Maurizio1313 Posted March 22, 2022 Report Share Posted March 22, 2022 Hello, I am using Enpass with a password and the keyfile, every time I have to enter Enpass I must have the password together with the keyfile, but I have a doubt, it would not be more secure if the keyfile was used only the first time it is installed Enpass? If I have a virus on my computer, it manages to find out the password but does not know the keyfile so enpass cannot be installed on another computer. Link to comment Share on other sites More sharing options...
Ivarson Posted March 24, 2022 Report Share Posted March 24, 2022 On 3/22/2022 at 11:38 PM, Maurizio1313 said: Hello, I am using Enpass with a password and the keyfile, every time I have to enter Enpass I must have the password together with the keyfile, but I have a doubt, it would not be more secure if the keyfile was used only the first time it is installed Enpass? If I have a virus on my computer, it manages to find out the password but does not know the keyfile so enpass cannot be installed on another computer. The keyfile is part of the encryption and decryption of the primary vault, hence it needs to be present all the time. Worth to mention that any additional vault using a keyfile will save that password AND key file in the primary vault. Also, a virus that's gotten foothold in your box means your pretty much toast anyway, but to make it a bit harder you should read my post here Just make sure you still store the key file safely as it will still be needed, it just doesn't need to lay around.. 1 Link to comment Share on other sites More sharing options...
Maurizio1313 Posted March 24, 2022 Author Report Share Posted March 24, 2022 Hi, so using a windows computer do you recommend me to use Windows Hello to unlock Enpass? In this way the password and the keyfile are not needed, even if they must always be protected? Link to comment Share on other sites More sharing options...
Ivarson Posted March 24, 2022 Report Share Posted March 24, 2022 Depends on your personal circumstances and preferences, but you won't have to input your password nor have the keyfile persistently available which reduces the risk for keyloggers or exfiltration of the keyfile. But your computer still needs to be secured of course, and while the tpm guarded password would be tied to your one computer, keeping it physically secured and prevent people from looking over the shoulder becomes more important as a simple 6 digit code could log you on to the computer and also access Enpass. Enpass themselves wouldn't "recommend" it, I assume this is because they can't guarantee the functionality for Hello since it's a windows function, Enpass merely uses it. But if your password and keyfile are safely stored you should be fine. But I would recommend that you occasionally try to unlock with password +keyfile to ensure function. Link to comment Share on other sites More sharing options...
Maurizio1313 Posted March 24, 2022 Author Report Share Posted March 24, 2022 OK, thanks a lot Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now