MOM20xx Posted November 20, 2024 Report Posted November 20, 2024 Hi, I'm wondering why Enpass Folder on Onedrive is shared. On my Mac i see What is i:0i.t|ms.sp.ext|00000000-0000-0000-0000-0000442bb943@9188040d-6c67-4c5b-b112-36a304b66dad? My girlfriend has the same entry in your onedrive for enpass folder
MOM20xx Posted November 20, 2024 Author Report Posted November 20, 2024 ok this seems to be enpass itself according to the following screenshot. is this correct? and 9188040d-6c67-4c5b-b112-36a304b66dad is the microsoft tenant for microsoft personal accounts
Tarun Singh Rawat Posted November 27, 2024 Report Posted November 27, 2024 This is part of the sync process for Enpass on OneDrive. If multiple users have access to the same Enpass folder, they will be able to view the same entries across both of your OneDrive accounts.
Bachsau Posted December 16, 2024 Report Posted December 16, 2024 Microsoft uses tokens for everything, so if you change your account passwort or email address, apps and services won't loose the connection.
adioss Posted March 24 Report Posted March 24 Quote If multiple users have access to the same Enpass folder, they will be able to view the same entries across both of your OneDrive accounts. Hi, I'm not sure to understand how it's working: this sharing configuration seems mandatory although I share with nobody (and I don't want to share it) the way the sharing is created is strange: you cannot edit it and onedrive is failing to change the sharing options (lire remove or edit)
Bachsau Posted March 25 Report Posted March 25 (edited) Sharing is not mandatory, and if it were, you couldn't say that you share with nobody. If you did share the Enpass folder with another real user (which I wouldn't recommend), then of course that user would be able to access your vault's data, but would still need the master password to see the contents. However, what we're talking about here is not a real share, but the side-effect of a security feature. Like almost every other app accessing an account at any service, Enpass uses a so called OAuth token to do so. This way it doesn't have to store your username and password and also can do only the things on the account that it was authorized for. It seems that Microsoft uses some type of ghost user to provide that token, and this ghost user erroneously shows up in the sharing screen of the OneDrive app. This might be confusing but is nothing to worry about. It's a mere oversight of some OneDrive app developer in the process of fetching and displaying the folder's access rights, which also explains why the app isn't able to tamper with it and why you shouldn't try to do so. Edited March 26 by Bachsau
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now