Search the Community

Not sure if this is already a requested feature but as a long time Enpass user I have a request that gets annoying sometimes. I try to update my passwords once a year. But unfortunately, every website has their own password rule w.r.t what special chars are allowed/not-allowed, what is the password length etc... and sometimes I find out these rules after trying to set password (and failing multiple times) that they don't support some particular character(s). Enpass has a generate button which makes it easy to generate the passwords on the fly for an account. It would be great if enpass could remember what the rules were when I last updated a password for an account (not in general but account specific) and have the generate button pick it up, including the pronounceable, "included", "excluded", character types, minimum char type and password length fields. Right now I am saving the rules in the notes section of the account info, but it's irritating as the "include" chars text field does not allow copy/pasting so I need to type the chars each time. Sometimes that is a long list of chars that I don't want to type and I give up after only a few chars which limits the special chars in my password. I feel this is a low-hanging fruit for a feature addition which would encourage people to change password more often.

Using Enpass extension 6.5.1 for Mozilla Firefox 82.0.2 (64 bit) on Windows 10; Enpass desktop version 6.4.1 (643). I logged into a website which I hadn't visited in a very long time; its login was not in Enpass but was in Firefox Sync. I logged in and was told to change my password, which I attempted to do using Enpass. It should be noted that this company does have a support forum for users which I do occasionally visit on a subdomain (forum.xyzcorp.com as opposed to simply xyzcorp.com). This login was in Enpass, and the two logins although on the same root domain do use separate user IDs and passwords. I generated a password and updated my information in the website. Firefox Sync popped up a window asking if I wanted to update the password, but before I could react (about a quarter of a second) the Enpass extension popped up, erased Firefox Sync, and asked me to update the password for the support forum. There was no option and no way to add a new item with the password which I had just updated. So now I have lost the password and have to go through the whole hassle of having my password reset again by xyzcorp. You really should fix this problem, it's caused me grief a number of times before. Firefox has a pretty good password manager and the Enpass app should not block it out when a site is updated. There should be an option to add a new login/web site with any request to update a password. Or, preferably, both.

Hi, what I really miss is a simple little inputbox next to the (big) slider to set the password lenght. On big screens, the adjustment with the slider is okay, but on small screens I get frustrated when I have to set a specific lenght and don't hit the number after some tries ;-) Should be no big concern since it is just UI related and not some sort of security problem Does no one here miss this little but helpful improvement? :o)

I am seeing a strange behavior with the password generator. When I select the generate button, I get a password, when I hit the Fill button, it fills the password field with another password. This is causing me to have broken application access.

Hello, Can you add a field in the password generator to type in certain special characters that should be excluded from the generated password? There are many websites (mostly banks) which put some restriction on the set of special characters that can be used in the password, so it'll be nice if the generator can handle this. Please try to implement this in the next release. Thanks, Asmit

Hi everyone, on Enpass 5.5.6 (Linux) I noticed that the password generator uses exactly the configured number of characters per type (i.e. digits, uppers, symbols) and I found no way to specify an "At least #" logic. For example, using the default configuration the 18-chars password always has 3 digits, 5 uppers, 5 symbols (and 5 lowers, even if not stated), whereas I want it to have a minimum of 1 character per type, as required by most password policies out there. I would even deem this default configuration a security bug because by greatly reducing the cardinality of the password space you gives an obstinate cracker a sensible advantage. Is there a way to enable the "At least #" logic? May we expect a more robust password generator in the upcoming release?

1. Put check boxes in front of digits, symbols and uppercase to quickly enable/disable. 2. Make the categories into ranges to allow for more varied password generation. Not sure how much entropy this would actually add, perhaps it is a perception issue that static numbers for the different categories is bad. 3. Perhaps under options have the possibility to edit which special characters should be valid for use (with a reset to default button). For 1 and 2 see my excellent paint skills here, the green scribbles are supposed to be checkboxes :-)

I'd love to see an option for diceware passphrases in the password generator. A password like crazy-horse-battery is pretty secure and far easier to remember/type then kis-efum-aya-hava-ivid. Now I know you'll say we don't need to remember passwords since Enpass can type them for you, but there are situations when I can't use Enpass to type the password, such as the Enpass Vault, servers, computer logins etc.