Maybe it has already discussed but I try to understand why Enpass is more secure than "online" password manager. I need to sync my accounts to more than one device. So i decided to do that via WebDAV on my personal synology NAS system which is only reachable from the internet via VPN.

But however, I think my home is not as secure as a data center like from amazon. So, if my nas gets stolen, it may be possible to get the encrypted database file with the passwords in a more easy way then to break into the data centers used by online password manager. The same is for backup on other external drives. 

So what is the real different?

A hacker cannot login to my account? Well, they can't when use 2FA.

A hacker can get the encrypted DB file? Well this is also possible for Enpass as soon as you use the sync option (or the notebook gets stolen). As I said, i think it is more difficult to get these files from professional cloud providers others than from "local" storages. My home and NAS are not insecure but they are not Fort Knox :-D

So what I ask myself is: Isn't it just a feeling to be more safe? What do you think?

 

C.

 

Who is the more probable target: your personal NAS that no one really know exist, and that holds only one person's passwords?(and even then, no one knew it held your passwords database until you wrote it here)  Or, say, lastpass servers that thieves know holds billions of passwords?

Unless you are worth multi-billions yourself, I think your NAS is safer.

 

Edited January 12, 20188 yr by kinwolf

On 1/3/2018 at 8:10 AM, ChaosNo1 said:

Maybe it has already discussed but I try to understand why Enpass is more secure than "online" password manager. I need to sync my accounts to more than one device. So i decided to do that via WebDAV on my personal synology NAS system which is only reachable from the internet via VPN .

But however, I think my home is not as secure as a data center like from amazon. So, if my nas gets stolen, it may be possible to get the encrypted database file with the passwords in a more easy way then to break into the data centers used by online password manager. The same is for backup on other external drives. 

So what is the real different?

A hacker cannot login to my account? Well, they can't when use 2FA.

A hacker can get the encrypted DB file? Well this is also possible for Enpass as soon as you use the sync option (or the notebook gets stolen). As I said, i think it is more difficult to get these files from professional cloud providers others than from "local" storages. My home and NAS are not insecure but they are not Fort Knox :-D

So what I ask myself is: Isn't it just a feeling to be more safe? What do you think?

 

C.

 

14

Buddy, I am one of those who is very conscious about online security and privacy that is why I am using VPN for 6 to 7 months, and I think. VPN is more safe with VPN rather than without VPN. 

@ChaosNo1

The security of the data depends on mainly 2 things:

• access to the database file
• Encryption of the database

and let me tell you one thing first regarding 2FA:

2FA only restricts the access to the file, if they can access that some other way your 2FA gets useless, so you can use it to get a bit more extra security (I do so as well) but important: DONT RELY ON IT.

Regarding online Managers, they more than often enough allow for caching the database locally so there is usually also a local copy lying around for those making the only real difference between Enpass and online managers that with Enpass YOU CAN CHOOSE where to store your database. it doesnt have to be your NAS, any cloud provider would also do, and while some may not like the fact that cloud providers have the database, there's another big difference between a database stored in the classic cloud and an online manager.

THE SEPERATION OF APPLICATION AND STORAGE.

nothing can really prevent a maker of password manager being forced by their government to implement code to get your passwords, but the thing is that when you have the data at some place which is not by the maker they now have a problem because with a strict firewall a sync will only occur to the place you selected, making it harder for them to get anything, and that even more so when you use your own storage.