Jump to content
Enpass Discussion Forum


  • Posts

  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

drjenk@gmail.com's Achievements


Newbie (1/14)



  1. Well that is fantastic. I guess I didn't know version 6 would have that. My whole point has apparently been moot. Lol.
  2. I use icloud. I'm not concerned with anyone external outside of Apple accessing my files, as you are correct, that is already 2 factor. I have no idea, no clue, how Apple handles access to data internally, nor who is in charge, nor who could theoretically access files, nor if these people have ill intent. And I can never know this, nor can anyone outside of apple, and outside of the cloud security people. Every company, especially one as large as Apple, is a microcosm of society, so you can bet there are now thieves employed there. I don't know, nor can I ever find out, if any single person can access my files there, especially from someone who would be very happy with getting a copy of an enpass file, secretly. And although my password is long and unique, I really don't know how long a brute force attack could take. And as a person here said, keyloggers etc, and it being an apple computer I use, and the extreme sensitive nature of this file, just puts enough doubt there for me to prefer that a single password could access hundreds outside of my control. Like I said, the author of Keepass thought it enough of a concern to put the "keyfile" feature in, which IMO would suffice. In fact I would use keepass instead on my mac if there were a decent mac port. But I do like the enpass interface better actually, just this one point gives me slight pause with using it. I still maintain it would offer that much more protection, and the "keyfile" like feature doesn't seem like it would be super difficult to implement from a software standpoint.
  3. +1. I read the FAQ, I still would feel more comfortable have a second factor to log in to enpass. Keepass has a "keyfile", which is a file with a really long unique string as contents. You store that file in a different location than your database. This gives some peace of mind knowing that if some employee of these cloud based services ever got access to your enpass data file, by accident or on purpose, any local brute force master password attacks would be meaningless. Yes I do use a long and unique master password, still would be nice. Just my .02.
  • Create New...