I tried that and I see the 403 Error code thrown up saying Ungoogled Chromium is unsigned
Divine_Barakah's Security Config 2023
- Thread starter Divine_Barakah
- Start date
Tested with LibreWolf browser. Same Error Code 403
So, Ungoogled Chromium and LibreWolf browsers are not supported because they are not code-signed
Tested with Firefox browser and it works well
So, Ungoogled Chromium and LibreWolf browsers are not supported because they are not code-signed
Tested with Firefox browser and it works well
- May 10, 2019
- 2,289
According to Enpass support, this is a security measure. They recommend using code-signed browsers.
I really like Ungoogled Chromium, but I wish it was signed.
A lot of redundant software installed, would consider slimming down the build to it’s core.
- May 10, 2019
- 2,289
Thanks for the suggestion. Could you please be more specific and point out the redundancy?
- May 10, 2019
- 2,289
Installed Emsisoft Business.
After a very long time in assessing my password practices. I have decided to go back to Enpass, but with a much more secure config.
Now I have two vaults. The primary vault is used to store logins (without 2FA data) and product keys. The second vault is only used to store 2FA keys and backup codes. Both vault are protected by completely different passwords and I have made Enpass generate two different key files for increased security. Both vaults are synced to my Koofr account using WebDav. The generated key files are not stored in the cloud and thus, if an attacker gains access to my synced Enpass dafa, they would still need the keyfiles to decrypt the vaults. Tbh, I am very satisfied with this config even though it is inconvenient.
After a very long time in assessing my password practices. I have decided to go back to Enpass, but with a much more secure config.
Now I have two vaults. The primary vault is used to store logins (without 2FA data) and product keys. The second vault is only used to store 2FA keys and backup codes. Both vault are protected by completely different passwords and I have made Enpass generate two different key files for increased security. Both vaults are synced to my Koofr account using WebDav. The generated key files are not stored in the cloud and thus, if an attacker gains access to my synced Enpass dafa, they would still need the keyfiles to decrypt the vaults. Tbh, I am very satisfied with this config even though it is inconvenient.
- Nov 26, 2017
- 728
This is the solution I used to use but as you said it is inconvenient.
I no longer use a keyfile because I know that a simple password can be strong enough if it is long enough, however, I feel that the advancement of technology makes it inevitable that I will have to start using a keyfile again.
- May 10, 2019
- 2,289
Now I have gone further and synced my two vaults to different clouds. The primary vault is synced to my Koofr while my 2FA vault is synced to iCloud.
- Oct 16, 2022
- 624
Now I got you, then you talk around that you don't sync your passwords in the cloud using a PM? Using the PM server cloud or not, can be iCloud,G.Drive,Onedrive,Dropbox,etc....All are considered in the cloud always a risk, hosting the database on the web anywhere is a risk even using WebDav. Store passwords locally, are very few people who do this. Even more people who use 2 or 3 devices as is my case here and many people here in MT.
- May 10, 2019
- 2,289
You are right. Storing passwords locally is the safest. Unfortunately, WIFI sync is not %100 reliable. Thus, I decided to store the vault in my own cloud. It is a security risk, I agree. But tbh it is more secure (or less valuable to hackers) that storing it on companies servers. It makes more sense to hackers to target BW, Dashlane or any other password manager servers which hosts the data of millions of customers rather that targetting the poor Divine_Barakah’s cloud.
I am going to play with Wifi sync (of course I have backups of my passwords in case sth wrong happens) and I am going to report issues to Enpass.
I reported issues with SP wifi sync but support could not fix them. They said that wifi sync works best if used in two devices not more. I hope Enpass support do better when I report issues to them.
Instead of storing in clouds for easy access outdoor, you can store in encrypted portable SSD with a backup SSD at home. Safer than storing in clouds since you are controlling the SSDs. Sometimes clouds can have glitches and access can be disrupted or being hacked unless you are paying for safer, better-privacy encrypted zero-knowledge cloud services. Also, you don't need to deal with different cloud providers
Last edited:
- May 10, 2019
- 2,289
I have Enpass Portable on USB 3 drive and I am using it. I am only using cloud sync only to sync my password to my mobile devices. Unfortunately, storing my passwords on an SSD (or usb drive in my case) does not not solve that.
I might use the usb drive to access my password on my computers and maybe enable wifi sync to sync my passwords to my mobiles? I will see about that.
I believe this encrypted USB flash drive from iStorage datAshur solves the syncing issue between Windows and mobile. Get one for backup as well. Everything is in your control
datAshur - iStorage (UK)
FIPS 140-2 Level 3, PIN-authenticated, hardware encrypted flash drive that securely encrypts, stores and protects data to military standards.
istorage-uk.com
Amazon product ASIN B015DB9G7S
Also comes with a biometric version
Amazon product ASIN B08GMBRHTZ
Last edited:
- Oct 16, 2022
- 624
Yes, correct locally is more "Safe"
I wouldn't say %100 but %98.99. WiFi syncing works as follows, you have 4 devices on your network, these devices are represented by A,B,C,D for a little comparison. When you add an account in your PM on device A, it will sync seamlessly with A and B, plus C and D the account will not receive that account, so it was just syncing between device A and B. For some unknown reason they don't see devices C and D. It's just an analogy of mine, if you don't understand, just disregard what I said.
Your own cloud? I'm crazy about it.
Gee whiz, if your private cloud is more secure I am interested in buying how much is it? is it by subscription or lifetime license?
Yes, this is true hackers interest famous people, celebrities, politicians, CEO of a company, businessmen, journalists, government officials, if you don't fit this description then you are "safe".
Yes, of course I am right you are their customer, any problem you have the technical support for that, just open a ticket.
It is sad to hear this, we will talk more about SP another day.
I hope it works perfectly, when I used enpass many years ago there was no syncing via WiFi, it was just store locally or sync via WebDav or use GDrive,OneDrive,Dropbox now it has been a while since I used enpass so I am misinformed.
- May 10, 2019
- 2,289
Currently experimenting with KeePassXC on Windows and Strongbox on iOS.
Similar threads
