Jump to content
Enpass Discussion Forum

My1

Members
  • Posts

    107
  • Joined

  • Last visited

  • Days Won

    4

Everything posted by My1

  1. maybe they are adjusting a little for the apple tax?
  2. I am german myself but that's interesting
  3. I am german myself but that's interesting
  4. you have a screenshot for that?
  5. well I have tried to get them to state something that they cant resily run away here:
  6. can you (or someone else from the team) write that last sentence again but replace the last instance of the word "premium" with "all"? so it says that they get all features without additional cost so we have an actual promise you cannot ride back on it.
  7. an ironic spin on the idea that there are now two tiers of paid users and nobody knows whether or not this will happen again
  8. wait there's a reduced rate for the first year in Korea? okay... because at least when I look at the pricing page it's 21,49€ per year, and yes that's over twice of what pro originally cost
  9. sure but what makes sure that newer features down the line might exclude Lifetime premium users? I mean recurring costs is an argument against anything lifetime.
  10. kinda yeah at least they stated that the new Lifetime plan will include the new stuff, but if you dont need those you dont need to rush
  11. well there is a one-time option. the like 70€ lifetime option
  12. well that would leave a REALLY bad taste, I mean the idea that things like 2fa recognition which requires cataloguing sites and checking for password leaks also is dependent on online services and therefore create cost (assuming they arent just directly using the pwned passwords API, someone should maybe look into that) needing recurrent costs is kinda legit tbh
  13. Okay, at least something, although before the subscription came at least @shiQzaL said that it was promised that a subscription wont come (sadly I have no source on that), then it came totally axing that idea, but with the promise that pro users wont have to pay again (which we have linked above), which was at the very least sidestepped by the new premium moniker, which as said is not helpful for trust, but for the specific feature set understandable. regarding the reveal of the new features with all its implications a bit before the beta as an announcement of the current plans and that it's tested in beta soon, or whatever would have helped at least not make it completely ridiculous
  14. @KMSWZ playing devil's advocate, I would say that the premium features might not technically be part of the app itself. but yeah it obviously was not a overly nice decision, also some chop logic: The new feature's arent PRO features, but PREMIUM Features. (I am fully aware of how stupid this sounds) @Vikram Dabas 2 Questions that are unanswered: 1) on what basis resides the claim that premium one-timers are not having to pay for stuff again and how are users supposed to trust that, as technically speaking, you could throw in a "deluxe" feature set next year and expect payment for these again. 2) why the stealth? As said I havent found an announcement or anything really, there was just the update and then the news reporting on some german tech news site.
  15. well it better be, that's what was promised after all. while I can understand that, the first reveal should NOT have come from a semi-random german tech blog, but rather be announced in advance, while the entirety of this should have been explained in detail instead of just stealthing this in, it's not just the facts themselves that make you look bad, but in my opinion at least the way the facts were presented as well, there was no indication on the forum, no blogpost, no official sources at all, only screenshots from the app. okay that's nice to know although obviously you know how this sounds considering the previous statements regarding pro, also at least on the forum there's one commenter who stated that he has the new one and still got asked. also considering that recurring costs are the reasoning for the new paywall for old users, who says this wont change next year, especially since it's just a bit over a year since the subscription happened and the promises were made. --- while I can understand the move from a financial perspective, the only thing enpass has to get and keep users is reputation and trust built on that, as the thing is not only paid but also not open source which obviously means that people cannot be certain of ANYTHING really on enpass and going around past promises in a semi-stealth manner is definitely not helping with that.
  16. oh that sounds hilarious, you have a place to quote that? This would be a fun blog post
  17. what was the first broken promise, considering you say again. although not saying I couldnt have predicted this.
  18. as well as how the users of the new Lifetime License will be handled. because if your promises age like milk that is not overly awesome and since all you have is trust and a reputation (as there is no source or anything, destroying that trust is totally not helping
  19. well that just aged like milk. https://stadt-bremerhaven.de/enpass-passwort-manager-moechte-pro-nutzer-zur-kasse-bitten/ (german but TLDR, they want money for some new features)
  20. My1

    Security audit

    you need to read my message entirely, and in the context of enpass being an offline-first password manager. for access to data online 2FA is totally useful and awesome, but if you have the data already like your enpass vault on your computer, TOTP and the likes cannot add to the encryption due to the dynamic nature of the codes. you would need something like a smartcard with encryption keys for proper 2FA on offline data. a code that is dependent on the time like on TOTP, or dependent on several factors on U2F cannot be used to add encryption since you cant get that same code/data later on to add that to decryption. sorry for posting a link to my blog but I explained this in depth over there: https://blog.my1.dev/steganos-privacy-suite-19-is-a-joke TOTP and many other dynamic code formats can literally only be used to allow or deny access to something, however when the data is already sitting there, just encrypted, there's nothing you can allow or deny, as you could just either hotwire the checks in RAM to skip that part or decrypt the wallet yourself outside the password manager
  21. My1

    Security audit

    I wouldnt even say no requirement but most common 2FA used in the web (TOTP, SMS, U2F) would be pure snakeoil as they couldnt contribute to the encryption in any way
  22. you have to say you already have got it and confirm your email address to access the pro ver
  23. couldnt you just use "sign in with apple" and the rest would happen automatically? same as what is possible with google?
  24. they dont ask you to pay again, in fact even people like me who could get the android version for free get full access now on all platforms: basically you just say already registered, sign in, click sign in with google and boom.
×
×
  • Create New...