Require 2FA and password before accessing Proton Drive in Windows Explorer
I would like the addition of an option in the Settings menu.
If this option is checked, data 'at rest' in the Proton Drive is encrypted and unusable in a Windows computer by default, on each startup. Only after entering the Proton password and 2FA does the Proton app unlock, decrypt all files and make read/write possible.
To clarify, it could still sync files while in 'encrypted' mode from the cloud to on-premise, but always encrypted first. And usable upon unlock.
Then when the user actually wants to do something, they can enter credentials and decrypt their Proton Drive. Kind of like how a TrueCrypt disk would work.
As mentioned, this should be an 'option' so other users who want to leave their Proton Drive decrypted all the time can still do this.
The reasoning behind this addition is: it is ridiculously easy to bypass the Windows login screen when on-premise. Someone could login to your computer copy all ProtonDrive files to a USB and then leave, if the ProtonDrive is decrypted by default and accessible in Windows after login - as is the case now.
This kind of defeats the purpose of having an encrypted local Windows app, hence my suggestion.
Thanks for reading this far.
-
A commented
Yes, exactly! This seems like a critically important feature.
-
Josh commented
I would love to see this being implemented. pCloud have a 'Crypto Pass' solution, Proton doesn't, which is the only reason why I haven't jumped ship.
-
Pete commented
I agree in principal but for me it would be enough to simply "lock" the folder. The options might be similar to the Bitwarden browser extension where you can choose to logout or simply lock the extension after a period of time or on a certain event.
I would also like to see this for Mac OS.
-
perseus commented
I agree. Essential privacy feature for me. I would proton drive windows app to require app login when drive is accessed, with customisable timeout period, I would always like files to remain encrypted on the windows machine so they cannot be indexed by windows.
-
Cory commented
This would be great! I could settle for just a passworded vault though as well.
-
Phil commented
Yes! This is exactly why I don't use the Proton Drive app on my Windows laptop.
-
Thrr-Gilag commented
Can be mitigated by putting sync folder in a veracrypt drive but if something smarter can be done.
-
Forged commented
Another request that echos this but for Mac, please could the requests be merged to increase weight of the votes as both platforms miss this;
-
Forged commented
Exactly this request but for the MAC CLIENT TOO please!
Even just a biometrics or short passcode to decrypt/access the Mac drive folder rather than full log in. As it is currently I struggle with the security of my Drive folder on my Mac -
Anonymous commented
On Windows the proton drive folder can be accessed from any Windows account with administrator rights. As the client side security breaches are the most common, the proton drive folder should be encrypted locally (possibly with the credentials of the windows account or Windows hello) and decrypted/accessible only on the respective windows account.
-
Kimaro commented
This should absolutely be a thing, not a feature I would use, but 100% something I'd stand behind that should be implemented.
-
Schteek2000 commented
I would like to be able to set a time-limited password to access Proton Drive in Windows, but if a transfer has been started, it should be completed before locking occurs. And 2FA and password, before accessing Proton Drive in Windows Explorer.
-
shopping887 commented
Ideally, one could also still add files via drag&drop while the drive is encrypted, so these new files would be encrypted immediately without the need to decrypt the drive first.