Fab8 Posted February 17, 2021 Report Posted February 17, 2021 Hi there I´m using PIN code on Mac OS (MacBook without Touch ID) in oder to quick unlock enpass app running in the background? I think that the master password is not saved on in Mac, even in ram. This means unlocking with Pin Code doesn´t actually decrypt data in enpass. Technically you can say enpass running in the background and locked with Pin is actually unlocked, right? In case someone gets acess to an unlocked Mac with enpass locked with PIN (instead master passwors): May it be possible that this person (that is is pretty much into IT / has former computer skills) could gain access to data saved in enpass?
Vinod Kumar Posted February 18, 2021 Report Posted February 18, 2021 Hi @Fab8 Unlocking via PIN is more of a convenience feature rather than security. In case of PIN, Enpass restricts access to data through User Interface without locking down the database. After three failed attempts, the database will be closed and a master password will be required next time. 20 hours ago, Fab8 said: In case someone gets acess to an unlocked Mac with enpass locked with PIN (instead master passwors): May it be possible that this person (that is is pretty much into IT / has former computer skills) could gain access to data saved in enpass? Your master password does not remain in memory any time after initial unlock of database. However, running sophisticated attacks with administrative privileges are still possible. We recommend against using PIN in such environments. :) 1
Fab8 Posted February 22, 2021 Author Report Posted February 22, 2021 Thanks @Vinod Kumar There are two options for quick unlock: via PIN-Code (Mac without touch id) or via touch id. You said: On 2/18/2021 at 2:03 PM, Vinod Kumar said: Unlocking via PIN is more of a convenience feature rather than security. In case of PIN, Enpass restricts access to data through User Interface without locking down the database. After three failed attempts, the database will be closed and a master password will be required next time. So while Enpass in running in the background using PIN-Code does only protect via user interface and does not actually a decrypt/encrypt operation. I think this is different when using touch id as quick unlock via touch id does an actual decrypt/encrypt operation, right?
Vinod Kumar Posted February 22, 2021 Report Posted February 22, 2021 1 hour ago, Fab8 said: I think this is different when using touch id as quick unlock via touch id does an actual decrypt/encrypt operation, right? Yes. That is right. To have more information you can refer to this page. Cheers :) 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now