Jump to content

Security of WebDAV password

Recommended Posts


I have just started using Enpass and it looks great so far.

I have concerns about the security of my WebDAV credentials. These do not look like they are stored in the vault so presumably are stored somewhere locally. What level of encryption is applied to these? Are they secured by my master password? If my device is lost and they are able to extract my WebDAV credentials then they will have access to far more data than just my (encrypted) vault. So I need to be assured that these credentials are stored in a way that is not reversible except with my master password.

This question is for both Windows and iOS.



Share this post

Link to post
Share on other sites

Hi @davidc,

Thanks for writing in.

I would like to share that WebDAV logins credentials are stored in the file Enpasssettings.db which is a SQLCipher file, encrypted with a randomly generated password which is stored in Enpass primary vault. Even if someone gets their hands on SQLCipher file they would still need your master  Password to decrypt it. 


Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...