Report How can I secure my password-database better? in Data Security Posted February 12, 2021 Hey@AdvancedFabian Thanks for writing in! Your worries about security of your passwords from key-loggers is absolutely justified. Autofilling your passwords—rather than typing—definitely adds another line of defense against them. Now getting to your queries. On 2/8/2021 at 4:04 PM, AdvancedFabian said: - Is adding 2FA a good idea? Feels like that is destroying the 2FA, because with one password you get access to the password and also 2FA.. Maybe I should leave that in the google-authenticator? You're right that saving one-time codes and passwords at same place is not a good idea as it defeats the purpose of having 2FA. If the master password of Enpass is compromised there is no actual second factor left. For the same reason we did’t add the TOTP support for logins in Enpass for a long time. But there were too many customer requests with references to competitor products showing desperation and a use case (convenience). On 2/8/2021 at 4:04 PM, AdvancedFabian said: - How can I protect my masterpassword any-better? Is there maybe also a possibility for a 2FA, protect it with another OTP or 2FA or Finger-print? I have no problem to buy a sensor for my computer. For better safeguarding of your Enpass data you can also add a Keyfile along with the master password which becomes an additional requirement along with your master password to unlock Enpass app. Adding 2FA for unlocking Enpass won't be a genuine solution because of its offline nature. Since the data is not saved on our servers, there is no requirement of the second factor for its release. Neither it can contribute any way into encryption/decryption of local Enpass vault. However, the users who store their data on their cloud accounts (iCloud, Google Drive, OneDrive, Dropbox, Box and WebDAV), usually enable 2FA on their cloud-accounts, protecting them from unauthorized downloading of Enpass data on other unauthorized devices. Let me know if you have any queries.