Guest Posted December 12, 2020 Report Posted December 12, 2020 Hey there, I'm still testing enpass after my purchase and found another strange behaviour. For me, the evaluation of the passwords generated by enpass makes absolutely no sense. When you look at the screenshot attached, you see 3 generated passwords, all generated with the exact same settings. One is considered beeing average, one is good and one is perfect. To my eyes, they all have the same complexity. So how can the evaluation be so different? Even if the evaluation would make any sense, why would you even offer me weaker passwords based on the given settings? Another example: When setting up a master password, the evalutation even can turn from average to bad by actually adding a special character! So the password is now 1 character longer and enpass tells me the password is weaker. This seems crazy to me
Vinod Kumar Posted December 14, 2020 Report Posted December 14, 2020 Hi @Trendsetter, Password strength in Enpass is calculated using zxcvbn algorithm. Calculation by this method not solely rely based on length but depends upon different kind of patterns too. An additional character introduction may not necessarily result in increased strength if it introduces a pattern match according to algorithm. Please visit following link for more info. https://www.enpass.io/docs/security-whitepaper-enpass/miscellaneous.html#password-strength-estimation https://github.com/dropbox/zxcvbn Thanks.
Guest Posted December 14, 2020 Report Posted December 14, 2020 Hi @Vinod Kumar, thank you for the whitepaper & the explanation. To me, the algorithm still seems to be a little weird, but I'm not an cryptography expert Do you think there is a chance for a feature that enpass only offers the best level of password based on the settings given? Because as a user you end up quite often banging that generate button until you get the best result.
Vinod Kumar Posted December 15, 2020 Report Posted December 15, 2020 Hi @Trendsetter, Noted. It will be implemented soon. Thanks.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now