OLLI_S

Hello, I entered my login data for Windows News website and Enpass stored the data correctly. At the website the login is done by my username (not by email address). Today I downloaded the app of the Windows News website. Here the login works with the email address (not with the username). So I went back to the website entered my email address and copied the password from Enpass to the password field. Here Enpass showed the "Add new Entry" dialog. Suggestion If there is an existing entry in Enpass and the user logs in with a different username but with the same password, ask if the existing entry should be updated or if a new entry should be created. The same dialog that you show already when I enter a different password. Best regards OLLI

Please implement a feature in the Windows 10 Store version that the vault can be stored on a user-defined folder or that the file can be synced to OneDrive and also to a user-defined folder. So I can use the Windows 10 Store version, the vault is saved on C: (in the app folder) but synced to OneDrive and also to D:\

Although I use Windows 10 Pro I can not use the Store version because I want to store the Vault on my D:\ drive (make a weekly backup of my data). Or is there a way to store the vault on D:\ in the Windows 10 version. Maybe via a workaround? Regarding the price: So when I buy Enpass Classic (Win 7) then I have to pay for the Windows 10 Store version separate?

I don't understand why there is no official answer from the Enpass Team

Hello, some of my entries in Enpass have attachments. Enpass on Android can not open PDF files internally, so please add an internal viewer for PDF documents. Many attachments are in PDF format. Best regards OLLI

I have a Samsung Smartwatch (Gear S3 Frontier) and two colleagues have the same smartwatch. It would be fantastic if you also support these devices. I think they don't run on Android Wear but I am not sure.

Thank you! I wanted to see the changes in 6.0.2 (changes in 6.0.2 in comparison to 6.0.0)

I talked with a colleague about password managers and he suggested 1Password. On the website of 1Password I saw on the "Tour" site (https://1password.com/tour/) some features of 1Password. One feature is very interesting and increasing the security: They show which sites in your vault support TOTP but the user has not set up TOTP. Here is a screenshot from the 1Password site: Suggestion In Enpass add the entry "Missing TOTP" in the section "Password Audit". Here you should show all password entries, where TOTP is possible but not set up by the user. Here is a list of services that support TOTP: https://twofactorauth.org/ We had a Doxxing scandal in Germany where a young guy published many private information stolen from accounts of German politicians and German celebrities. This guy was able to steal the data because the accounts used very weak passwords (like 123456) and were not secured with TOTP. So this feature increases the security a lot!

Thank you @Roger Last question: is there somewhere an official Change-Log, so I see what was implemented in the recent update?

Hello @Roger I know this feature already but I want to download the favicon of the website. Websites like https://vulndetect.org/ have a specific Icon that I want to have. I work as usability engineer (software-ergonomics, usability, UX and accessibility). For users it is easy to identify an entry with the proper icon so downloading of the favicons should be offered. KeePass offers a plugin that performs that. Best regards OLLI

Hello, I have a suggestion for Enpass that increases the security of passwords and alerts the user when a website was hacked and a password change is recommended. The password manager 1Password has a feature called watchtower. They have an internal database of security breaches (database with information about hacked websites where user-data was stolen). In this database they store the website and also the date of the breach. 1Password stores for password entries two modification dates: modification date of the password modification date of the entry 1Password checks the password entries against this database. When a website was hacked after the password was changed in 1Password, then 1Password recommends to change the password. When the password was changed after the hack of the website, then users get no notification. So when the entry for a page was last changed today (like added some notes), but the password itself was changed 2 years ago, then users get a warning when the website was hacked 2 weeks ago. For the password manager KeePass there is a plugin available called HaveIBeenPwned. The plugin and the source code are available here: https://github.com/andrew-schofield/keepass2-haveibeenpwned This plugin downloads the public breach lists form "'have i been pwned?" and from "Cloudbleed Checker". The plugin checks (on demand) your passwords against these lists. In KeePass there is no modification date of the password. To get the modification date of the password the plugin checks the history of each entry and compares the passwords (to find out the modification date of the password). Suggestion: Please add also such a feature in Enpass in the Password Audits. In my opinion it is OK if you use the public available lists from "'have i been pwned?" and from "Cloudbleed Checker" (like the KeePass Plugin). This requires that you also store the "password modification date". When you import entries from KeePass then you should also determine the password modification date of the entry. In the KeePass XML the complete history is also exported. Regards OLLI

Hello, I love the identities and that Enpass fills web-forms with the provided data. But here I suggest some improvements. Split up date of birth You should spit up the date of birth into 3 fields day month (should be a list with the month-names) year At many web-forms you also have 3 fields and this way Enpass can fill them. Gender This should be a combo-box where I select from existing values. Correct values are needed to be filled into form fields correctly. Country Should also be a list where users select the value from. Also needed to fill forms correctly. Best regards OLLI

Can anybody please explain me how TOTP (2FA) works in Enpass (the desktop app)? How do I add 2FA codes?

Hello, sorry when I post again but I really need to understand the consts before I decide to switch from KeePass to Enpass. Best regards OLLI

Is this feature planned?

Sorry when I ask again but I really need a way to get rid of those globe icons...

I also would love to use Enpass to log into Steam and get rid of the Steam App (that I only use to generate the 2FA codes). This feature would be a good argument for me to switch to Enpass. And many of my friends are games that also would love to have such a feature.

Hello, in Enpass 6 most logins have a boring Globe icon. Just the icon of the Enpass-Forums looks correct. Is there a way to download the Icon of the website? Are you interested in the URLs where the Icons are not loaded? Best regards OLLI

Hello, it would be useful when you display the different characters in the password colored, so normal text characters (a to z) have a different color then numbers. Special characters should have a 3rd color. This way I can easily see if a character is a number or a character. Best regards OLLI

Hello, I habe a PC with Windows 10 Pro where I installed the Traditional Win32 version. Reason: I want my password vault to be stored on my data partition (I create a backup once per week) and only in the Traditional Win32 I can set a custom folder for the Data Location. Here I can not use Windows Hello, but I want the Dark Theme. I also have a Microsoft Surface Go, here I would love to use the Windows Hello Feature and the Dark Theme. So here I have installed Enpass from the Microsoft Store. When I buy Enpass on my PC, is this purchase valid for the Traditional Win32 version and lso the Microsoft Store version (using the same user account)? Best regards OLLI

Hello, Unfortunately here in the forums there is no category "Forums" so I posted this here in "Feature requests". I posted 1,5 years ago a feature request and the topic is now closed (I can not add a reply): https://discussion.enpass.io/index.php?/topic/1317-check-entries-agains-known-breaches/ Can you please re-open this older posting? So I can add a reply to this older posting. Thank you! OLLI

Hello, How can I use TOTP (2FA) within Enpass? Is there somewhere a tutorial available? Thank you! Best regards OLLI

Hello, I have a suggestion for Enpass that increases the security of passwords and alerts the user when a website was hacked and a password change is recommended. The password manager 1Password has a feature called watchtower. They have a internal database of security breaches (the site was hacked and user data was stolen) and check if the password of the specified website was changed after the breach. So they have two modification dates: one modification date of the password itself and one for the total entry. Example: The password entry for a page was last changed today, but the password itself was changed 2 years ago. When there was a breach for this website 6 months ago, then 1Password would alert the user and recommend a password change. For the password manager KeePass there was a new plugin released today, called HaveIBeenPwned. This plugin downloads the public breach lists form "'have i been pwned?" and from "Cloudbleed Checker" The website of the plugin is https://github.com/andrew-schofield/keepass2-haveibeenpwned Suggestion: I suggest that you add also such a feature in Enpass. In my opinion it is OK if you use the public lists (like the KeePass Plugin). So Add in the "Password Audit" two new entries for these services and check all password entries. It is up to you if you implement a separate modification date of the password. Regards OLLI

Right you are....

Hello, I am using KeePass and I think about switching to Enpass. But I also tested 1Password. What arguments do you have for Enpass? Why is Enpass better than the others? I am using a Windows 10 Pro Desktop and also a Windows 10 Mobile phone (Lumia 950 XL). I also have an older Android phone (Samsung Galaxy Note 4, this is the model that won't explode if you turn it on). Give me reasons to switch! Regards OLLI