Mateusz Posted May 8, 2020 Report Posted May 8, 2020 Hello Enpass Team! First of all thank you for the good work with Enpass! I would like to submit a feature request: Masked passwords entry support. Would it be possible? I searched the forum but I didn't find anything like this.
Garima Singh Posted May 8, 2020 Report Posted May 8, 2020 Hey @Mateusz Thanks for using Enpass and writing to us. We really appreciate you for exploring the app and giving time in finding this valuable suggestion. The suggestion has been noted and forwarded to the development team for further consideration. Thanks for the suggestion! 1
Pratyush Sharma Posted May 12, 2020 Report Posted May 12, 2020 Hi @Mateusz, We need a little input from your side, can you please let us know what you mean by "Masked passwords entry support." Thanks for your co-operation.
Mateusz Posted June 10, 2020 Author Report Posted June 10, 2020 (edited) Hi @Pratyush Sharma and sorry for late answer. Some of the websites (most are financial services like banks) use masked password entry on login. It means you have to enter only some of the password signs, e.g. first, third and the last. If you password is 12345qwerty (hope it's not ) and you get this input: then you have to enter: 1,2,4 and y. Which password sign you need to enter is randomize by the bank on each login. Supporting this by Enpass means recognize which fields need to be filled with corresponding sign from stored password and autofill. I hope it's now more clear to you. Edited June 10, 2020 by Mateusz
Pratyush Sharma Posted June 10, 2020 Report Posted June 10, 2020 Hi @Mateusz, Thanks for sharing the details. We have noted down your valuable suggestion and forwarded it to the concerned team for further consideration. Thanks for your feedback!
Hitman Posted June 11, 2020 Report Posted June 11, 2020 On 6/10/2020 at 8:48 AM, Mateusz said: Hi @Pratyush Sharma and sorry for late answer. Some of the websites (most are financial services like banks) use masked password entry on login. It means you have to enter only some of the password signs, e.g. first, third and the last. If you password is 12345qwerty (hope it's not ) and you get this input: then you have to enter: 1,2,4 and y. Which password sign you need to enter is randomize by the bank on each login. Supporting this by Enpass means recognize which fields need to be filled with corresponding sign from stored password and autofill. I hope it's now more clear to you. Wow that is creepy. That implies that they store the plaintext password somewhere. Urgh.
Anthony Posted June 27, 2020 Report Posted June 27, 2020 I've seen this done to mask User ID (which as Hitman mentioned above, indicates plain-text storage, but for a User ID that's OK), but for a Password? I hope I don't run into any systems that use this, especially not financial services companies! 1
michalk Posted December 7, 2020 Report Posted December 7, 2020 Hi, any progress with that? Assuming that the password is stored as plain text is a common misconception. It is possible to keep such passwords fully encrypted in the database, and still use masked passwords as input: https://jonathanstreet.com/blog/partial-passwords/ Anyway, would be great to have this supported in Enpass as it is very common for financial institutions in Poland to use this approach!
Pratyush Sharma Posted December 8, 2020 Report Posted December 8, 2020 Hi @michalk We already have this request in our road map. Moreover, it's not a bug or an impending issue, but a feature request so we've not put this in priority as of now. Thanks for your co-operation.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now