Log in to Proton Account with FIDO2 / WebAuthn ( Passkeys / Passwordless )
With the rise in account takeover, password breaches, and the complexity of managing hundreds if not thousands of account credentials and their MFA, a better solution is needed that simplifies and offer bullet-proof protection against phishing and account takeover attacks.
Many services like 1Password, Yubico/Yubikey, and Apple offer the ability to generate and securely store passkeys that can then be used to authenticate to services that support WebAuthn/FIDO2. I strongly recommend that ProtonMail, ProtonVPN, ProtonDrive, ProtonCalendar, etc. to support passwordless/passkeys in the near future to stay on top of security and ensure that its customers are properly protecting their accounts.
End-to-End Encryption is rendered useless if an attacker or governments can successfully takeover accounts due to weak or breached credentials. I believe the use of passkeys/passwordless supports and enhanced the mission and goals of Proton.me which is centered around security and privacy.
-
Damon commented
How does Pass offer this capability for other domains, yet it isn't offered for their own?
-
Anonymous commented
It’s been fun to see Proton so excited about passkeys* and be so damning of other technology companies whose own passkey implementation has been lacklustre or platform locked.
*Proton Pass only, so it’d be nice to have a fully passwordless Proton account.
-
Jon commented
For most people, there's a sweet spot between security and convenience. Being able to open Proton Pass with a physical credential like a (Yubi/Solo/Nitro/etc) USB key, or something like Apple keychain (unlock with a fingerprint, would be a big Improvement, and certainly over a PIN. Certainly more convenient than having to use the password used to secure the whole account whenever it logs out and not be able to store it in Proton Pass for that purpose (shall I write it on a post it note?). If it is possible to log in to Proton's website with a Passkey, surely it should be possible for Proton Pass too?
-
Arkamas commented
FIDO2 authentication is exceptionally critical and by far the biggest thing Proton needs to prioritize on ALL platforms, and I'm honestly surprised they don't already have it. It's almost tragic to not be able to use the best part of my Yubikeys for something like Proton, especially with the advent of Pass. It's bad enough that most financial institutions and some major tech companies aren't employing it. I think Proton adopting it would help set the standard and be a major advertising point for them.
-
Kizu commented
I love passkeys/security keys. Lots of other platforms that support those let you go passwordless. Proton is EXTREMELY important for every singular account I have and it being compromised would be a disaster.
Being able to go passwordless and make password attacks a non-issue would be helpful.
-
commented
Take my lsat three votes. Even though i'm doubtful it will happen, i'd speculate the password is used as part of the encryption key for the account.
-
auslegungssache commented
This is such an essential feature.
I find it quite funny, that Proton develops a password manager, while it doesn't even support passkey login.
-
TWOK commented
This is extremely important, and the only barrier to my recommendation to friends and family, as I cannot trust them to safely retain a master password of sufficient strength.
-
Federico Tonini commented
I support the idea of a Proton passkey.
hace verted a Google passkey and it seems to work great ... at least at the moment.
How do you feel about it ? -
tuesday074 commented
Then you could perhaps go one step further and use a PRF-capable passkey as an alternative encryption method for the account or the data.
Bitwarden already can do that for example: https://bitwarden.com/help/login-with-passkeys/
-
Mattias commented
FIDO passkeys streamline authentication by merging login and multi-factor authentication (MFA) into one step, eliminating the need for a one-time password (OTP) afterwards. But some services when they implement passkeys, still requires you to enter an OTP. I'd prefer if Proton ensured that when passkeys are used, it's equal to a normal login plus MFA.
-
Martin commented
We need FIDO login support on mobile and desktop app please. Not only web !
Thanks
-
Marek Reg commented
Yes, Yes, Yes.
I think this is an essential feature!!!
Security such as Yubico key strengthens the security features.
Enter it as soon as possible. Please!!! -
Pablo Strong commented
Yes! Passkeys are the future. We would like to see this implemented.
-
Martijn commented
At the moment 2FA sign in at proton is possible using a security key. The new fido passkeys protocol works exactly the same. Yesterday I created such a passkey in my iCloud account for 2fa signing in at Proton. Imho the sign flow at Proton using a 2FA key seems a little outdated.
To avoid long discussions: Using the new fido sign flow users can choose between a software generated passkey where the private key is stored in a password manager. Or with a physical security key. In which such a key is always better, but not everyone has such a key. -
Stevie commented
Yes, I want this as well, but I would still use a password alongside a 2FA device.
-
Muhammad Zeeshan commented
Proton Team,
Please create a passwordless login and 2FA authentication features like your other competitor "LastPass", "Zoho Vault" and many more.
-
Mattias commented
This is a very important feature indeed. Passkeys must as soon as possible be adopted all across the industry.
-
abl commented
Yes, please consider implementing Passkeys for logging into ALL of the Proton products. I have already started using Passkeys on sites that have started making it available. The experience is way more streamlined and easy for logging in and much more secure.
-
A commented
Hello, I thought a better and faster way to login into the proton account. Is possible to implement a login way that requires only a security key + fido pin? (Much like Microsoft does with Microsoft 365 accounts). This not only eliminate the needed to remember a password but also increase security because an hacker would need access physically to the security key and he have only few attempts (10 on yubico keys) to guess the fido pin.