Jump to content
Enpass Discussion Forum

what is EnpassHello.exe?


oranges
 Share

Recommended Posts

i just updated my enpass, and when i use Windows Hello to unlock Enpass, there is a new exe called EnpassHello.exe trying to make an outgoing request to Akamai?

if i denied the request my Enpass was refusing to unlock with Windows Hello and it kept asking for Master Password. 

for now i accepted the outgoing request just so my Enpass would function, but it does feel kinda suspect

Link to comment
Share on other sites

@oranges in the recent update 6.9.0 they have mentioned in release notes that windows hello auth may required second times. Can you please confirm are you facing this problem each time when you unlock the app using windows hello??

:https://www.enpass.io/release-notes/windows-10-desktop/

  • Strengthened the security of your vaults by optimizing the key generation process. The encryption key derived from your master password, which is used to secure your data, will now undergo 320K rounds of PBKDF2-HMAC-SHA512 iterations, a substantial increase from the previous 100K rounds. All existing vaults (excluding backups) will be upgraded. (Note: May require a second authorization for using biometrics)

 

Edited by Samuela
Link to comment
Share on other sites

i just read the notes, so can you explain what data is being sent by EnpassHello.exe? 

is this the encryption key derived from the master password being sent to your servers to be strengthened?

regarding the issue, i had blocked the outgoing request for EnpassHello initially.  when using Enpass, Windows Hello would recognize my face, then it appeared as if Enpass would unlock, but then Enpass was still locked, and would prompt for the Master Password.

i then let the request from Enpass Hello go through (didn't feel great about that), and now it works fine. 

any transparency on the data being sent across would be appreciated, thanks

Link to comment
Share on other sites

Hi @oranges

To enhance the security of Enpass, we have implemented an encryption iteration count increase from 100k to 320k in the current version. Here EnpassHello.exe is a programme file specifically designed to enable Windows Hello support for Enpass App, a password management software to be compatible with Windows operating systems.

During the upgrade to a new Enpass version that supports Windows Hello, users will encounter two Windows Hello authentication prompts:

1. The first authentication is to unlock Enpass using Windows Hello.
2. The second authentication is required to complete the encryption iteration upgrade, increasing the count from 100k to 320,000 rounds.

It's essential to note that if a user decides to cancel the second Windows Hello authentication prompt, Enpass will disable Windows Hello and provide a notification to the user and would like to reiterate that Enpass does not store any data associated with the user's Windows Hello authentication.

Please be aware that the requirement for two Windows Hello authentications during the initial setup process after upgrading to the new version is due to the fact that the Enpass App does not store the Windows private key. This is a one-time process to ensure the utmost security and protection of user data

Link to comment
Share on other sites

hello abhishek

thanks for the explanation regarding the two Windows Hello authentication prompts.

on my end i didn't cancel any Windows Hello prompts and did accept them, but the issue arose when i disabled an outgoing request by WindowsHello.exe -- i have an outgoing firewall that will catch any requests that have not been approved.

in my case, after upgrading, EnpassHello.exe tried to make an outgoing request, sending data to Akamai during the upgrade encryption process.  that was the original concern, that there was data of some sort being sent out, i didn't log the request response so im not sure what it was for, but i hope it was just something trivial such as a confirmation that the upgrade was successful or something without any of the vault's info (such as encryption key).  

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...