Vinod Kumar

Hi @Djf2884,

Yes, you can sync Enpass data with synology box, but you have to enable webdav support in it. This tutorial might help you to setup webdav on Synology NAS.

Hi @niayh,

Thanks a lot for choosing Enpass as your favorite password manager. I really appreciate that you spent your valuable time in reporting the problem in such a detailed manner. 

Actually we have already implemented the solution suggested in links provided by you but doesn't solve the issue. Thanks for bringing this into our notice. While testing we found that it happens in Chrome on surfing through lengthy pages (like one you mentioned) but doesn’t appears while you scroll through Twitter. Similar behavior was found in Lastpass when you enable the option ”Search for password fields in other apps". However, we are constantly trying to improve it and further suggestions are welcome.

Hi @opm_baer

Oh sorry, Keepass importer does flatten the folder hierarchy. An improvement ticket has been opened. 

For the time being, I am afraid you  have to do some manual work to keep your data organized in original structure. You can create folder hierarchy manually (all folders and subfolders). Than select & drag all selected items from imported subfolder and drop into desired subfolder. 

Noted and added to roadmap.

Hi all,

Thanks for your inputs. By design, Title and Note are not fields, they are like attributes of the item. So, normal field edit operations like sensitive, remove, rename can't be done on Note. 

Hi @Ryan,

Thanks for sharing your thoughts. Our current password strength meter was designed primarily for our password generator only. It is entirely based on entropy calculation. Unfortunately it doesn't check for dictionary words because it is very highly unlikely that our  password generator will generate a dictionary based password. However, we do check for 10000 most commonly used passwords and mark them very weak. 

The good news is that a better password strength meter inspired from dropbox-zxcvbn is currently in primary stage of development. I would also like to share that a new password generator (with Diceware for pronounceable passwords) is ready to be rolled out for all supported platforms soon.
 

Hi all,

Interesting discussion. Just to spice up the matter I would like to add few points 

We do not use delta/diff uploads. If a newer file is detected, sync-engine downloads the whole file from the cloud. After syncing the whole file is uploaded to cloud. Reason being, no cloud other than Dropbox supports delta uploads/downloads.

So, a single (all-in-one) monolith database will impact sync performance and data cost. However, one file per attachment will also hamper sync performance/reliability when no. of attachments grow.

In my personal opinion, Bigger attachments (images/pdfs) are big no-no for inclusion in main database and must go in separate database. However, there must be an option to allow inclusion of small attachments(<5KB) in main database.

BTW, we will start the development for attachments support very soon in the best possible manner. Your suggestions are always welcome.

Indeed Enpass is an offline password manager and saves your data locally in your device and in any case we do not take any of your personal data. But yes, Enpass does connect to internet with the sole purpose to give best user experience. If you have seen a network activity for Enpass, it could be due to any of following reasons:

Cloud Syncing: If you have enabled sync with any of your own cloud accounts, Enpass connects to selected cloud account to check and perform sync operation.

Checking for update: Enpass connects to one of our domain (http://rest.sinew.in) having the information of latest releases with version numbers for all platforms or share any critical security news. It doesn't upload any information there except your version number and that too only to perform version comparison. In Windows PC version Win-sparkle ( the library used to download the update) also connects to dl.sinew.in to check update.

Google and Flurry Analytic: We use Google and Flurry Analytics SDK to constantly improve the App by checking the number of active users per platform. We do not log your master password, key or any of your Enpass data and this practice of using analytics is very safe and you don't need to worry about.

Why we do so? As Enpass is an offline password manager and this link is the only medium where we can share any essential information to the user. And most importantly, we respect your privacy to the most and in any case we don't keep any of your personal information on our servers. So you don't need to worry at all.

NOTE: Sinew Software Systems is the parent company which develops Enpass and owns sinew.io, sinew.in, enpass.io domains.

Hi @treege

All you said is true that keeping the TOTP at the same place with passwords garbles the purpose of second factor authentication. If the master password of Enpass is compromised there is no actual second factor left. For the same reason we did’t add the TOTP support for logins in Enpass for a long time. But there were too many customer requests with references to competitor products showing desperation and a use case.

Hi all, 

It is confirmed that after any of recent update, ESET is causing the issue by blocking connections to localhost (Enpass browser extension connects to Enpass on loopback address 127.0.0.1 via WebSocket). Thanks @indikator for finding the workaround by adding an exclusion for localhost

ESET Advanced Settings -> Web and e-Mail -> Protocol filtering -> "excluded IP-addresses" -> add 127.0.0.1

Cheers!

Hi @Alatriste,

Debian based systems (like Mint) never had this problem, it was a Arch specific problem. However, by analyzing the lsof output, it seems root cause is same i.e. EnpassHelper is not running. Please try reinstalling Enpass from repo. Also please post output of following command

ls -al /opt/Enpass/bin

Hi Guys,

I am sorry for the trouble you guys are facing. Since last Friday, some of the users have reported the issue. It seems there had been some update of OS or any software in your PC, which is blocking connection of browser extension to Enpass. Please help us in dignosing the issue by letting us know

1. If you have installed or updated and Browser extensions recently?

2. Which Antivirus or firewall are you using?

3. Have you installed any additional security software like Trusteer's Rapport etc, and is it get updated recently.

Don't worry guys, we're working on it and will fix it soon.

Hi @sergsk,

There is no installer version for 32 bit systems. However if you are using debian based system you can install a 32-bit version from our repository.

https://www.enpass.io/kb/how-to-install-on-linux/

Hi @Craig,

Currently, Enpass autolock behaviour is overrided (always ask master password) when your machine goes idle or sleep. However, a proper setting to enable/disable this behaviour is in development.

Hello @Pedro,

Thanks! Added to roadmap 

@Matteo Qt has allowed non integer scaling in latest version but it still has too many problems. We are actively tracking upstream developments on regarding hidpi issues https://bugreports.qt.io/browse/QTBUG-50991 and will provide necessary updates. 

@Matteo Please try adding following environment variables  to force for 150% scale on your primary display.

QT_AUTO_SCREEN_SCALE_FACTOR=1
QT_SCREEN_SCALE_FACTORS=1.5   

Hi all,

We countered the reported issue in Enpass downloaded from AUR repository. The package in AUR repository trims one of the executable named EnpassHelper (Responsible for Pop-up window of extension) which results in change the SHA256 checksum and main Enpass App fails to execute it. This checksum verification for validation against tempered executable on Linux was introduced in version 5.2 (while on other platforms code signature verification was there) and thats why older versions are running smoothly. 

It seems that AUR installer is removing debug symbols from EnpassHelper, reducing its size from 2.6 MB to 2.4 MB, hence checksum mismatch. The possible fix is:

1. Install Enpass using installer download from here https://www.enpass.io/download-enpass-linux/

2. Modify AUR build script so that it doesn't modify EnpassHelper binary in any way.

@Plonqor OpenSSL on these systems is not compiled with necessary flag to include ciphers required by SQLCipher/Enpass, hence this error. Anyway we are releasing an update that will use bundled version of OpenSSL instead of system one.

@Tamaskan Qt Hidpi support for Windows and X11 need to be enabled explicitly by app as per qt docs: http://blog.qt.io/blog/2016/01/26/high-dpi-support-in-qt-5-6/

Quote

Case II: Qt supports the scaling and computes a scale factor.

Supported platforms: X11, Windows, Android, Eglfs

Qt can enable devicePixelRatio scaling on platforms that do not support it natively. This can be done via an environment variable or an application attribute in the application source code:

QT_AUTO_SCREEN_SCALE_FACTOR=1 ./myApp
QGuiApplication::setAttribute(Qt::AA_EnableHighDpiScaling);

Qt will then query the the operating system for display metrics using native API, or in the eglfs case fall back on QT_QPA_EGLFS_PHYSICAL_WIDTH, QT_QPA_EGLFS_PHYSICAL_HEIGHT and the display pixel size.

So, It is enabled in Enpass explicitly. Qt doc also says it might not behave well for some users, so provides an environment variable override:

Quote

Enabling can also be vetoed, either by environment variable or by the application:

QT_AUTO_SCREEN_SCALE_FACTOR=0 ./myApp
QGuiApplication::setAttribute(Qt::AA_DisableHighDpiScaling)

The use-cases for vetoing are “I’m not getting correct DPI values from my displays” and “my application really needs to work in display pixels”. Note that this vetoing only disables “Case II” scaling: Qt can of course not change how the OS works, and manual set scale factors (below) are also kept as as a separate case.

Hidpi support is still far from perfect in Qt and still a work in progress (specially for non integer scale factors ie. 1.5[150%] ,1.75[175%] etc) : https://bugreports.qt.io/browse/QTBUG-50991

We are still gathering inputs from our customers whether to enable Hidpi support explicitly or not.

Hi all,

Enpass now uses latest version of Qt (5.6) for drawing its user interface. It is supposed to handle scaling on hidpi or scaled desktops by default. If you are facing problems on your pc, you need to override default auto scaling behaviour of Qt using the method suggested by @Tamaskan.

Linux ->Add following line to runenpass.sh or set this environment variable

export QT_AUTO_SCREEN_SCALE_FACTOR=0

Windows -> Add the follow environment variable in Computer -> Properties -> Advance System Settings -> Environment variables->System variables->New.. with variable name  QT_AUTO_SCREEN_SCALE_FACTOR with value 0.

Also please share

1. Display resolution 

2. Percentage scaling OS is using for that display

As reported by our users Enpass 5.2 on Arch Linux is crashing on start. This is due to change in which we prefer to use system bundled version of OpenSSL instead of our own. But OpenSSL installation in archlinux is missing a required function. Please execute following command use bundled version of OpenSSL instead.

$ ln  <your-enpass-install-dir>/libs/libssl.so.1.0.0 <your-enpass-install-dir>/libs/libssl.so

Hi tuhlmann,

Are you trying to run Enpass from Terminal? If yes, correct command to run Enpass from terminal is:

/opt/Enpass/bin/runenpass.sh

Cheers

Hi all,

Please try to run Enpass from Terminal with following command:

/opt/Enpass/bin/runenpass.sh

Let us know what does logs on terminal says when Enpass tries to launch a browser .

Hmm... thats really weird.  The issue is certainly related to the default url launching program configuration otherwise it won't work in Gnome as well.  An update (with newer version of Qt framework) is just around the corner. I hope it will play well your KDE installation.