How about a service like LastPass or 1Password to make it easy to store all passwords and secure notes either online and synced with other computers and devices, or locally on one device. A secure password manager using the best of ProtonMail/ProtonVPN services
Thank you for your suggestion. Password security is incredibly important and something we take very seriously at Proton Technologies. We will consider add a Password Manager to our product suite roadmap.
[Deleted User] commented
there is nothing better than enPass now
Mad As commented
I'm with Bad Idea & Hunter Hogan: minus a bazillion.
If you want to get the Proton Devs attention show your support here:
Bad Idea commented
bad... BAD idea.... There are plenty of apps out there that already do this.
Moreover, you mentioned one of them - LastPass. You can also use KeePass or its derivatives for a local solution, if you do not trust LastPass storage.
The main idea behind ProtonMail is that IT IS NOT GOOGLE and it doesn't try to provide everything to everyone, because if it does, it's either going to go DARK or is going to have some flaws within the important services.
One important note in privacy is the fact that you have to decentralize wherever it is possible, thus keeping things separate.
Protonmail does a great job on e-mail, and tries to improve it, that is why a lot of people like it that much.
Hunter Hogan commented
MINUS 100,000,000 votes. I trust Protonmail. If you made a password manager, I would also trust the password manager. Nevertheless, a fundamental and indispensible aspect of Protonmail is that Protonmail cannot possibly access the keys. Your service is analogous to putting money in a bank vault. If you were to offer a password manager service, that would be only a few degrees away from writing the combination to the bank vault on the front of the bank vault. For a more concrete risk: if you have the password manager and the emails, that makes it easier for a court order to get closer to the email contents. (I know that it doesn't automatically make it possible, but it does make it easier.) As a former prosecutor, I implore you not to make it easier for governments to get to the emails. And, as a former system/network administrator, I must remind you that part of your job is to protect users from themselves. Please, reject this idea.
Luís Bragança commented
You can use fully open-source applications for that.
I use KeePass 2 for my Desktop, TinyKeePass on Android (available on F-Droid) and Tusk (extension) on my web browsers. These 3 programs are fully open-source and since they all use the KeePass protocol they're all considered safe.
There are already lots of open-source password managers. I think we should give share new and nonexistent ideas for proton team.
Tohoo Vavohoo commented
There's a ton of great password applications out there. No reason for this company to spend time on it! Lots of other things you could be doing that haven't been done well.
I'd definitely use the ProtonMail Password Manager / Vault for life. I've been using LastPass for the past 3 years, but as easy and convenient as it offers, I still feel doubtful as the company has not clarified how and where our data are stored and used and it is also based in the US which makes it all the more scary, considering how powerful the government is. I've switched most of my email accounts to ProtonMail. I must say I've never felt any safer with any companies as with the ProtonMail Team.
Are Lomsdalen commented
I would gladly pay extra for this feature.
I paid for a VPN service ($7/month), before you gave us ProtonVPN
Paying $30 per month, is ,in my opinion, a steal for all the services you provide.
Hugo Peek commented
I'm also happy with using Keepass still and would rather see an option to securely backup (and possibly share) my keepass database, instead of yet another password manager.
ProtonTechnologies could host a bitwarden instance for us to store our encrypted password data with them. As a Bitwarden user it is a fine product, but I am not a fan how it is hosted on Azure under the US's jurisdiction. PM could buy a license to host it.
they do this already its called dashlane /bitwarden they would be wasting there time if they did this
I made a similar idea for a dongle type password that is like file upload but only gets the MD5/SHA of file and then uses that as a password. I posted about it here http://g0pg.xyz/filepassword I want to make it myself with php and mySQL
I currently use lastpass premium. I am happy that my data is encrypted by them but am no longer happy with my data being stored on US or EU data servers. I would switch and pay for the service
Obsolete. Especially synchronizing it across several devices opens up a password manager to various attack angles.
It's like sharing your girl friend with 100 guys and trusting her not to catch any STDs!
Lastpass is great but now that it has been bought by Logmein etc I don't really trust them .. 1Pass and others mentioned here where the passwords are kept locally are sort of OK, except that what if you have a few computers and locations? Hosting these on a Proton server might be a good idea ...
Meantime, a simpler searchable database on Proton X for URLs/ Passwords and address/ fill, routing info etc would be great. Copy and paste .. might be good enough if there are too many security holes when automatically filling in forms
Kepass is very good.
There's already open source password managers like Keepass and Bitwarden. I would rather see people support what's already out there.
Dilutes focus, there are enough services that do this well already.
KeePassX (in Gnu/Linux platform) is the ideal one to be stored all your passwords and credentials in your own computer. Do not trust any third party server to host such sensitive data.