Search the Community
Showing results for tags 'https'.
Hello, don't really know where to post this, but "Data Security" seems kind of fitting. I recently set up Enpass on my devices to synchronize via a nextcloud-server running on my desktop computer. In doing that, I realized I didn't receive a certificate warning on any of my devices when setting up the synchronization, even though the server is clearly using a self-signed certificate. I'd really appreciate it if I received a warning when setting up synchronization with a server using a self-signed certificate, and maybe even enable some sort of certificate pinning, to make sure my data doesn't end up on another WebDAV server, which happens to be accessible with the same URL and just is configured to store all data from incoming connections, regardless of matching credentials. (A malicious person could do that) Using Enpass 5.3.0 on Linux and Mac, and Enpass 5.4.3 on Android