The dedicated Protonmail community deserves a real response from the crack team of Protonmail scientists and engineers. When are you implementing Yubikey or are is your tag line just bs?
"We are scientists, engineers, and developers drawn together by a shared vision of protecting civil liberties online. This is why we created ProtonMail, an easy to use secure email service with built-in end-to-end encryption and state of the art security features. Our goal is to build an internet that respects privacy and is secure against cyberattacks.
We are committed to developing and widely distributing the tools necessary to protect your data online. Our team combines deep mathematical and technical knowledge from the world's top research institutions with expertise in building easy to use user interfaces. Together, we are building the encrypted communication technologies of the future."
trade imex commented
If you want further analysis and the best advice about the <a href=https://www.tradeimex.in>Import Export Data</a> or Global Trade Data of any country, then get in touch with TradeImeX® Info Solution Pvt Ltd.
Yeah, too funny.
Five years of using a Security Key on Tutanota with Zero problems, now they even have it on mobile.
Totally pointless if you have to have TOTP on.
One of the suggested work arounds if you are only using on Desktop is to just remove the TOTP Code in your App. (Make sure you have your Back up Codes)
However this is all just silly.
Also No ETA given so... yeah.
Well, we have the feature now
you cannot enable it without having OTP enabled which is a shame.
Maybe soon™ ?
They just added this option for web. https://proton.me/blog/security-keys
"We are committed to developing and widely distributing the tools necessary to protect your data online."
- Over 5 years and still no Security Key.
The Proton Team - "we are aware how important this is for some of our users"
With such a committed team of scientists, engineers, and developers working to protect civil liberties, you would think implementing the best security login available would be really important to Proton. More important than say, creating a calendar or cloud storage.
Yubikey can't be trusted, please add support for all security keys.
Not looking good Proton.
It’s great they wrote that they were starting it, however this is what we’ve been heating for years! I really really really hope someday they will actually backup these words with some actual action. I is very important my privacy..
Once this is released, I will switch to ProtonMail as my main email address.
i would like to see a 2FA physical option with key like yubikey on web browser and android mobile app. this could be more secure than 2FA like google authentificator
Mikey Sleevi commented
It would be great to have backups for multi-factor methods like YubiKeys or TOTP. This is offered in other services like Tutanota.
Max Potaß commented
I honestly just assumed, the had this already and bought a key... (That one is on me.)
Please add it.
PROTON IS FINALLY GOING TO WORK ON IT! AFTER YEARS!!! THEY RESPONDED ON JUNE 27 2022!!!
I thought I read someone from ProtonMail, maybe on reddit, saying that domain unification was necessary for this. Well now that proton.me is THE service, I really really really hope they bump up the priority for this to happen sooner rather than later!
Please implement the latest FIDO2 standard and allow us to create resident keys in order to get an exceptional user experience and up to date security. Honestly I do not understand why a privacy concerned business does not implement the latest security standard. TOTP and SMS are not secure enought nowadays. Please add this FIDO2 libraries.
Seriously we need FIDO2 WebAuthn
[Deleted User] commented
Agreed, this is critical for me. I won't move completely to Protonmail until they support yubikes and they have a "sync program" for protonbox.
It certainly would be nice not to rely on my phone to access e-mail on a computer. Microsoft and Google have already been doing it for years.
Yeah, I do agree to this proposal. Google does offer this for a long time already. As Proton stands for privacy this security feature is a gread advantage. Please consider offering a solution with residental key in order to use the security key as the only factor to login and authentificate.
Aaron Aubrecht commented
Jamie - I agree with you - its critically important that we treat everyone with respect and engage in civil discourse. That said, I can also empathize with the mounting frustration among paid users at the dreadfully slow pace of progress on highly up-voted ERs like this one. As I commented previously, you CAN use Yubikey (and other) soft MFAs by copying the seed key. That said, I believe the spirit of the request is to use the more advanced standards that leverage the entropy on the hardware device itself. I must admit as a paid user, I'm quite disappointed with the product quality and the pace of new feature delivery. Such a promising idea... but thus far, high velocity, high quality delivery remains elusive for the PM Dev team. And don't get me started on Support! I've had a Sev 1 Bridge bug open for 8 months and cannot even get them to respond anymore ...and this is typical of most of my Support cases - its just a really bad experience... both of the above lead to the frustration you are picking up on. I hope PM's ELT reads these comments and takes action - I really want to see them be successful.