DrDave Posted January 17, 2023 Report Share Posted January 17, 2023 (edited) On 12/1/2016 at 3:09 AM, Hemant Kumar said: We also thought of getting a third party audit of Enpass but eventually had to drop this idea for some time (so far). All this because Enpass supports so many platforms with a high frequency of updates (all together) and it is not possible for us to get every update audited because every successive update will invalidate the last audit done. Also getting the source code audited is very hefty in terms of time and expense. It's even more expensive to lose many potential customers who will not buy because YOUR SECURITY APP HAS NEVER BEEN AUDITED. As of 2023 January 160,800 people have read this post because they are interested to know if your password software is safe. Clearly this topic is "of great interest" to customers and potential customers. Clearly additional effort and money put into this area will pay returns. Or by ignoring this area and by not funding it you will continue to turn away interested potential customers. I read your audit from 2018, the audit did not include the Enpass MacOS app, nor iOS app. Only the Windows & Android apps were audited. The audit found some serious vulnerabilities and they were able to crack the Enpass master password in 40 minutes. That's terrible news for a password manager. I would expect that Enpass team would want to quickly fix those problems and retest with a new audit. Instead, in 4+ years there is no new audit. The Enpass MacOS & iOS apps have never been audited. Very unsettling. Please meet this challenge and you will be on your way to being a major profitable app. I love the feature set of Enpass, I want to be a buyer, but I can't because the app needs to be built with strong security, or it is less than nothing. Enpass needs to prove itself to win customers. Edited January 17, 2023 by DrDave add minor details & encouragement to audit 1 Link to comment Share on other sites More sharing options...
symmetricalboy Posted January 29 Report Share Posted January 29 https://www.enpass.io/security-audit-report/ Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now