Wi-Fi Sync Server¶
Enpass provide Wi-Fi Sync Server as an alternative to cloud offerings to sync between devices. Enpass Wi-Fi Sync Server is a small WebDAV file server under the hood with a self-signed certificate, restricted to a folder of your shared vaults. Since this server is on your local machine, its address is made discoverable by the mDNS protocol. Enpass client on other devices can discover running Wi-Fi Sync Server on the network and pair with it.
At any point of the time in transit, your data is always protected with your master password. The following precautions are taken to restrict unauthorized access to your encrypted data.
- Access Password- Access Password a unique password generated randomly for each vault added to the Enpass Wi-Fi Sync Server. It acts as a WebDAV server password for that vault.
- Verification code- The Wi-Fi Sync Server uses a self-signed certificate for https protocol. Since there is no certificate authority involved, it’s the users’ responsibility to check if the certificate is the right one. A time-based verification code is displayed on both the devices, the desktop that’s running the server and the device which is being paired. If this code does not match, there might be a man in middle if everything else is right. It is advised not to continue the pairing.
Mobile phone can be paired directly via a QR code without manual entry of these access code and verification code.