Jump to content
Enpass Discussion Forum

Recommended Posts

Posted

As an alternative to the master password hardware tokens (YubiKey, smart card) should be supported. Some YubiKeys (e.g. Neo) support not only U2F or OTP but can also store PGP and X.509 certificates (and private keys). This could be used to decrypt the password store and if the token is removed the vault gets locked but one can still use the master password.

Compared to 2FA this works perfectly well with the offline concept of Enpass. And it would also support those who yearn for a short PIN alternative (like myself) w/o compromizing security.

  • 3 weeks later...
  • 2 months later...
Posted

Just created an account to support this.

This is a vital feature that hopefully can be used with PINs or as a replacement for PINs and can improve security a lot, especially if it were to be useable on all your current mobile apps and all your desktop applications.

Please consider this as a high priority feature on your roadmap as it would help the more security focused people invest in Enpass.

Posted

although there is just one problem. if you use enpass with mobile you have the problem that most probably those cant really deal with smartcards.

the only way I see this happening is as a possible replacement for the master password with still allowing one to be set and used for mobile usage.

Guest
This topic is now closed to further replies.
×
×
  • Create New...