How can we improve ProtonMail?

ProtonVault

How about a service like LastPass or 1Password to make it easy to store all passwords and secure notes either online and synced with other computers and devices, or locally on one device. A secure password manager using the best of ProtonMail/ProtonVPN services

2,516 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Merlyn Gordon shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    38 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Sharon commented  ·   ·  Flag as inappropriate

        Great to hear you're considering this option! The only things is, I just started with Last Pass very recently, so am hoping you'll offer a very simple approach to exporting/importing our data from them?? If not. I can envision repetitive strain injury for my poor little fingers on the horizon.....

      • JC commented  ·   ·  Flag as inappropriate

        I use LastPass for this at the moment, but rolling similar cross-platform/cross-device into the PM suite would be a great consolidation (and as I'm not sure where LastPass will go with their new corporate structure I'd like an alternative!)

      • Anonymous commented  ·   ·  Flag as inappropriate

        Hello, Actually, I use Contacts to store my passwords, I only use name field with prefix pwd+... and the label "Role" where I write the password. It's just missing a field labeled like "Pwd" where you can put a very long string of caracteres.
        Best regards

      • GM commented  ·   ·  Flag as inappropriate

        Keepass is free and opensource, works great. I wouldn't trust storing ALL of my password remotely.

      • Adam R commented  ·   ·  Flag as inappropriate

        If you had a drive feature, using Keepass or another similar program would be an option and a lot less programming on your end.

      • Ross commented  ·   ·  Flag as inappropriate

        This is completely redundant.

        There are already a number of open-source password managers. The best and easiest, in my opinion, is Bitwarden, which is very much like Lastpass, except that it's cheaper and completely open source.

        Lastpass is NOT a privacy-respecting option. Please realise that privacy and security aren't the same thing. Lastpass is SECURE because it stores your credentials encrypted. It is NOT private because the websites fields, which show which domains you have accounts with, are NOT ENCRYPTED, which means that you can be profiled according to the unique set of domains with which you have accounts. For more details read this: https://systemoverlord.com/2015/09/16/what-the-lastpass-cli-tells-us-about-lastpass-design/

        The best non-synced (completely offline) password manager is KeePassXC, which is completely multi-platform, free and open source.

        So no, there is no need for a "ProtonVault". A lot of other stuff should be fixed first with Protonmail, like email search, calendaring, support for multi-label searching and yubikey support for all browsers.

      • Anonymous commented  ·   ·  Flag as inappropriate

        I want to be able to not have “Sent from my ProtonMail mobile” account in my signature.

      • Bad Idea commented  ·   ·  Flag as inappropriate

        bad... BAD idea.... There are plenty of apps out there that already do this.
        Moreover, you mentioned one of them - LastPass. You can also use KeePass or its derivatives for a local solution, if you do not trust LastPass storage.
        The main idea behind ProtonMail is that IT IS NOT GOOGLE and it doesn't try to provide everything to everyone, because if it does, it's either going to go DARK or is going to have some flaws within the important services.
        One important note in privacy is the fact that you have to decentralize wherever it is possible, thus keeping things separate.
        Protonmail does a great job on e-mail, and tries to improve it, that is why a lot of people like it that much.

      • Hunter Hogan commented  ·   ·  Flag as inappropriate

        MINUS 100,000,000 votes. I trust Protonmail. If you made a password manager, I would also trust the password manager. Nevertheless, a fundamental and indispensible aspect of Protonmail is that Protonmail cannot possibly access the keys. Your service is analogous to putting money in a bank vault. If you were to offer a password manager service, that would be only a few degrees away from writing the combination to the bank vault on the front of the bank vault. For a more concrete risk: if you have the password manager and the emails, that makes it easier for a court order to get closer to the email contents. (I know that it doesn't automatically make it possible, but it does make it easier.) As a former prosecutor, I implore you not to make it easier for governments to get to the emails. And, as a former system/network administrator, I must remind you that part of your job is to protect users from themselves. Please, reject this idea.

      • Luís Bragança commented  ·   ·  Flag as inappropriate

        You can use fully open-source applications for that.
        I use KeePass 2 for my Desktop, TinyKeePass on Android (available on F-Droid) and Tusk (extension) on my web browsers. These 3 programs are fully open-source and since they all use the KeePass protocol they're all considered safe.
        There are already lots of open-source password managers. I think we should give share new and nonexistent ideas for proton team.

      • Tohoo Vavohoo commented  ·   ·  Flag as inappropriate

        There's a ton of great password applications out there. No reason for this company to spend time on it! Lots of other things you could be doing that haven't been done well.

      • Anonymous commented  ·   ·  Flag as inappropriate

        I'd definitely use the ProtonMail Password Manager / Vault for life. I've been using LastPass for the past 3 years, but as easy and convenient as it offers, I still feel doubtful as the company has not clarified how and where our data are stored and used and it is also based in the US which makes it all the more scary, considering how powerful the government is. I've switched most of my email accounts to ProtonMail. I must say I've never felt any safer with any companies as with the ProtonMail Team.

      • Are Lomsdalen commented  ·   ·  Flag as inappropriate

        I would gladly pay extra for this feature.
        I paid for a VPN service ($7/month), before you gave us ProtonVPN
        Paying $30 per month, is ,in my opinion, a steal for all the services you provide.

      • Hugo Peek commented  ·   ·  Flag as inappropriate

        I'm also happy with using Keepass still and would rather see an option to securely backup (and possibly share) my keepass database, instead of yet another password manager.

      • Anonymous commented  ·   ·  Flag as inappropriate

        ProtonTechnologies could host a bitwarden instance for us to store our encrypted password data with them. As a Bitwarden user it is a fine product, but I am not a fan how it is hosted on Azure under the US's jurisdiction. PM could buy a license to host it.

      • Anonymous commented  ·   ·  Flag as inappropriate

        they do this already its called dashlane /bitwarden they would be wasting there time if they did this

      ← Previous 1

      Feedback and Knowledge Base