Bachsau

Passkey login has to be requested by the site. Enpass can't just offer it. If the website only shows a password login form and then wants to create a new passkey, that's the websites fault.

If you access iCloud by means of macOS integration, additional authentication shouldn't be necessary. You just have to enable iCloud access in your system preferences. Using iCloud by other means with ADP enabled will never work, because the data is encrypted, which is the whole point. Please use a different sync provider if you need cross-platform access.

You are betraying the trust of your users with actions like this, even existing ones. I said this before: If you don't feel like giving away any new features for free, that's fine. Request another one time payment to unlock them. And if you feel that a lifetime license should be worth more than 60 dollars, than you should probably refrain from making special offers. But people need to be sure they will always have access to what they already have, regardless of future payments. This is especially crucial when you trust a piece of software with sensitive information. I won't pay for anything that will be taken away from me if I don't pay again in time!

Can we please have a dismiss button for that huge "enable Touch ID / Windows Hello" box on the start page? If people don't want to use it, they shouldn't be greeted with this every time they open the app.

Enpass already has passkey support. When requested by a website, it generates one and the browser plugin asks you to store it.

No, it's not. There are a bunch of shitty websites actively blocking auto-fill. Sometimes intentional, sometimes not, but it's up to them to fix it, so Proton is who you should complain to.

Yeah, especially the part where he attacked my personality based on my profile picture was very helpful. 🙄 I'm using Enpass on all three platforms via store / package manager and really wasn't aware there is also a website download. However, when talking about "minimisation of IT applications", I don't see how having a standalone updater for everything is minimalistic. I'd rather call it overhead if the platform has a built-in general install and update service.

Passkeys have nothing to do with biometrics. They are just private/public key pairs. Wether or not they can be unlocked by biometrics depends on your Enpass settings, which apply to passwords and passkeys alike. Also, permanently declining won't solve your problem as most browsers will just go on trying to create the passkey in their own or the OS keychain next. Instead you would need an extension that makes the browser report it's missing passkey support entirely, but I don't know it that is even possible, especialy with Manifest V3. Browser and OS vendors really, really want to have your passkeys in their clouds.

Enpass is updated by the store you got it from, like Google Play, Apple App Store or the Microsoft Store. On Linux it is done through your package manager. So all such an option can do is link you to the updates page of whatever store you're using, and automatic updates are controlled by the settings of that store.

Sharing is not mandatory, and if it were, you couldn't say that you share with nobody. If you did share the Enpass folder with another real user (which I wouldn't recommend), then of course that user would be able to access your vault's data, but would still need the master password to see the contents. However, what we're talking about here is not a real share, but the side-effect of a security feature. Like almost every other app accessing an account at any service, Enpass uses a so called OAuth token to do so. This way it doesn't have to store your username and password and also can do only the things on the account that it was authorized for. It seems that Microsoft uses some type of ghost user to provide that token, and this ghost user erroneously shows up in the sharing screen of the OneDrive app. This might be confusing but is nothing to worry about. It's a mere oversight of some OneDrive app developer in the process of fetching and displaying the folder's access rights, which also explains why the app isn't able to tamper with it and why you shouldn't try to do so.

There already is a setting to disable handling of passkeys by Enpass, but it's in the browser extension options, not the Enpass app. chrome-extension://kmcfomidfpdkfieipokbalgegidffkal/pages/settings/option.html

Just don't. This is another reason why people get "hacked". You can't trust other people's devices. There is no excuse to ever log into any of your accounts on another one's device. If you feel like you need to, change your workflow. Use sharing features or emails.

Microsoft uses tokens for everything, so if you change your account passwort or email address, apps and services won't loose the connection.

Enpass' passkey support is still very basic and lacks certain features that make it very inconvenient to use. I would like to see the following improvements: I don't want to re-type my master passwort if Enpass is already unlocked (desktop version). For a password I can just fill it out by selecting it from the list or dropdown. It should be that easy with a Passkey, too. Put a confirmation button there and only ask for authentication when Enpass is locked. 2fa codes are automatically copied to the clipboard after choosing a password entry. Not so after logging in with a passkey. Make it work. System integration. Enpass on desktops works via browser extensions, but that's confined to the browser. macOS features a system-wide auto-fill since the release of Ventura, yet Enpass still doesn't integrate with it. This makes it impossible to use passkeys in apps and built-in web views where the browser extension is not available.

What's it with this "seems you haven't used Enpass for a while" anyway? Even if this would be true – there's no reason to ever repeat this verification process ever. Once connected, it's done!