Skip to content
View in the app

A better way to browse. Learn more.
Enpass Discussion Forum

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.
We’re on Reddit now, Come and join us there!!

Safer Enpass

Maurizio1313
in Data Security

Featured Replies

Hello, I am using Enpass with a password and the keyfile, every time I have to enter Enpass I must have the password together with the keyfile, but I have a doubt, it would not be more secure if the keyfile was used only the first time it is installed Enpass? If I have a virus on my computer, it manages to find out the password but does not know the keyfile so enpass cannot be installed on another computer.

On 3/22/2022 at 11:38 PM, Maurizio1313 said:

Hello, I am using Enpass with a password and the keyfile, every time I have to enter Enpass I must have the password together with the keyfile, but I have a doubt, it would not be more secure if the keyfile was used only the first time it is installed Enpass? If I have a virus on my computer, it manages to find out the password but does not know the keyfile so enpass cannot be installed on another computer.

The keyfile is part of the encryption and decryption of the primary vault, hence it needs to be present all the time. Worth to mention that any additional vault using a keyfile will save that password AND key file in the primary vault. 

Also, a virus that's gotten foothold in your box means your pretty much toast anyway, but to make it a bit harder you should read my post here 

 

Just make sure you still store the key file safely as it will still be needed, it just doesn't need to lay around.. 

    • Like 1
    • Author

    Hi, so using a windows computer do you recommend me to use Windows Hello to unlock Enpass? In this way the password and the keyfile are not needed, even if they must always be protected?

    Depends on your personal circumstances and preferences, but you won't have to input your password nor have the keyfile persistently available which reduces the risk for keyloggers or exfiltration of the keyfile. 

    But your computer still needs to be secured of course, and while the tpm guarded password would be tied to your one computer, keeping it physically secured and prevent people from looking over the shoulder becomes more important as a simple 6 digit code could log you on to the computer and also access Enpass. 

    Enpass themselves wouldn't "recommend" it, I assume this is because they can't guarantee the functionality for Hello since it's a windows function, Enpass merely uses it. But if your password and keyfile are safely stored you should be fine. But I would recommend that you occasionally try to unlock with password +keyfile to ensure function. 

    Create an account or sign in to comment
    Go to topic listing

    Account

    Navigation

    Search

    Search

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.