Jump to content
Enpass Discussion Forum

Search the Community

Showing results for tags 'meltdown'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • General discussion
    • Hot topics
    • Enpass Support & Troubleshooting
    • Registration and Purchases
    • Autofilling and Desktop Browser Extensions
    • Data Security
    • Announcements
  • Help us improve Enpass
    • Feature requests
    • Enpass Beta
    • Localization
  • General discussion

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start



About Me

Found 1 result

  1. Hello Enpass-Team, happy new year to you! I'm a very happy user of Enpass and it's perfect usability. But since some week's I'm frightened about the usage of password-managers because of the released information regarding Meltdown and Spectre (CVE-2017-575, CVE-2017-5715 and CVE-2017-5753) Especially Meltdown can lead to a dump of the Memory of Applications like Password-Managers, which are one of the most valuable targets! I know, that MicroCode-Workarounds for CPUs and OS-BugFixes are on the way, but I want to ensure, that you have implemented Enpass in a way, to minimized the possibility to extract our passwords via such vulnerabilities. Can you please give us some information, how you protect our data against such issues? For example: When do you decrypt the passwords and store it in RAM? - When the user unlocks enpass, or when the user requests one specific password? Do you decrypt always all passwords or only the one which is requested? I know you use SQLCipher as backend. Does this mean, that always the whole Database is decrypted after unlocking enpass? Please let us know some details. This is very important, especially as long as no audit of enpass exists. Thanks in advance for you detailed explanation, wachschaf
  • Create New...