Jump to content
Enpass Discussion Forum

Damasta

Members
  • Posts

    63
  • Joined

  • Last visited

  • Days Won

    2

Damasta last won the day on March 18 2019

Damasta had the most liked content!

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Damasta's Achievements

Rookie

Rookie (2/14)

  • First Post
  • Collaborator Rare
  • Conversation Starter
  • Week One Done
  • One Month Later

Recent Badges

21

Reputation

  1. Since Enpass doesn't seem to support Biometrics to sign-in when it's installed in an Android Work Profile, we tried using a PIN instead. Despite that, Enpass still requires the masterpassword each time we try to sign in to Enpass in Android work profile. How can we allow convenient and yet secure sign-in to Enpass in Android Work Profiles?
  2. Hi Team, for security reasons, we enforce access to our M365 SharePoint only from compliant devices. On Android, that means the app accessing SharePoint needs to be within the Android Enterprise Work Profile. However, when Enpass is installed within in the work profile, it doesn't recognize that Biometric sign-in is configured for the device and refuses to enable it. PIN is the only way to enable convenient sign-in. Is that a bug in Enpass or a "feature" of Android Enterprise work profile?
  3. Thanks James. No offence, but I've been using Windows Hello Since Windows 10 launched back in 2015. I know how to turn it on and use it. But obviously, Enpass does NOT. While all other apps and services happily use Windows Hello on all my devices, Enpass appears to be the only one that arbitrarily decides to stop using it - locking unsuspecting, non-technical users out of their most important assets: their digital access methods. And judging by Abishek's responses it seems to be "by design". That is, apologies for the ranting and venting, stupid. Every security expert will tell you these days that invalidating access periodically (reasons are irrelevant) and forcing users to re-new or re-configure their access is a security RISK. Because it encourages users to (re-)use simple, easy to remember passwords instead of complex passwords that they can set and forget. Or better yet, not use passwords at all any more. From a professional as well as a noob standpoint, this user experience is wrong and rotten. I am evaluating other products for friends and family and myself of course as we speak.
  4. Abishek, thanks again. "Offline" is ... an interesting point of view. After all, Enpass supports various cloud and network storage locations for vaults. Also, if my data is under my exclusive control, then do not meddle in the authentication mechanisms I choose for my data. Turning off biometrics without warning, user consent or any recourse is highly disruptive to say the least, and ultra-destructive in the worst case. Do you realize this is like my bank removing access to my money and other valuable property without my consent? The moment I switch my authentication of choice to the OS' biometric MFA framework (based on your advertised functionality), the master password became obsolete. With Enpass unilaterally reverting that choice, you have blocked access to valuable (potentially vital!) data. Selecting my authentication method to my data should not be Enpass' choice, it should be mine. No place in your documentation, guides, FAQ or even this forum seem to indicate that Windows Hello simply turns off ever so often. Your claim above "For security purposes, Enpass may occasionally prompt you to enter your master password or in certain situations, like after unsuccessful verification attempts via Face ID/biometrics/Windows Hello." is undocumented. Hence, you took a supported feature away. But regardless, that is beside the point. I am NOT asking to recover the master password. I AM asking to force-enable Windows Hello again which worked fine - until Enpass turned it off for no reason and without my consent. Enpass claims to support Windows Hello - please do so at this time and restore Enpass' advertised (and my paid for) ability to use Windows Hello. Please don't force me to post this circumstance to Google Play and MS Store reviews. But I will, as Enpass currently seems to be a positive danger to use. I will also switch my own keystore to something I can rely on 100% and stop recommending Enpass to clients, friends and family.
  5. Hi James, thanks for your suggestion. However, I don't see how turning Windows Hello off will let us re-gain access to the app? We do not remember the master password, since, for a long time, it was not necessary. And users being human tend to forget stuff they don't use for a longer time. My request was to force Windows Hello ON in Enpass, so we can authenticate using the established, trusted MFA of Windows Hello - not the unsafe, single-factor sign-in of Master Password.
  6. Thanks for the disappointing answer. Please understand that we/I are frustrated that Enpass appears to make our life more difficult, not easier. Here's why: 1. Enpass stopped accepting biometric sign in on ALL her devices - both Windows and Android. So we have no biometric recourse. 2. I understand the master password is gone, permanently. And no one on the planet can help us recover it. Which is why I didn't ask to recover the master password, I asked to restore biometric sign-in, which is already established on trusted devices and works fine for all other apps. 3. I am quite familiar with Windows Hello. AFAIK, it does not signal failed sign-in attempts to the requesting service, only successful ones. Enpass can't know whether sign-in failed or not. Especially not on devices with Hello Face Recognition, where there is always a fall-back to the device PIN, making Hello sign-in 100% successful every time. 4. Why does Enpass take it upon itself to determine whether a third-party (!) biometric security solution can be trusted? That should not be Enpass' concern - ever. 5. Windows Hello is, by definition SAFER than Enpass Master Password. Device-based biometrics (on Android also) are, by definition, Multi-Factor, whereas the Master Password is single-factor. So by turning Biometric MFA off without user consent, you weaken security. Also without user consent. Claiming that you are improving security by periodically requiring the master-password and defaulting to single-factor-auth. seems counter-intuitive. Given this design flaw, I (as a paying user) request one of two things: a.) Provide an unsupported private build (!) for me/us that has Windows Hello force-enabled. We will use this to re-gain access and set a new master-password. After that, we re-install a supported public build from the Store/Play. b.) Change Enpass to NEVER disable biometric MFA without user consent. At the very least, provide a user-configurable option, which, by default, is set to NEVER disable biometric MFA, regardless of the circumstances. Make sure that when this update rolls out, it will automatically re-enable biometric sign-in wherever it was turned off. Alternatively, move the vault-unlock sign-in into the app, so that we can start the app and access the settings without unlocking the vault. Require vault sign-in when the user wants to access their vault, not before the app starts.
  7. Hi all, I onboarded a non-technical friend to Enpass Windows and Android. She used Biometric sign-in for a while - until Enpass simply stopped offering to use Windows Hello and biometrics on Windows AND Android for no obvious reason. (Why does that even happen?) She always signs in to her device using biometrics, so she is authenticated and trusted. Also, her device is trusted. And Windows Hello is, by definition, MFA. So it should be significantly safer than the master password alone. How can we force Windows Hello unlock instead of Master-Password? She can't remember the correct master password, so she's locked out of all of her accounts - unless she can use Windows Hello to get back in. Thanks for any and all help!
  8. Awesome - thanks, got it now with your direct link. FYI: I'm on build 22000.71 now and Enpass seems to be working again as expected.
  9. Before anyone says anything... yes Windows 11 is still in preview. But General Availabiliy is not too far out, so Enpass might as well start working on bugs - just like Microsoft. I'm on build 22000.65 right now, and Enpass stopped working. It would crash silently a second or two after showing the splash screen. Naturally, I thought re-installing might help, so I uninstalled it. However, Enpass isn't available on the new Windows 11 Store - only the Edge Browser Extension is. So I'm stuck and can't even reproduce the bug anymore. How can I help to make Enpass work on Windows 11? (btw. every single other app works fine!)
  10. No, has nothing to do with the store. Store is fine, as far as I'm concerned. In fact, the store is my preferred app source - on any platform for a zillion reasons beyond the scope of this thread. AFAIK Enpass chose Qt as their app framework, whereas the previous version was a universal Windows app. Both were/are sold through the store. The version 5.x UWA supported Hello just fine, the newer release 6.x has been a nuisance since day 1.
  11. Like clockwork, my Enpass keeps reverting back to light mode, after I set it to dark mode. Not entirely sure when/why this happens, but at least once a week. It's been this way since day 1. Please fix this!
  12. Indeed. Which means Enpass chose the wrong platform.
×
×
  • Create New...