Search the Community
Showing results for tags 'otp'.
I'm moving from 1Password because i now have several Linux servers to work with. I want the "One Time Password" field as in 1Password, you enter the secret phrase in that field and it will generate the OPT every 30s. Without it i have to use my cellphone to get the OPT and enter them manually, that not convenient. Also, i need to backup the secret phrase in case i lose my cellphone. Thanks
I have Enpass bought on IOS 11 and installed on MacOS 10.12.6. Both are synced by GoogleDrive. This is working perfect. On my company Windows 7 PC I recently installed Enpass and sync with the same GoogleDrive. Passwords are synced perfectly, BUT the OTP's are totally different. When I have the three devices next to each other the iPhone and Macbook are showing the same OTP but Windows a total different one. It's not that's one infront or one behind its totally random. Anyone have the same issue? And maybe a solution?
I've recently attempted migrate over to Enpass but failed due to the TOTP or One time password field failing to migrate over as well. I followed the instructions found here: https://www.enpass.io/docs/desktop/import_1password.html#step-1-export-data-from-1password for importing data from 1Password. I created the .1pif file as requested and most everything imported properly. I'll note that many tags migrated over that are unnecessary but those don't break things. The thing that doesn't work, and causes issues in the app itself is the failure to migrate TOTP fields over. Typically the field reads OTP : otpauth://totp/<removed>, and as a text field. Up until the 5.3.0 release, I often wasn't able to create a TOTP field but that at least seems to work now.
Just a thought I'd like to share. With the introduction of time-based OTP in Enpass, you are able to use your one-time passwords from within the Enpass client. While this saves time for browsing to another OTP client (such as Google Authenticator), it does decrease the level of security. One-time passwords are usually used as the second factor of two-factor authentication. In most cases, these two factors are 'something you know' (your password) and 'something you have' (your phone with the OTP app on it). With the integration of OTP in Enpass, these two separate factors become one as they are both 'something you know/have/stored in the Enpass database'. Have you considered this decreased level of security? I know using OTP in Enpass is optional and the chance of someone obtaining and cracking the SQL database is low, but still the principle of two-factor authentication is thrown out the window by storing both your password and OTP in one place.