Jump to content
Enpass Discussion Forum

Enpass not filling info when accessing HTTP (not HTTPS) websites


Recommended Posts

I have a couple local services (Portainer and NGINX Proxy Manager) that require username and password. Their hostname is in the form of http://hostname.lan:someport

When i try to use Enpass with those websites it simply won't fill the form and i have to manually copy paste my credentials. When i expose those same services with https everything works.

image.thumb.png.e5fea9f997d257af8d5769d9e36179c9.png

As you can see the credentials are saved and recognized, but when i click on those the form is not filled.

This problem appears in every browser/desktop OS combination, but everything works fine on mobile (safari + ios)

Link to comment
Share on other sites

  • 3 months later...

I'm having the same problem. It's extremely inconvenient for local devices and still not fixed in Enpass after serveral months. I'm not using the on-page dropdown in favor of clicking the addon icon. It works however, when going to the login page by clicking the URL in Enpass.

Edited by Bachsau
Link to comment
Share on other sites

Hi @Bachsau

I would like to share that if you create an Enpass Item for the HTTPS website, then Enpass cannot autofill the login details of the same Item in the HTTP URL of the same website due to security reasons. However, if you wish to autofill them explicitly then as a workaround, you can try the below steps:

  1. Create a new Item with HTTPS url then use the autofill feature.

  2. Update the existing HTTP Item and add the HTTPS URL to it.

#SI-3348

Link to comment
Share on other sites

9 hours ago, Abhishek Dewan said:

if you create an Enpass Item for the HTTPS website, then Enpass cannot autofill the login details of the same Item in the HTTP URL of the same website

The item holds two URLs. One is a HTTPS-secured dynamic domain for external access, the other is a local one for access from inside my home network.

10 hours ago, Abhishek Dewan said:

due to security reasons

But if I order it by double clicking the item, it should work. I am the user and the red banner in the Enpass popup is enough of a warning!

10 hours ago, Abhishek Dewan said:
  • Create a new Item with HTTPS url then use the autofill feature.

  • Update the existing HTTP Item and add the HTTPS URL to it.

Sorry, but I do not understand what you mean. The local URL is not available via HTTPS, which is no security threat since the data never leaves the local network.

Link to comment
Share on other sites

Enpass is on version 6.9.0, macOS 12.6.8 and Arch Linux. Add-On version is 6.8.3 on Firefox 116.0.2. The URL is "http://fritz.box/" on the local network. The FRITZ!Box by AVM is a very popular residential gateway in germany which uses this URL to host the devices's web-based control interface.

Edited by Bachsau
Link to comment
Share on other sites

Thanks, it works with a second item, even though I had to disable password checks to keep Enpass from complaining about doubled passwords – least you take that option away from us, too. Just know that no one likes to patronized and it just makes your software worse because the HTTP address was also part of the item, thus your decission goes against usability. Also, plain HTTP will always be there, especially on local networks, where you can't get a publicly trusted TLS certificate for a device.

PS: Maybe a meaningful error message would also be helpful if you don't want to change the behaviour. Otherwise all the user sees is that something is not working when he double-clicks an affected item.

Edited by Bachsau
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...