Search the Community
Showing results for tags 'authentication'.
Found 4 results
Dropbox sync issue in 6.8.0/6.8.3
2FA-Option additionally to Master-Password?
Marina posted a topic in Data SecurityHello! I would like to know if there is an 2FA-Option additionally to the Master-Password when I open my Passwortmanager? Of course I hope, that nobody cracks my Master-Password. However "better safe than sorry" ... since 2FA is an important security-feature, I wonder why this option to add an 2FA (and I don't mean the Logins for my inside-Password) is not available yet? Or did I miss it? Thanks for your answer in advance. Best Regards
Purplethumb posted a topic in Feature requestsCan we integrate the PC/Desktop app to use Windows Hello as a login option just as the iPhone app uses TouchiD/FaceiD? I have a laptop, iPhone, and Microsoft Surface Tablet and it would be great if the user experience could be similar across all platforms. This request was being worked on since last year and I am surprised that the MS Store App version of Enpass is NOT updated to use the Windows Hello feature since they promised to include this functionality in a newer version of the app.....! Here's the link:
TOTP integration decreases security
treege posted a topic in Data SecurityJust a thought I'd like to share. With the introduction of time-based OTP in Enpass, you are able to use your one-time passwords from within the Enpass client. While this saves time for browsing to another OTP client (such as Google Authenticator), it does decrease the level of security. One-time passwords are usually used as the second factor of two-factor authentication. In most cases, these two factors are 'something you know' (your password) and 'something you have' (your phone with the OTP app on it). With the integration of OTP in Enpass, these two separate factors become one as they are both 'something you know/have/stored in the Enpass database'. Have you considered this decreased level of security? I know using OTP in Enpass is optional and the chance of someone obtaining and cracking the SQL database is low, but still the principle of two-factor authentication is thrown out the window by storing both your password and OTP in one place.