Jump to content
Enpass Discussion Forum

Masterpassword stored locally


Anonym Potato
 Share

Recommended Posts

Hello, I am relatively new to Enpass,

I noticed, that after reboot, I can use the PIN to access my fault. How can this be secure?
This means that the Masterpassword is stored locally on the flash memory.

This and the fact, that there have never been an security audit for iOS really worries me.

Can someone explain to me, how this might possibly secure? I have a feeling, that the reason, why there is no security audit is, that they know, that there is no way there application passes the audit.

  • Like 1
Link to comment
Share on other sites

  • 2 months later...

The Security Whitepaper says: „Enpass stores an obfuscated version of your master password in iOS Keychain that can only be accessed by Enpass“

I don‘t understand why the masterkey needs to be stored on the flash memory. Even if this protects the key against other apps. It don‘t protects the key from being physically retrieved.

I don‘t get why this risk is even necessary. Why can we not get the same security like 1Password users, by simply entering the key on every startup.

Link to comment
Share on other sites

  • 1 month later...

Ultimately, Enpass stores all of your passwords on the device. Therefore if you don't trust the device, you shouldn't install Enpass on it at all.

The iOS keychain is designed to store things privately. Yes there are ways to dump the keychian, but especially if your device isn't jail broken and you have a strong password to lock the phone the Keychain is very secure.

Also there really is no alternative other than to make the user type the master password every time they need to auto-fill a password or do a background sync operation - and the entire point of Enpass is to let users avoid typing passwords.

Link to comment
Share on other sites

  • 1 month later...
On 8/12/2019 at 3:42 AM, abhibeckert said:

Also there really is no alternative other than to make the user type the master password every time they need to auto-fill a password or do a background sync operation - and the entire point of Enpass is to let users avoid typing passwords.

1Password will delete the masterpassword. there is a timeout. even, if you turn off your phone, you have enter the masterpassword again. why this is a problem for enpass? 

Link to comment
Share on other sites

Retaining the master password in memory, like on desktops???

My whole problem is, that the password is stored permanent on the Flash memory. If you turn off your phone, the master password can still be recovered.

All the other password managers do it like this. Why does Enpass thinks, the user is unable to enter the master password on device restart? I would even say, that this makes it much more probable to forget your password, if you never have to retype it.

Link to comment
Share on other sites

On 9/17/2019 at 7:01 AM, Fabian1 said:

1Password will delete the masterpassword. there is a timeout. even, if you turn off your phone, you have enter the masterpassword again. why this is a problem for enpass? 

I use 1Password and Enpass. They both store your master password in the keychain and 1Password definitely doesn't require entering it after a restart.

Both 1Password and Enpass allow you to configure a timeout. The shortest timeout in 1Password is an hour - they store it in your keychain on flash memory exactly the same as Enpass (and probably for longer than an hour).

If your passwords are sensitive enough for keychain's security model to be unacceptable then they shouldn't be stored in *any* password manager. Switch to something simple like a plain text file encrypted with AES for those specific passwords. If you want to be worried about anything, you should worry about browser plugins creating a significant attack surface. That's far more likely to result in a compromise than Apple's keychain database.

Edited by abhibeckert
Link to comment
Share on other sites

The same goes for me. 1Password requires the master password after restarting the iPhone. The biologic unlock is not possible. With Enpass the Unlock is possible directly after the restart by fingerprint. That's not good and incomprehensible.

Turning off the phone should always be a kind of a emergency stop. For example, many people turn off their phones at the border.

With a switched off phone, a potential attacker has all the time in the world to think about how to crack it. Hackers have already demonstrated, that it is possible to take the fingerprint of a person from a coffee cup, make a copy an trick the iphone.

Dear Enpass Team, please change. There is no reason that PIN and fingerprint remain even after a reboot. In addition, we would like to be able to set a timeout after which the master password is also retrieved.

What exactly is so difficult about that?

  • Like 1
Link to comment
Share on other sites

Hi all,

Very important discussion going on here. We had this feature once in Enpass as a mandatory setting and we remove it after backlash from users (convenience wins over security:(). Meanwhile, I have prioritize this feature request and it will be available as an advance option just like 1password.

Cheers:)

  • Like 2
  • Thanks 1
Link to comment
Share on other sites

another desirable change would be:  the use of PIN and Biometric Unlock at the same time.

That makes sense in the two-factor security philosophy: PIN - something you know.  Finger or face - something you have.

Biometric features alone are not safe, because unlocking can be done against the will of the user.  For example, a border official would only have hold the iPhone in front of your face to unlock.  And fingerprints are often stored on the border anyway.  The combination of PIN and Biometric Unlock would also make very short PINs possible, maybe only two or three digits. That would be very comfortable. And ih would be very safe, because someone who looked over the shoulder while unlocking, could not do anything with it, because he lacks the biometric part. 

Link to comment
Share on other sites

  • 1 month later...
  • 2 weeks later...
  • 1 year later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...