Jump to content
KMyers

OwnCloud/NextCloud Application

Recommended Posts

Good Morning,

I know a few of us are using OwnCloud or NextCloud to host our password bank, it would be amazing if there was an OwnCloud/NextCloud Enpass Application to allow us to access our password bank without the need to install any software. This would be ideal for users who cannot install software (such as in a "High Security" Corporate Setup) or to those who are not using a computer they control. 

I know someone ported KeyPass's Keyweb to an OwnCloud app and it works, but not well enough to be my default password manager.

Share this post


Link to post
Share on other sites

Hi all,

Thanks for bringing this topic. Enpass encrypted data file is a SQLCipher database. It is not possible to decrypt it without native SQLCipher support in browser. And as far as I know none of modern browsers provide a native implementation of SQLCipher. 

 

Share this post


Link to post
Share on other sites

@yce Transferring your master password or a derived key to server is a very bad idea (which is required in case of sqlcipher for php). It is best to do any encryption/decryption related stuff in a native app. If that is not a choice, next best would be to encrypt/decrypt on client side with javascript. User can be authenticated with server without sending master password using Secure Remote Password like protocol and encrypted data can be fetched from server and decrypt it in javascript. 

Share this post


Link to post
Share on other sites

Yes if the service is on an https protocol then there shouldn't any problem sending the master password to the server.

But it would be also possible to add extra security by encrypting the master password with a public key on the client side (javascript) and decrypting it with a private key on the server.
By doing so an attacker couldn't gain access to the master password even if it's not on a secure connection.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...