WonderPass

6 minutes ago, seancojr said:

WonderPass, I am curious to know if you've done research to be able to make the following statement—or if this your personal conclusion.

I can't imagine that a company as successful as Dropbox made a business decision only for it be deemed as a “flaw in their architecture”. I feel inclined to believe it is more likely they offer this as a solution for reasons related to security.

As such, I've taken a few minutes to find reference material that addresses your concern.

Dropbox allows third-party developer apps to request access to a Dropbox account via two methods.

• A specific folder in your Dropbox account. The app can only access files in that folder.
• All folders and files in your Dropbox account.

The second method was previously addressed by Vinod, in his statement:

When designing Enpass, the team opted to request access to a specific folder so that a scenario such as the one described above doesn't occur, should a user's OAuth token become compromised—and it could happen, just as Vinod explains, you link your Dropbox account to a device owned by friend/partner/relative, granting them access to all of your folders and files... if their device or the OAuth token used to authenticate to Dropbox become compromised, then too does everything you have depended on Dropbox to securely store. I understand, we are speaking of probability for the incident to occur. What frightens me is what would happen if that did occur and how the user would respond. Someone would be blamed and it would be a a choice between the developers of Dropbox and Enpass.

So much to unpack here. 

Yes I did research this hence I know how it works. 

Dropbox being big and successful does not make them right in all of their decisions. If you’ve worked for a large company some of the worst design decisions are dressed as a feature because it’s easier than fixing the underlying issue  

The poor architecture is the failure to anticipate that whilst locking down access of the app it then precludes interaction with those files with other users. You may consider my position arrogant but the fact that Enpass is supposed to allow shared vaults would indicate that this architecture doesn’t fit actual use cases. That the solution is to create this hyper restricted folder indicates that the all or nothing OAUTH model is on reflection a poor design. 

But frankly my opinion is unimportant as I have deleted Enpass. 

6 hours ago, xarekate said:

@WonderPass Ok, I see. But how exactly a person without a cloud account can use a vault within your shared folder? 

There’s a misunderstanding here. 

You both need to have the same service eg Dropbox but you only need one each. Enpass would require you have one each plus another account (that you both know the username and password for) in which you put the shared vault. That is to say THREE accounts between you. 

Unfortunately SafeInCloud does not have shared vault support and it sticks its data files in Dropbox/App folder, the one with the most restrictive (i.e. none) share settings.

Well you promised this would be fixed before 31 Jan and here we are 1 Feb, still busted.

WebDAV for Box is now passed its EOL date.

I have such malevolent feelings towards this product and how the development team has behaved.

On 12/31/2018 at 8:46 PM, Eichboson said:

When trying to update the AppStore to version 6.0, this fails. After pressing the update button, it takes 2-3 seconds for it to return again to the update state.

Lucky you! If only I could get back to v5 so I could start an orderly migration away from this mess.

10 hours ago, xarekate said:

I'm just curious, how you managed to share your vaults with others in general? Were those people registered at the same cloud storage provider (in your case dropbox) and you only shared your vault-folder to their accounts or were they 3rd party users (guests) with no dropbox account at all? 

1Password does not force the Vault into the App folder, so you then able to share the individual file with other users without needing a redundant third file store.

Dropbox in their wisdom have locked down the App folder to be unshareable - which suggests an underlying flaw in their architecture that they have had to do that.

12 hours ago, MisterT said:

... and... that's it !

Now, we just need to 6.0.3. bug to be corrected, and all will be fine...

Congrats on working out a solution that works for your setup. 

A multiple step self rolled file store to replace a simple commercially available log in isn’t a great alternative for, and is beyond the capability / interest level of, the average user. 

I don’t buy a car so I can tinker with it, I don’t pay for features so I can then build a bespoke platform to deliver them. 

I’m sure there will be some people who will be happy to go this route it’s not really a workable alternative for the majority. 

12 hours ago, MisterT said:

... and... that's it !

Now, we just need to 6.0.3. bug to be corrected, and all will be fine...

Congrats on working out a solution that works for your setup. 

A multiple step self rolled file store to replace a simple commercially available log in isn’t a great alternative for, and is beyond the capability / interest level of, the average user. 

I don’t buy a car so I can tinker with it, I don’t pay for features so I can then build a bespoke platform to deliver them. 

I’m sure there will be some people who will be happy to go this route it’s not really a workable alternative for the majority. 

I’m done with you clowns. 

You deleted functionality that users weee dependent on. Remove a working and realistic method of multiple vaults and instead expect users to set up redundant cloud sharing accounts. 

How about instead of window dressing bug fixes you restore functionality for the people that you cut off from their vaults. 28 days and I now have 6 divergent vaults on Box and no means of effectively merging these in the event you ever restore the functionality that you robbed us of. Robbery being a fair description for taking money for features that you then scrapped without warning leaving users with orphaned data. 

16 hours ago, IndigoWhite said:

You can download the previous versions of Enpass from this link 

Unfortunately doesn’t help iOS users. Can you advise if the vault still works (ie is structurally coherent)

9 hours ago, maeck said:

...What's the restriction behind this?...

Hope you could change this ... please.

Marcel

//Edit: Opened a separate thread, because i didn't saw this thread, sorry. Thanks for merging my thread into this one.

The restriction behind this is that they stupidly chose to use the most restrictive set of file permissions which prevents sharing of the file from the file sharing service

A total failure and destructive. 

Box sync removed without warning. I now have six local vaults all fragmenting away from a common truth.

allegedly will be replaced by 31st Jan. this is will result in 31 days of 6 vaults diverging. Completely destroying my data. 

Add to this the p—poor shared vault architecture and the whole thing is a fragmented disaster now. 

I hate 1Password but I’m going to have to go back to it. That is how bad this rollout has been for me. 

This architecture of one vault per cloud service and the insistence on using non shareable folders fails to take account of how actual users work in the real world and offloads complexity unnecessarily into the user instead of working out the appropriate application architecture to support actual use cases. 

Multiple vaults as implemented is not workable in the real world. 

As a user I refuse to setup another Dropbox account in order to share vaults with my family because Enpass has setup a deficient application architecture.