected as spam.

I'd gladly purchase the premium version IF I saw any regular development happening with the project - the latest release announcement is dated 2019.

I just started using Enpass within the week and really like it. But having perused the forums it doesn't look like the product is being actively maintained. An example is a request for Yubikey support that 3 years ago was said to be under development, but never delivered. The announcements forum hasn't been updated since 2016 (IIRC). So, can we hope for Enpass to be released to the open source community for maintenance/updates? I'd hate to see the project die, because as previously stated, I really like what I see.

I can live with the 25 password limitation IF they are the passwords I most desire. IOW, I rarely/never use most of my passwords on my mobile device. Is it possible to create a second vault containing just the 25 passwords I want and have the mobile device only use that vault?

Thanks for the responses.

I'm a new user of Enpass (free version) and have a question regarding the smartphone app. I see there is a 25 login limit to how many logins can be stored on the smartphone. How is the 25 to be delivered to the phone determined? Can I select the 25 or does Enpass just pull the first 25 it sees (or something similar)?