Jump to content
Enpass Discussion Forum

Enpass 6.8.0(Beta) is Here – For Windows


Recommended Posts

Hi Enpass beta subscribers,

We are pleased to announce that a beta release for the next version of Enpass, 6.8.0, is now available. The new version includes many exciting features on desktop apps and bug fixes. We ask our beta users to test and provide their feedback. The list of changes is long enough to keep you busy for a while. :D

What to test:

  • Automatic Compromised Password Check: Compromise Password checker can now run automatically whenever a new item is added, or an existing item is updated to ensure there is no breached data on your vaults. Just head over to Advanced Settings and enable the check box.
  • Frequently Used Suggestions: Enpass now gives suggestions of the most-used Usernames, email, and Phone numbers stored in the selected vault while creating a new item. 
  • Fill from password history: Users will now be able to fill in passwords from their password history on the Edit page. 
  • Reveal password: You can now reveal an item's password by pressing Alt on your keyboard.
  • CapsLock Indicator: Notifies users when CapsLock is active while entering Master Password. 
  • Merge Backup vault to any Existing vaultUsers can now merge any backup vault data into an existing vault. Select Import > Enpass > Backup file> Select the backup file from your machine> Select the Vault to Merge > Enter password of the backup vault.
  • Show More: We have returned the 'Show More' button to the Enpass assistant, hoping all your concerns with the 'Match URL hostname' functionality are now resolved.
  • Custom period for TOTP: Enpass now support generating one-time code with custom period. By default, the period will be 30 seconds unless specified by the TOTP URI.
  • Un-synced changes Alert!: Enpass now shows a warning message when attempting to remove a vault that has un-synced changes. 

FIXES:

  • Fixed an issue where Enpass marked TOTP as invalid if the TOTP had '\n' in the secret key 
  • Fixed an issue where the passwords were getting truncated/cutoff/incomplete on printing the item if the escaped characters ('<' and '=')
  • Fixed an issue where the item list is fetched multiple times, unlocking the assistant.
  • Fixed an issue where the text was getting truncated in the Korean language.
  • Fixed an issue where a few users could not launch URL/website with Unicode characters from the Enpass items detail page.
  • Fixed an issue where users were getting "nothing to import" while importing from Bitwarden (because of a change in Folder keys). 
  • Fixed an issue where a few of you could not print items from Enpass.
  • Fixed subtitles for identity item with First Name +Last Name (subtitle of any old identity item will be changed on app update)

Getting beta versions:

Windows – Store version: Our Enpass beta subscribers will get the latest beta updates from the Windows Store. 
Windows – Website version (.exe setup): Download and install the beta from here.

Bug reporting

For any bugs or feedback, please drop your message here on forums or email us on support@enpass.io
We look forward to your feedback for this beta release of Enpass.

Cheers!!:)

  • Like 1
Link to comment
Share on other sites

  • Vinod Kumar changed the title to Enpass 6.8.0(Beta) is Here – For Windows

Mohit and team thank you for the update, it's always appreciated.

Can you please clarify what happens with the Automatic Compromised Password Check, because there is now no option to manually check the entire vault with a single button press?

On installing 6.8.0, I enabled auto check and the Compromised button showed a continuous rotating symbol, but no progress. After leaving it for 5 minutes, the symbol was still rotating. I unticked the auto check option, shut down then restarted Enpass and the Compromised button showed 0 as normal, but on reviewing the Compromised window of the Audit section, there was no option to manually check all passwords. As a final check, I re-enabled auto check, modified a password entry, saved it, but the app gave no indication any auto check had taken place. 

A few questions if I may  

1 - Is an auto check, only checking the HIBP database when a new/modified entry is updated?

2 - Does auto check, check the entire vault, or just the new/modified entry?

3 - Is it correct that the option to manually check all passwords has been removed?

If the answers to the first and third questions are yes, this would mean with 6.8.0 a user needs to modify/create an entry to recheck all passwords against the HIBP database, rather than simply pressing the Re-check All button. If, however, an auto check only checks new or modified items, a user must now manually check each individual entry, to check the entire vault

4 - Can you consider, automating vault password checks as, either every time the app is started, or at specific scheduled intervals? This type of automated checking would ensure the Audit was always up-to-date without any user input. Either option would work best in conjunction with the existing manual Re-Check All option. 

I've currently reinstalled 6.7.4 (933) as the password changes in 6.8.0, make it less usable.

I've just noticed your post was in relation to the Windows Store version. My desktop version offered 6.8.0 as a Beta update, which is the one I installed. Do let me know if I should repost this question in that section. 

Thank you in advance for any information you can provide.

Edited by Thoughts?
Link to comment
Share on other sites

 Hi @Thoughts?
 

Thanks for your inputs.

The automatic checking for compromised passwords will run in background on following conditions:

  1. Until each item in each vault has been checked at least once. On every unlock Enpass will check for pending items.
  2. When an item is added or updated.
  3. For each item in each vault again when HIBP database is updated.

This process will make sure all passwords stay audited with minimum queries to HIBP server.

The bulk manual checking has been removed.  You can turn off and back on the automatic checking from advanced settings to simulate the effect of manual checking on all items. Also, you can still run "Check If Compromise" on an individual password via context menu entry.

 

On 3/13/2022 at 12:52 AM, Thoughts? said:

On installing 6.8.0, I enabled auto check and the Compromised button showed a continuous rotating symbol, but no progress. After leaving it for 5 minutes, the symbol was still rotating. I unticked the auto check option, shut down then restarted Enpass and the Compromised button showed 0 as normal, but on reviewing the Compromised window of the Audit section, there was no option to manually check all passwords. As a final check, I re-enabled auto check, modified a password entry, saved it, but the app gave no indication any auto check had taken place. 

For the above concern, I request you to please get in touch with us at support@enpass.io with your registered email ID, and the Enpass Support Team member will look into this. We are looking forward to your support and patience. 

  • Like 2
Link to comment
Share on other sites

Hello Mohit 

Thank you for replying.

In point 1, when you say ‘pending’, do you mean simply items that have not yet been checked against HIBP's database?

In point 2, when an item is added or updated is the auto-check of the entire vault or only for the item(s) added/updated? I.e. does the Enpass app, mark an item as ‘checked’ against the current HIBP database?

In point 3, how is the Enpass app notified of a HIBP database update? Is the Enpass app requesting that information direct from HIBP, or is the new database stored on your servers, and you tell the Enpass app that an HIBP update has occurred, and the app needs to run a new full vault check?

In reply to the issues I faced with 6.8.0, can I ask, when an item is added or modified, and auto-check is enabled, is there supposed to be any visual indication of an HIBP check taking place? Or is the check silent?

An HIBP check of a single item takes a matter of seconds, so if the check is ‘silent’, it would behave as I experienced. Only if a password was found to be compromised would a user know a check had taken place. If the check is silent, it would be helpful if the Compromised window of the Audit section gave the date and time of the most recent HIBP checks. That way, a user would know, their password checks were up-to-date.

If you could let me know whether the check is supposed to be silent, and if it is, I will reinstall 6.8.0 and run further tests.

Thank you once again

Edited by Thoughts?
Link to comment
Share on other sites

Hey @Thoughts?
 

On 3/14/2022 at 6:48 PM, Thoughts? said:

In point 1, when you say ‘pending’, do you mean simply items that have not yet been checked against HIBP's database?

Yes, any item password that has not yet been cross-checked with latest HIBP database is stated to be pending.

On 3/14/2022 at 6:48 PM, Thoughts? said:

In point 2, when an item is added or updated is the auto-check of the entire vault or only for the item(s) added/updated? I.e. does the Enpass app, mark an item as ‘checked’ against the current HIBP database?

Whenever an item's password is updated, only it is marked as pending not the whole vault.

On 3/14/2022 at 6:48 PM, Thoughts? said:

In point 3, how is the Enpass app notified of a HIBP database update? Is the Enpass app requesting that information direct from HIBP, or is the new database stored on your servers, and you tell the Enpass app that an HIBP update has occurred, and the app needs to run a new full vault check?

We manually keep track of HIBP database updates and manage timestamps on our server accordingly. Enpass App pulls for these timestamps daily and mark all items pending when it is changed/updated.

On 3/14/2022 at 6:48 PM, Thoughts? said:

In reply to the issues I faced with 6.8.0, can I ask, when an item is added or modified, and auto-check is enabled, is there supposed to be any visual indication of an HIBP check taking place? Or is the check silent?

An HIBP check of a single item takes a matter of seconds, so if the check is ‘silent’, it would behave as I experienced. Only if a password was found to be compromised would a user know a check had taken place. If the check is silent, it would be helpful if the Compromised window of the Audit section gave the date and time of the most recent HIBP checks. That way, a user would know, their password checks were up-to-date.

I have taken this over as a feature request and you will see the improvements in Enpass future updates.

#SI-2682

  • Like 1
Link to comment
Share on other sites

Hello Mohit

Thank you for your very thorough reply. I reinstalled 6.8.0 late yesterday, and the rotating blue symbol appeared over the Compromised passwords button. This morning, on opening the app, the button has reverted to show 0 as normal.

It would seem an initial auto-check either takes far longer than a manual check, or some other checks are taking place, but the app is currently stable and operational, so I will test further. 

Thank you for considering the feature requests. I look forward to future updates.

 

  • Like 1
Link to comment
Share on other sites

  • 1 month later...

Hi @MaxM,

Thank you for reporting the presence of this issue. We have reproduced the bug on our end, due to which you are unable to connect to the WebDAV. Our concerned team is working on resolving it, and a fix will be implemented in the upcoming update cycle. In the meantime, we appreciate your support and patience.

SI-2681

  • Like 1
Link to comment
Share on other sites

Hi Enpass Team,

First I want to thank you for your great app and work!

Yesterday I updated to 6.80 (1048) and set Enpass as default password manager for MSEdge (extension). Since  I enabled that functionality I lost MSEdge forms history function (may be it occurs on other web browsers too). To recover that functionality have to disable Enpass as default password manager. Would be possible to have both functions at same time? When working with, for example, ticketing web tool is very useful to have forms history available. Obviously, at same time, to enable Enpass as default password manager for any web browser is the best option for me.

Regards!

Link to comment
Share on other sites

On 5/3/2022 at 12:45 AM, Mohit Thapa said:

Hey @MaxM

Thanks for letting us know about this. Our developers are constantly keeping a tab over this issue and have informed me to request the user to try the new Enpass beta Version 6.8.0 (1049). Click here to download it and let me know if the issue persists.

Hi @Mohit Thapa

I'm afraid the issue still exists in the Windows store version 6.8.0 (1048). Connection to WebDAV failing with a generic message "Could not connect to specified WebDAV folder. Check you username and password". Note that I can connect to the WebDAV folder in question from a non-Windows store version of Enpass or from Windows Explorer directly. So the problem is definitely not in credentials or URL.

  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...