Jump to content
Enpass Discussion Forum


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Ivarson

  1. Not sure that's what op meant. If you edit and save Item A, then immediately go and edit Item B, the automatic sync process will discard the edits your doing in Item B if you're not fast enough to hit Save, which will reset the timer and buy another 5 seconds.. Perhaps you could suspend the timer to autosave if user is currently editing an item, or not discard the edit during reload of a database.
  2. No, the primary vault won't replicate to any additional vaults if that's what your after. It's sole purpose is rather the opposite, to segment items, like private vs work. You can copy or move items (one or all) between vaults though as a onetime operation. The cloud providers supported in Enpass are mostly oath-based so there shouldn't any any difference between which OS or device you're using
  3. On top of that, you have to add that Enpass is closed source, and makes outbound requests while the database is decrypted. So even with a yubikey, but yeah it would still be a huge improvement
  4. Hi @Vinod Kumar Couldn't there be a "flightmode" or something in Enpass? Or would such feature have to small audience? Supplychain-attacks aren't going away and with more and more builtin connectivity the risks for such inevitably increases. I'm thinking that would shut most outbound requests off. Disclaimers of less functionality, the need for manual update-checks, no favicons etc.
  5. There's no continuous dependency between any browser and Enpass. When you setup sync or perform a restore from cloud, Enpass gets a token from the browser. That's why the currently logged on user matters. When that's finished you can safely logout and login as another office 365 user without affecting Enpass
  6. Enpass only supports one primary vault. There's no selection involved, the primary vault then opens all the additional vaults that are configured. In your case you need to make sure that you and your wife has separate logins to the computer itself. That way you can also have separate primary vaults. Do note that the Account for App itself is only used for subscription / licensing purposes and is not tied to your vaults at all, so sharing that with your wife doesn't imply sharing vaults or items.
  7. Simple cosmetic request. Implement a setting that only shows the Categories which has any associated items in the leftmost pane, basically hiding empty categories. I know you can hide the categories manually, but it makes sense to have this done dynamically.
  8. here's an idéa. You've taken steps so that Enpass is now relying on your servers for licensechecking, fetching favico and probably something more. At the sametime we're in a pandemic where it's difficult for people to maintain security and integrity for some tasks. This includes sharing sensitve stuff like logins and passwords. For a mature organisation, there's probably less need for this internally since there's SAML, AD, AAD and other means, and of course if everyone has Enpass, you can share encrypted cards securely over email as long as you can get the PSK over in a secure manner. I do think that Enpass doesn't hit the above scenarios, so many users would appreciate a secure manner to sent creds But for those cases where you're communicating with an external member, or someone that doesn't have enpass, maybe you could implement a web-service that stores a chosen Item of Enpass making it possible for someone to retrieve it if they have a password provided through another channel. The item uploaded to, say, https://secret.enpass.io is of course end-to-end encrypted so there's a zero knowledge architecture here aswell. Upon visiting the link and providing the right password the items details are shown in the browser, and perhaps there's an "Import to Enpass" as well, although that's something overrated perhaps, it can be achieved through sending an enpasscard over email (unless it's blocked) The uploaded item is hardcoded to be temporary stored on your services, being deleted after first access of the provided link that the poster gets, or after 24 hours or something.
  9. The Cloud Synchronization-feature is just that, a sync. It's _main purpose_ is to provide all devices with a central point of data. It can not be conscidered a secure disaster backup. That's a general thing, files in sync are in constant motion and prone to be deleted, corrupt or such. On Desktops, Enpass creates backups per default on your device. These are versioned and should be at least copied to a separate drive, location or something once in a while. That's a generic recommendation for these kind of data. If your phone and computer are being reset at the same time (they're on your nightstand and your bedroom catches fire), you can of course restore your data from Google\DropBox... you'll have the latest version of the vault for sure, but you won't have much alternative if the cloud-version is corrupted, missing or whatver. You should also _always_ have alternative recovery methods for your primary cloud identities like Google or Microsoft. This can be printed out codecheats, recovery email-address or Security Questions (which I reaally hate, but still) or other means.. While documenting the password for your chosen sync-provider (Google,OneDrive) in Enpass is one thing, I'd even vote against using a random password there. Use something you'll remember that's still unique but still memorable and make sure to use additional factors like OTP, FIDO, or other device security. Enpass' sellingpoint is a local software which does (most) it's logic on your devices with crossplattform, coherent support for mobile- and desktop. You can't really blame them for what they're not claiming to be. I use Enpass _only_ for TOTP-items (since it nicely shows them in my smartwatch), and for passwords and other secrets I use keepass-derivates like you mention. That gives me cloud-sync, Yubikey-support (2FA) and AutoType, all on both mobile and desktops using free software (as in speech). And besides it feels stupid to store OTP together with passwords in a software that doesn't allow a true second factor since data syncs to cloud etc.) Think your disaster-strategy through, it's not the software's responsibility to do so :-)
  10. Sorry, but I fail to follow. No you can't recover the password, nor change it, without knowing the current one. If you still have access to all your items from any device (by using biometric), you are able to change (if needed) the registered email (account) to get Pro-features (setting up a second vault). If you can't get into the vault by any means, you're locked out if you don't have older backups. If you still have access to the data with biometric login, Enpass Support should be able to assist you if you need help to a. Changing the account so you'll get the Pro-features you pay for b. Setting up a second vault with fresh password (wont need the password for initial vault), copy all items from vault A to vault B, perform backup on vault B, wipe Enpass data and setting it up again restoring the backup you just made. Anyway, hope support will help you out.
  11. To do the above, you need to be able to have two vaults in Enpass. This requires Enpass Pro or Premium. When you bought the license, it should be tied to an email-address you entered at the time. Do you currently have the Pro-license activated in Enpass? If so you you just create a new Vault and copy all the items from the current one into the new one. Its important that you distinguish Account from Vault. You can only have one account registered in Enpass. This has nothing to do with the actual content\items, but as said earlier, the Account needs to leverage Pro or Premium features. The vault doesnt contain any registration-info, it's purely the encrypted items. In free mode your stuck with one vault. In Pro or Premium, you can create additional vaults after the main one is created. If you really do need to change the account within Enpass, this doesnt require you enter your Master Password neither.. Hope i've shed some light..
  12. You've got it wrong in how it works.. you'll probably get help from support, but just to chime in; The registered account tied to your purchase isn't related to your encrypted vault. it just gives extra functionality, like unlimited Items youre mentioning.. If you have a license tied to a email, you can create one or more vaults. Without license you can only have one vault (the primary one). In what feels like a glitch in Enpass' thought-out design, it's possible to Create a new Vault with your desired password, then copy All items from the initial vault to the new one (move or copy). make sure to backup the later one. You don't have to authenticate with password for that copy\move-operation, so by doing that you can work around the requirement to authenticate for changing password and stuff like that.
  13. Elaborating on what @Pratyush Sharmasaid, The "registered account" in Enpass isn't tied to your vault nor the sync-provider. It's solely affects functionality in the app. Changing or removing the registered email for an Enpass-installation won't affect the data, the same relation applies if you're backing up\restoring vaults. Registration \ subscription is an extra step, not tied to the neither data or cloud-access.
  14. Yubikey-support is mandatory for me as well. Currently, I only use Enpass for storing TOTP-codes, and my first factor passwords are stored in a kdbx with Keeweb, which has excellent yubikey support and crossplattform for desktops.
  15. You should add the possibility to generate a QR (as well as other share-methods) for a Pre-shared key. Would be a good complement to your existing improvement or the password generator for PSK
  16. I had a vault of 4MB (300 items, 2 small but separate attachments, and many (maybe 50) custom icons in the database. When deleting _all_ items, and emptying trash, the database was still huge (don't remember if was 4MB or shrunk to 3MB but it didn't slim down. I made sure to delete every single custom icon. Is this by design? (I know some databases and containers won't shrink / deallocate because of performance or security
  17. OP made a feature request; He wants Enpass to lock the database after 3 attempts, and then send an email to it's registered owner with a OTP to unlock it again.
  18. I just discovered hotkeys Ctrl+<up> and Ctrl+<down> for navigating in the left sidebar. But Ctrl+<key> skips sub-tags and imploded menus, so one has to expand them beforehand. Why not add Ctrl+<left> and Ctrl+<right> to expand nested tags as well as imploded menus so we can see everything without interacting with the moues? Thanks in advance
  19. Please bring back the Dark theme for Classic mode for windows. It works and looks awesome in Linux, why did you revoke it from the Windows app, it was there when version 6 was initially launched.
  20. The solution for this is to implement Auto-type. It's an old feature request
  21. ok, again the message you recieved in the browser is expected when using a browser to that url. But since its there the dav seems running. Backup enpass vaults and then remove data and set up sync again. If you're using external storage in nextcloud for enpass id then start checking those. Check the Log within nextcloud, esp. if youre using external storage. here's how you can investiage apache-logs, if you're not familar with it already. sudo apt install multitail -y && sudo multitail /var/log/apache2/access.log or grep your IP if you have much traffic to it egrep "" /var/log/apache2/access.log You should see som PROPFIND and GET from your client reaching the Enpass-data and at least one response code if 200. redirects like 300 and forbidden 400 is fine. You should not see response codes of 500.
  22. Maybe you retained /home partition during reinstall, if it was a separate one.
  23. That's not really an error, just a hint.. are you trying to browse to the dav-url? Does any other DAV-clients work? Troubleshoot webdav in nextcloud from here https://docs.nextcloud.com/server/12/admin_manual/issues/general_troubleshooting.html#service-discovery-label
  • Create New...