APremiumUser Posted July 20, 2022 Report Posted July 20, 2022 (edited) Hi, I am a Premium lifetime user of Enpass and it is my favorite password management software. Currently with the pc version, I need to re-enter the master password every time I restart the OS to open Enpass, while the Android version can always use fingerprint/PIN for authentication, so why should I adopt different authentication strategies on different platforms? What is the basis of this consideration? Because my master password is very complicated and the process of entering it after each reboot is very painful, which greatly reduces my frequency of using Enpass. Could the choice be left to the user to decide whether to use Windows Hello/PIN or Master Password for authentication or for example, perform master password verification once a month in case the user forgets the master password? and of course, the master password method should be the default configuration for Enpass, which I think would have minimal impact on security since it's my personal computer and no one but me can No one but me can use it. Edited July 20, 2022 by APremiumUser
APremiumUser Posted July 20, 2022 Author Report Posted July 20, 2022 The above content is from Google Translate, there may be inaccuracies, please understand.
Abhishek Dewan Posted July 20, 2022 Report Posted July 20, 2022 Hi @APremiumUser We are glad to hear that you like using Enpass; thanks for all the support! Enpass does support Full-Time Windows Hello, even when you restart your device. Whether the full-time Window Hello will work on any device totally depends on the Windows itself. To determine the compatibility of the device to support Full-time Windows Hello (feature is only available with Enpass Store version), Enpass relies on this API provided by the Microsoft . It is the only way to distinguish whether the security keys are generated by a legit Hardware TPM. There is little Enpass can do in this case. Although for external TPM is available in the market we cannot ensure that they will support the given API. If your system supports Full-time Hello unlock, you will see a similar message under Windows Hello -
APremiumUser Posted July 20, 2022 Author Report Posted July 20, 2022 @Abhishek德万 感谢您的耐心回答。 我很确定我使用的是 Microsoft Store 中最新版本的 Enpass,我的电脑支持 TPM 2.0,并且我已经启用了它,但是为什么我不能全职使用 Windows Hello?
Abhishek Dewan Posted July 21, 2022 Report Posted July 21, 2022 Hi @APremiumUser Kindly share the version of the Enpass app and OS you are using. I will then have this further investigated with the team.
APremiumUser Posted July 22, 2022 Author Report Posted July 22, 2022 (edited) Hi@Abhishek Dewan Version: Windows 11, Enpass 6.8.2 Microsoft Store Here is the information output by Powershell: PS C:\Users\admin> Get-Tpm TpmPresent : True TpmReady : True TpmEnabled : True TpmActivated : True TpmOwned : True RestartPending : True ManufacturerId : 1095582720 ManufacturerIdTxt : AMD ManufacturerVersion : 3.78.0.5 ManufacturerVersionFull20 : 3.78.0.5 ManagedAuthLevel : Full OwnerAuth : ODB0oAtImuny5CVbEM0to3VzLD8= OwnerClearDisabled : False AutoProvisioning : Enabled LockedOut : False LockoutHealTime : 10 minutes LockoutCount : 0 LockoutMax : 31 SelfTest : {} PS C:\Users\admin> Get-TpmSupportedFeature -FeatureList "Key Attestation" key attestation PS C:\Users\admin> Get-TpmEndorsementKeyInfo -Hash "Sha256" IsPresent : True PublicKey : System.Security.Cryptography.AsnEncodedData PublicKeyHash : 59631a7712bfb43bd98218ae736faa37f0b75d9c419b601a87ad65c0c6b65263 ManufacturerCertificates : {} AdditionalCertificates : {[Subject] TPMVersion=id:00030001, TPMModel=AMD, TPMManufacturer=id:414D4400 [Issuer] CN=PRG-RN, O=Advanced Micro Devices, S=CA, L=Santa Clara, C=US, OU=Engineering [Serial Number] 2828F6629733A979112A30D5B94BA1B3 [Not Before] 2021/2/17 15:35:34 [Not After] 2046/2/17 15:35:34 [Thumbprint] 022E2EFA0F6A7A0C115C5BDE3C82828B4A664CF8 } PS C:\Users\admin> Get-TpmEndorsementKeyInfo IsPresent : True PublicKey : System.Security.Cryptography.AsnEncodedData PublicKeyHash : ManufacturerCertificates : {} AdditionalCertificates : {[Subject] TPMVersion=id:00030001, TPMModel=AMD, TPMManufacturer=id:414D4400 [Issuer] CN=PRG-RN, O=Advanced Micro Devices, S=CA, L=Santa Clara, C=US, OU=Engineering [Serial Number] 2828F6629733A979112A30D5B94BA1B3 [Not Before] 2021/2/17 15:35:34 [Not After] 2046/2/17 15:35:34 [Thumbprint] 022E2EFA0F6A7A0C115C5BDE3C82828B4A664CF8 } The following is the information output by WindowsAttestationTest_1.0.0.0: 14:28:22.1934474 HelloSupported::True 14:28:22.2034499 KCM::OpenStatus::NotFound 14:28:22.2034499 KCM::OpenFailed::RequestingCreate. 14:28:27.1052372 KeyRetrievalStatus::Success 14:28:27.1242397 GetAttestationStatus::NotSupported Edited July 22, 2022 by APremiumUser
Abhishek Dewan Posted July 22, 2022 Report Posted July 22, 2022 Hi @APremiumUser Thank you for sharing the details. I have forwarded them to our dedicated team for a thorough analysis of the issue you are facing. As soon as they update me, I will get back to you on this forum. Your patience in the meantime is appreciated. 1
APremiumUser Posted July 27, 2022 Author Report Posted July 27, 2022 @Abhishek Dewan Hello, I would like to know the progress of the investigation very much. This problem affects the experience very much.
Abhishek Dewan Posted July 28, 2022 Report Posted July 28, 2022 Hi @APremiumUser We are still investigating this concern as to why this issue is occurring in order to get to the root of it. I will not be able to share any ETA at the moment but rest assured, I'm personally following up on this case for you and will notify you in case of any updates on this matter. Enpass appreciates your co-operation and patience while we look into it for you.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now