Jump to content

sxc4567

Members
  • Content Count

    6
  • Joined

  • Last visited

  • Days Won

    1

sxc4567 last won the day on June 27 2016

sxc4567 had the most liked content!

Community Reputation

3 Neutral

About sxc4567

  • Rank
    Newbie
  1. FWIW, the "pre-release" add-on (reported as v 5.5.0.1 even though the downloaded filename says 5.5.0.2.xpi) works perfectly on FF 57.0 (just GA-released) running on Ubuntu 17.04 with Enpass 5.6.0. Thank you for the great work, Enpass team! Now, I agree with commenters elsewhere who suggested this add-on ought to be made available as an official FF extension for all the obvious reasons.
  2. A key reasons I use Enpass over competing solutions is that I'm keen to keep my vaults local. I know it's all encrypted but prefer to shield myself from future encryption vulnerabilities and brute force attacks... So, in order to sync between my Ubuntu laptop and iPhone, I setup a WebDav server on the office WiFi, which seems to work well. However there's an issue with the iOS app: whenever the WebDav server isn't available, it keeps pestering with red "Error syncing data" banners. These come back a few seconds after being dismissed (the Linux client's UI is better behaved, simply colouring the sync icon red). Thankfully these banners aren't too intrusive but I'm wondering what they imply; presumably every re-appearance means the app has again been looking for the server. An attacker could observe this behaviour and try to exploit it. May I suggest some ways to improve this? Provide a "manual" (vs. the current "automatic") syncing option and a button allowing the user to explicitly request a sync from the client (the Linux client sort of has this: a "sync now" button under "Status: couldn't connect to server"). If the client/app is in "manual" mode, then sync only occurs when explicitly requested. Automatically switch to "manual"/"offline" after a number of repeated automatic sync failures rather than keep trying. (smart feature): offline/online behaviour could be tied to a WiFi network (ie: sync is auto-enabled when on a known network). These three features are incremental improvements; ie: one could start with feature 1. for the bare minimum which would address the current shortcoming. PS: Clicking "Disconnect" in the Sync settings pane is definitely not a solution as it clobbers the complete sync settings. Many thanks! Chris
  3. How do you sync your mobile device(s) with your desktop/laptop without relying on a public cloud service? You could run an OwnCloud or WebDav server privately but it's rather heavy to set up. I have used eWallet for many years and it has a rather elegant solution to this problem: the desktop client can act as a sync server on the LAN. A trust relationship must first be established with the mobile device(s) and presto you have fully private syncing without the need to install any additional software. It sort of works the opposite way of the "local WiFi" option that's offered when you first install Enpass on an iOS device and offers true syncing as opposed to just backup/restore. One of Enpass' key USP is the fact that it doesn't compel its users to store their precious data on random cloud servers. Despite being encrypted, the vaults could be retrieved then subjected to brute force attacks offline. Future exploits against encryption algos and Moore's law make this an unattractive prospect to many a user. Offering this feature would certainly strengthen that Enpass' USP IMHO. This feature could also enable syncing with any future "dropbox"-style public cloud service (ie: any cloud that's transparently accessible via the desktop's filesystem) without incurring any additional dev work. Please let me know if this is unclear and/or it would be useful to post a video of how this works on competing solutions)
  4. Hi @Hemant Kumar, This sounds great! If multiple databases are supported, it would finally be time for me to migrate to Enpass! Couple of quick q's: What's the "Portable" version of Enpass? Will multiple DB support extend across platforms, to include synchronisation eg: Linux & iOS? Many thanks! Chris
  5. As stated elsewhere I'm evaluating enpass as a replacement for a solution I've used to 10+ years - which doesn't even have a Safari integration feature so enpass wins anyway... So pretty much the first thing I tried is to sign-up for this forum on my iPad ;-) Naturally I brought up the iOS extension and went to 'create new sign-in', expecting to find the password generator there...?
  6. Lack of multiple vaults support would be the one thing to hold me back from adopting enpass. I have used eWallet for 10+ years and am considering enpass primarily because of Linux support and because eW doesn't seem to see much innovation in recent years (eg: their iOS integration is still subpar). I tried 1password but it failed at Linux support and also proper multi-vault support. I'd suggest keeping it simple; separate vaults which can (easily - 1-click) be selected at startup, stored in separate files/databases. For users who don't care about multiple vaults, this shouldn't intrude their workflow. I think eWallet's implementation of that feature is "just right"...
×
×
  • Create New...