sbstnzmr Posted November 16, 2023 Report Posted November 16, 2023 My Enpass suddendly wants a new authentication. Since I need to have ZScaler running it is failing the SSL verification. However this should not be an issue. Why does anybody think that locking a user out of a local installation with a local vault is anything that should be possible? Password managers run on trust. A password manager that locks you out is as bad as an insecure one. I bought the app some while ago. I can activate my the premium I got for buying it before the subscription model. Why would I ever need to re-activate a local installation? I really can't put it into words how dumb that is. The only way around it seems to be using a different software and telling everybod to stay away from Enpass since you cannot trust the App to continue to work. By the way, the reason in the message for verification says I wasn't using the app for a while. Which is not true since I'm using it every working day. I also contacted support, every day for a couple of days. No response.
Abhishek Dewan Posted November 17, 2023 Report Posted November 17, 2023 Hi @sbstnzmr We have received your query on support@enpass.io and have already responded to the same. To avoid duplication of efforts and confusion, we request you to please revert to the same. We appreciate your understanding in this case.
sbstnzmr Posted November 20, 2023 Author Report Posted November 20, 2023 I'm still waiting for any helpful information though. You send an email telling me support is waiting for my response. There was no support email. You didn't include any information in the mail that reached me. You didn't respond to any of my replies telling you that I never got any supporting mail. I appreciate you understanding that this is not a decent support. Additionally I think it would be benefitial for you to publicly state, why locking user our of their password manager is something you think is a good idea. I consider this immensly harmful behaviour of an app I should trust.
Ivarson Posted November 20, 2023 Report Posted November 20, 2023 (edited) I agree with @sbstnzmr here. It's one thing to utilize SSL pinning, but a completely different thing to force lockout with the 'local' architecture in mind. At the very least there has to be an official, completely offline method for airgap-activating and maintaining licensing. Especially in the Enterprise-segment this is always an option. The very same audience would most likely expect Enpass with its nature to have and honor a switch in Settings->Advanced that disables Enpass from initiating outbound network requests to public internet. Staying local with Enpass should be possible. Edited November 20, 2023 by Ivarson
sbstnzmr Posted December 2, 2023 Author Report Posted December 2, 2023 There is still no real update. There was some generic mail exchange like "did you try reinstalling the app". There is still no solution and the current resolution was "we will get back to you" which they didn't. There also is still no explanation why it's a feature that a locally installed and activated app has a session that can expire. I still can only use the free version of the app I payd for.
sbstnzmr Posted January 21, 2024 Author Report Posted January 21, 2024 So how is it going with that promise @Abhishek Dewan: Quote Rest assured; we are doing our best to find a fix for the issue. Our Enpass Support Team will update you within the next 15 days. Issue is still unresolved. I still got no explanation why this "feature" exists or when it will be solved. I'm still not able to use the software I paid for.
Mohit Thapa Posted January 23, 2024 Report Posted January 23, 2024 Hey there, I have just messaged you. Please do check your direct messages (DM).
sbstnzmr Posted January 26, 2024 Author Report Posted January 26, 2024 Are you serious? You send me a generic "pleas restart the app". We were past this month ago. This is no solution. And still the most important question remains why is there a local session that can expire. I had a perfectly running and activated App. The whole support here is more than just underwhelming. Nobody should ever trust this software with anything if that is your business practice.
sbstnzmr Posted March 17, 2024 Author Report Posted March 17, 2024 To whom it may concern, there is still no reply. I don't even want a solution for the SSL problem. I just want an answer, why there is a session for a local vault that can expire. Of course after that horrible support (and the support ghosting me) I moved on. I still advise everyone to stay far away from Enpass.
Amandeep Kumar Posted March 19, 2024 Report Posted March 19, 2024 @sbstnzmr & @IvarsonI'd like to take this opportunity to inform you that our development team is already aware of this issue and was actively working on refining the pinning architecture. We have fixed this issue, and the solution will be included in the next update. Before the official release, we will also provide access to the beta version. Once it's available, I'll notify you here. We appreciate your patience in the meantime. #SI-3465
sbstnzmr Posted September 21, 2024 Author Report Posted September 21, 2024 I just got a "Session Expired" on my Linux machine. You may have "fixed" the SSL problem, not by me providing a certificate, but by disabling it. But there is still no reason for a session that can expire for a lokal app with a local vault.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now