Jump to content
Enpass Discussion Forum

Hemant Kumar

Enpass team member
  • Posts

    149
  • Joined

  • Days Won

    27

Posts posted by Hemant Kumar

  1. Hi @MRE,


    Thanks for being an awesome customer of Enpass. We are doing our best to add as many features as we can but only after being sure about security of user's data i.e. No leaks and no backdoors are left for any bad guy to get access to your data. Now lets come to the point why we haven't added full-time Windows Hello support yet.

    To unlock the Enpass keychain, we need master password and thats why you are always prompted to enter that, once the Enpass is exited or killed by OS. So our main fight is to store the master password with the OS in such a way that we can request it anytime after successful authentication of user. Here comes Microsoft Windows Hello into play. It uses TPM hardware (a secure cryptoprocessor) to securely generate and store encryption keys (this is exactly what we need to encrypt our master password). But the keys generated in TPM are asymmetric and for digital signatures, suitable for server/website logins and are not directly suitable for our purpose. The best thing about TPM keys is that they are exposed to requesting App only after successful authorization aided by biometrics. 

    We are done with the development part and now doing the security assessment to be sure about protection of keys and understanding behavior of windows systems which don’t have a TPM hardware and use software emulation instead. 

    So just bear with us and hopefully we will release it very soon. :)

    • Like 2
  2. Hello @edenhaus

    Thanks for being a part of our Beta team and your feedback. 

    8 hours ago, edenhaus said:

    The new design is better then the old one. Changing the color of the field names with the color of the icon is nice, but for me it's not important if the field names are written in black or in another color. But the apple icon is a light gray and also the field names of the Apple entries are light gray, which is very hard to read.

    Noted for improvement.:)

     

    8 hours ago, edenhaus said:

    Expanding the password length is always good. Can I ask why to 50? Is a unsual length in IT.

     

    As per length of password, number 48 might look odd to a normal person. So, we decided to round upto next tenth.

     

    8 hours ago, edenhaus said:

    Maybe it would be nice to include an option to say only this symbols,

    Symbol exclusion was a long pending request, so we decided to include it this time. We need to look for how in real world this feature is beneficial for our Beta users and based on that we will take the final steps. We have already considered allowed symbol option for future versions as mentioned by you in another thread. 

    Thanks again! :)

    • Like 1
  3. Hello guys,

    We also gave a thought to publicizing our development roadmap and would love to introduce it in future. But at the moment we are very busy in development of all long-time-cherished features like portable USB version, Chromebook version, attachments, auto backups and later on multiple vaults (in the same order). These are already very deep and massive features and every single one of them will stick on board for weeks (pulling out drift). And you know there are so many supported platforms which will make it difficult for us to get involved in discussions. We want to keep ourselves focused on releasing Beta(s) of them and once done we might release Forums.

    Once again. Thanks a lot guys for keeping us motivated for what we are doing.

    With confidence,
    Hemant

  4. Hi @SadE54,

    Being an offline solution for securing passwords, there is no base for Enpass to implement TOTP support for itself. Second factor authentication is basically for online services and we do not have any of users' data or online accounts with us from where we can verify the TOTP. And this is not even needed for Enpass as the safety of your data is only by your master password which is the only key to access data and we recommend to use strong master passwords for your Enpass keychain.

  5. Hi guys,

    Thanks a lot for your help in finding the issue. We are looking into this bug but are not able to reproduce it here and your help is really appreciable. :)

    Enpass does make use of High CPU at the time of unlocking the keychain (mainly due to 24K PBKDF2 iterations), but only for less than a second. So one of the possible cause may be that under some particular conditions/environment/point of time, Enpass is failing to unlock it and constantly trying. There may be other reasons as well.

    On 6 May 2016 at 5:32 PM, Tadly said:

    Does enpass sync every now and than while in background?

    If unlocked, Enpass initiates a sync operation (first it checks if there is something to be synced) after every 10 minutes and behavior is mentioned  here in user manual

    On 6 May 2016 at 6:19 PM, Tadly said:

    As mentioned before, everytime the cpu spikes, enpass is trying to sync (and apparently fails doing so)

    Do you get any error when it fails doing so and does manual sync (by clicking the sync icon or Sync now button) completes the operation of sync?

    On 6 May 2016 at 6:35 PM, nech+arHU said:

    Since I changed some settings including the deactivation of the sync function, I don't have these spikes anymore.

    Confirms that the problem is in either attempting a sync operation or in syncing data. Both these are different operations and need to unlock the Keychain (causing high CPU usage). Attempting a sync means, Enpass is communicating with WebDAV/ownCloud for any changes in data to sync and if changes are detected in local or server data (by checking time stamps), the real sync operation is performed.

    So enabling sync = High CPU usage for long time indicates, there could be a problem in any of the following

    • Either communicating with ownCloud to check for any changes.
    • Every time ownCloud is indicating there are changes but it fails to sync and the process is repeated every 10 minutes.

    To troubleshoot the issue further, please sync the data manually while keeping the Enpass is foreground (this will make sure that there is nothing to be synced) and then keep it in background with sync enabled. If the CPU usage becomes high for more than a second, it is confirmed that there is problem in just attempting the sync. It would be a great help, if you could please PM me a demo account on your ownCloud server.

    Cheers!

  6. Hi @swissindoor

    We are really working hard to bring in the features reported so far.  Multiple vault will gonna take some more time and will come after attachments support as discussed here 

    Please stay connected with us for the coming Portable version, if it could solve managing multiple vaults for you.

     

  7. Hi @Wolfgang,

    Adding attachments and custom templates are in our priority list and will work on them as soon as we release Portable version( Cross-platform), Improved password generator on all platforms, Autofill on Android using notifications and improved Enpass keyboard, improved UWP with TOTP and one surprise feature for you. You can expect Beta versions of specified features in May itself and after their final release, we will work on Attachments and custom templates.

    Meanwhile instead of custom templates, you can take help of Duplicate feature to create copies of your customized items.;)

    • Like 2
  8. Hi @Michael

    We will look further into pinning the Forum topics. 

    10 hours ago, Michael said:

    The other problem I am seeing is a bunch of +1 posts on feature requests.

    Along with every post, members gets an option to upvote/downvote or to give reputation using corresponding Green up/Red down and a Heart button. May be they just didn't use that.

    • Like 1
  9. Hello @edenhaus

    Noted! Thanks for your suggestion to improve the efficiency and quality of Forums. We are also internally discussing ways to improve the development transparency with our users.

    The major problem in posting the development plan as a pinned topic for all supported platforms is to define the ETA. Along with the ETA, the another problem is to protect the similar feature being discussed in different product categories. For the time being, we are pinning the most requested feature Topics in our Feature request. 

  10. On 13 April 2016 at 7:44 PM, Victor Chu said:

    Please add option to show Enpass on double click on tray icon, also please add button "show enpass" in browser plugin window instead of the current menu, using menu is a bit annoying - too many clicks :)

    Noted and will be added in future. Thanks for suggesting;)

  11. Hi @lburgazzoli

    We initially thought of providing a YUM repository for RPMs but postponed it as it requires extra work for managing packages and testing all the test cases. Majority of people use Debian based package management systems and for other distros we have stand alone installer. Like you, we really love RPM based systems but being a short team, we have to choose our responsibilities very wisely, considering the long list of pending feature requests. Perhaps in future it will be there but I can't assure you for this. 

×
×
  • Create New...