I'd like a feature where if my account is inactive for a given period of time, and email is sent to my beneficiaries

What about doing a Shamir Secret Sharing keys set to do an emergency recovery (or a legacy access :/ ) ? I know Cozy Cloud has done such research on legacy protocols using Shamir Secret Sharing ...

This feature is very important. Bitwarden implements it but in not in a user friendly way. If you implement it please make it less clunky as it might be someone's 90 year old grandm setting it up with their grandson, for example.

There could be a "heartbeat" functionality for E.A.:
But I also have another complementing idea: Emergency Contact.

Where the owner of the account/vault, has to keep responding heartbeat prompts, to keep Emergency Contact / Access from being activated with the pre-configured trusted person/account.
The system could monitor hearbeat prompt response times and construct a graph.
This would be the basis to calculate gradual delays in response times.
The user could define conditions how when and how certain actions such as Emergency Contact and Emergency Access happen.
One of the conditions/rules would cover at what threshold or gradual fading of response times to heartbeat prompts moment E.C. is activated with the trusted person.
E.C. would let trusted person a headsup (email, notification, SMS, depending on config) to check up on the user, "are you okay?".
The user could then define conditions (within reason) how E.A. is activated, for example after how many missed heartbeat prompts, and/or the time after a missed heartbeat, and other sensible and practical, but with some hard limits to this configuration, eventually E.A. would be activated.

However, I think this would just start the E.A. process, not yet activate it for the trusted person. I think for security/fraud/spam prevention, it may (though privacy?) perhaps first be alerted to Proton Staff or Systems, which would then continue to do various checks (for suspicious activity, security measures), perhaps send a final super-heartbeat prompt to the user (hardcoded, can't be disabled), email, sms, notifications, wait for a final ... hour, minutes? If no response then the trusted person would be attempted to establish contact, under which the trusted person would still need to go through yet more verification, 2FA, perhaps even phone call, and once the trusted user completes all of the (probably, or semi) automated procedures, Proton Staff would then perhaps manually verify all-checks-clear and trigger master confirmation to activate E.A. for the trusted person.

Question is whether Proton has staff on hand on sundays for this if some manual process is preferred, perhaps this would be only top tier function.

There could concieveably be many different such methods of how E.A. is activated if Proton wishes to implement.

Seems to be in the roadmap for Winter/Spring now!

https://proton.me/blog/proton-pass-roadmap-winter-spring

> Give family or friends emergency access to your vaults

> In the event that you’re not able to access Proton Pass or someone else needs to access your account, you’ll be able to grant emergency access to a specific, designated user. This can be helpful in an emergency situation where a loved one or friend needs access to the information you’ve stored in your Proton Pass account.

Essential feature before I'd consider moving away from Bitwarden.

Dead man switch: allow a list of emails to access my vault(s) if I do not cancel their request in the next XX hours/days

This is necessary for inheritance reasons in areas outside of Proton. It should ideally become a feature of Proton.

A dead man's switch in proton allows access to assets or documents which are secure until someone dies.

Consider having a two part key. Half is given to a beneficiary. The other half is set to be sent to them via a dead man's switch.

With a dead man's switch there is no risk of premature access by beneficiaries directly, nor through either their careless security or trusted intermediaries (like lawyers). And with the two parts being completely distinct, there no risk of combining them until the switch is triggered.

Proton's security makes this the perfect platform for this type of dead man's switch.

It is impossible for me to upgrade to Proton Pass without this feature. For now I will continue to use Bitwarden to secure access to my passwords.

Some are saying this isn't possible, but I think it could be done. This is how I see it working.

Setup:
1. Target user picks another Proton user be their Emergency Access user.
2. Target user picks enters the amount of time they want the delay period to override the access to last.
3. Target user enters their Proton password
4. Target user's Proton client downloads Emergency access user's public key
5. Target user's Proton client encrypts the Target user's password (or some other secret that can be used to decrypt the content of the Target users account) with Emergency access user's public key.
6. Cypher text of the Target user's Proton Password is uploaded to Proton's servers, but target user is not given authorization to access the password.

Usage:
1. Emergency Access user requests access
2. Either Target user rejects the request, or the delay period elapses (and we stop here)
3. Emergency Access user is granted access to Target User's account
4. Emergency Access user's proton client downloads the cypher text of the Target user's password (or other secret)
5. Emergency Access user's proton client decrypts the Target user's password/secret locally
6. Target user's Proton login info is added to Emergency Access user's Proton Pass

Caveats:
* If Emergency Access obtains access to Protons servers by other means (They work at Proton or they hack Proton), they potentially could obtain access to Target user without the delay period elapsing.
* This doesn’t explain how to handle 2fa.

It's primordial for me and my business if I pass away.

A very important feature as nobody knows when his/her life ends.
A bit of planning ahead does not harm.

I like to have this, but it also seems to create a possible backdoor into accounts? At least a decent waiting period should be in place before the account is opened to legacy contacts.

Add another user who can access your PP-vault.

This user has to request access.

When not denied within a certain time frame (3 days?), he gets access.

If the main user passes away, his data becomes accessible by the user he added, but only after his request.

I understand the idea but this will introduce a backdoor into Proton.

What could be a solution though is something like 1 Password is doing.

On the one hand they have something called emergency kit which is basically a PDF with your password and your recovery key.
This could be kept (printed form) in a safe at your home or maybe at the bank. https://support.1password.com/emergency-kit/

On the other hand, they have "Family Managers" which can hold a recovery key of the family members. But those essentially become the Master accounts of multiple other accounts and this can create a vulnerability. It's not a very big deal for most people though.
https://support.1password.com/family-organizer/#add-or-remove-a-family-organizer
https://support.1password.com/family-recovery-plan/

A legacy account that's only accessible through certain things like yubi key, authentication app or even something like an RSA SecurID. Two of these can be placed in a lock box and when used should either access specific allowed information or wipe all information from the account.

Absolutely! LastPass has this.

Add a "deadmans switch". In case something happens to you, Proton sends an email to certain contacts at a certain time period. This would be awesome to have.

Original Idea: https://reddit.com/r/ProtonMail/comments/1e8ehl0/dead_mans_switch_and_schedule_recurring_emails/

For those of us not getting any younger this is a critical feature!

Yes. This + YubiKey support are the only critical missing features. There are other important things but this is essential!