Log in to Proton Account with FIDO2 / WebAuthn ( Passkeys / Passwordless )
With the rise in account takeover, password breaches, and the complexity of managing hundreds if not thousands of account credentials and their MFA, a better solution is needed that simplifies and offer bullet-proof protection against phishing and account takeover attacks.
Many services like 1Password, Yubico/Yubikey, and Apple offer the ability to generate and securely store passkeys that can then be used to authenticate to services that support WebAuthn/FIDO2. I strongly recommend that ProtonMail, ProtonVPN, ProtonDrive, ProtonCalendar, etc. to support passwordless/passkeys in the near future to stay on top of security and ensure that its customers are properly protecting their accounts.
End-to-End Encryption is rendered useless if an attacker or governments can successfully takeover accounts due to weak or breached credentials. I believe the use of passkeys/passwordless supports and enhanced the mission and goals of Proton.me which is centered around security and privacy.
Daiski
shared this idea
-
A
commented
Hello, I thought a better and faster way to login into the proton account. Is possible to implement a login way that requires only a security key + fido pin? (Much like Microsoft does with Microsoft 365 accounts). This not only eliminate the needed to remember a password but also increase security because an hacker would need access physically to the security key and he have only few attempts (10 on yubico keys) to guess the fido pin.
-
J D commented
I want to see the integration of Apple’s Passkey sign in here on Proton since they are so focused on privacy and convenience for the User Experience. I think the site would benefit greatly from adding a feature like this as it helps us users not have to worry about losing our passwords and our accounts being compromised in a data breach if hackers were to target the site. I’ve already seen other sites begin to implement it and love how easy it is to use. Makes me feel like my login info is safe from attacks and it’s a much appreciated feature to never have to generate passwords myself and store them in another password manager as well. In addition to that, I’ve read that other tech companies are in agreement on standardizing the implementation of this passkey technology so it just seems like the obvious move to make. I’m only requesting this be considered to be added sooner rather than later. Thanks Proton team!