Jump to content
Enpass Discussion Forum

Store Attachments in the Vault


Recommended Posts

  • 2 weeks later...
1 hour ago, My1 said:

@Vinod Kumar

just asking because of curiosity, is there any Idea when this will come?

I will paraphrase the usual response, "no eta, will be released in a future update" :( I guess they want to release a major update instead of minor updates more often, like many apps do that tends to get annoying fast.

Link to comment
Share on other sites

  • 2 weeks later...
  • 2 weeks later...

Hi all,

Attachment support is currently under development.

Also, as we already have a discussion about single file database vs split database in this thread, I would like to give an update on that. Having too many request for attachment support, a time factor was also added in decision making. We have decided to take single file monolithic database approach first. It will take much less time to implement and test. Split databases for large attachments will be implemented later on.


  • Like 2
Link to comment
Share on other sites

  • 2 weeks later...
  • 2 weeks later...

Can you split a large (attachment)Database in many file-parts? Then you have to sync only a small part.

Additional you have to register every File and its md5 checksum in a central register-file. When a file is changed, you can dowload the DB-filepart and exchange/remove this file....

Edited by Jones1024
Link to comment
Share on other sites

@Jones1024 regarding attach checkbox, a better Idea would be to have a way to say up to what size attachments are synced (possibly even with a split for mobile vs WLAN) but that comes after they made multiple files for the storage, I guess.

regarding the splitting of files and stuff: they said they will take the monolithic one "FIRST", in other words they probably will someday go to multi-file sync, although due to the time factor, monolithic is going first (I guess it's easier).

Link to comment
Share on other sites

Well, just to have the possibility of adding 1-2 small attachments (either as picture or PDF, keycards and ID cards with numeric codes) would be great as keycards are often delivered as hardcopy and should be dumped into the main database as a small amendment.

To store files in more broader scale is not feasible in a pw app using a small encrypted DB, use solutions like Dropbox, onedrive and other web solutions for this.

If only a small number of small attachments is allowed, Enpass dont need to put effort in splitting files/database and to sync/not sync attachments.

Would be nice if Enpass/Vinod Kumar could reveal ETA for this.

Br. Speedys1979

Link to comment
Share on other sites

@Speedys1979 good keycards shouldn't even give out the key and be uncopyable.
that's for 1 reason.

if you can copy a key card you can return it and attack later without the victim even knowing the card has been copied.

if it cannot be copied, the attacker needs the real card thus allowing the victim to notice and possibly revoke the card.

generally any "possession" factor should be unique and tamperproof (or at least tamper-evident to e.g. kill the key if someone tries to get it).

Edited by My1
Link to comment
Share on other sites

  • 1 month later...
  • 1 month later...

I've come up with a temporary and MESSY, UNSUPPORTED work around for those of you brave enough to try it. I've tested it myself a few times and it seems pretty legit, so here's a hack you can use until official attachment support is released:


  • A real computer (Windows 10, MacOS or Linux); this method will not work on phones because they're so stripped down as to not include the necessary software in a way you can access it.
  • If on Windows 10, you'll need the Windows Subsystem for Linux installed and ready. MacOS and Linux already ship with the necessary tools.


  • Can't access attachments on your mobile device; again, because mobile OS's are so stripped down and powerless it's not even funny.
  • Small files only! I can't stress this enough. If your file is over a few megabytes in size, while that might work for a few cases here and there, over time it's going to make for one hell of a messy database that Enpass has to wrangle, thus making it slow and possibly unstable (and where there's instability, there's the possibility for data loss). Do not, I repeat DO NOT go putting your damn wedding photos up here, ya'll. Think plain-text or no-image PDFs of a few kiloybtes as receipts for stuff. That's it. Nothing more because, again this is a hack, not an officially-supported feature.


This example is taken from MacOS 10.12 so you may need to adjust the command name, path and/or args depending on your platform if they differ. 

The basic idea:

  • Take that file you've got in its present, binary mode;
  • Run it through a base64 encode operation. This takes the binary data and transforms it into a series of "jibberish" text strings that in fact, actually mean something. It's basically a way to translate the "ones and zeros" into a copy-pastable format.
  • Copy and paste that output into Enpass's notes field for your item of choice along with some remarks on what it is that's in there and how to restore it later.

Step 1: Encode the data

Given the file $HOME/Downloads/something.zip, which is presently in binary format, I'll change that into plain-text format with the following command:

    base64 -b 80 -i $HOME/Downloads/something.zip > $HOME/Downloads/something-base64-encoded.txt

What do these options mean? Well, -b 80 means "insert a new line every 80 characters". This is more for presentation and ease-of-visibility on your part and can be ommitted if absolutely necessary. The -i option tells it which input file to look at. I...input...you get ;-) The argument following -i is, naturally, the file we have - binary. Next is the greater-than symbol >. This is a shell output redirection thing - it basically says "hey, all that crap on the left? yeah shove it into this thing on the right". Said thing on the right is the path to a file that doesn't yet exist when we run this, thus it will CREATE that file on the fly.

Step 2: Copy-Pasta

This is obvious and wicked easy. Open that file in a text editor or for the more console-inclined like myself, run cat $HOME/Downloads/something-base64-encoded.txt | pbcopy. On MacOS, "pbcopy" is "paste buffer copy" which means "copy it" as if you hit CMD+C. On Linux you can use "xsel" if it's installed. Windows users, I don't know what to tell you other than "use the mouse and notepad.txt" =)

Open Enpass, find your item of choice, scroll to the notes field (or create a new huge plain text body field) and paste it in there.

Step 3: Write Down How to Put It Back Together!

The point of this entire exercise is to be able to re-assemble this file at a later date with another simple copy-paste. Naturally, that could be years from now and you may not be able to find this post, so dammit, make a note! ;-) At the top of the text entry field, write what the attachment's original filename was and what it's for, bumping the base64 encoded binary payload (the "jibberish text") down a few lines while you're at it, and then before saving, enter this as instructions on how to put it back together:

Given you've copied the base64 payload only from that field and pasted it into a file named $HOME/Desktop/backup.txt:

    base64 -D -i $HOME/Desktop/backup.txt -o $HOME/Desktop/original-filename.whatever

The arguments listed:

  • -D Capital "Dee" says decode the data. To "decode" here means "you gave me plain text letters, I want binary dammit so imma make that binary by DECODING the plain text".
  • -i is, as before, the input file. Note that you do indeed need this to exist before you run this command.
  • -o is where to put the output file. Note that this doesn't need to exist (it'll be created on the fly), but you do need to tell it the exact, full filename that it should have so that things work with it properly. If you compressed a PDF file (receipt.pdf), make damn sure you restore it as anything ending in ".pdf". If you don't, or maybe you leave off ".zip" for a zip file, or ".jpg" for an image, you may not be able to use the file in the future.

Now that you've written that stuff in there and pasted the base64 encoded payload, SAVE YOUR WORK. Now, SYNC YOUR WORK. It would also be a good idea to move to another computer and try to restore from it given your restoration instructions as well, just in case.

More info:

    man base64 -- Apple's best existing (?) copy of a manual page on the base64 utility. MacOS users may need to install developer tools (xcode-select --install in terminal) before they have this command available. For Linux and Windows Subsystem for Linux (which is...as the name implies, Linux...) use your package manager and search for it, then install the appropriate package to gain access to the command.


Newer users might be tempted to visit a website to do this Base64 encode/decode process for them. DON'T DO IT. You have no way to guarantee that everything you paste into your web browser form isn't being copied up to "who-knows-where", meaning that your attachment is now in the hands of "who-knows-whom". Best to use the command line tools instead and keep it all on your local machine to prevent accidental leakage of private details.

Link to comment
Share on other sites

  • 2 weeks later...
On 4.7.2016 at 1:49 PM, bitethis said:

Enpass looks really great and i planned to migrate my entire database from 1Password. I have tested the desktop client + the iPhone client and have figured out, that i can't put attachments to the database. Storing attachments is a *very* important feature, i'm wondering why this is not implemented yet. 

So my +1 for this request. I'll be come back if this feature is available.

Edit: I'm pleased about the very fair pricing!


Link to comment
Share on other sites

This topic is now closed to further replies.
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Privacy Policy