General ideas
257 results found
-
Proton Pass: Add phone number field for login items
Many newer services like messaging applications use a phone number as the primary login identifier.
Also, services use phone numbers to implement 2FA.
Adding a phone number field as an alternative to email or username, helps to improve Proton Pass's UX, and provide more useful results in 2FA checks.
Later, we can introduce an option for users to warn on phone number and/or email address based 2FA.
1 vote -
Wrong 2FA status
Proton Pass presents a redundant warning indicating to enable 2FA for login items that already have passkeys registered with Proton Pass. That's a form of 2FA.
Please treat passkeys as at least as secure as TOTP, when calculating which login items to warn as missing 2FA.
1 vote -
Lag in Proton Mail read/unread status
I often have to refresh the Inbox page multiple times before the viewed status finally settles to the correct Read value. Otherwise it insists the email is Unread. Even though I've opened it multiple times.
1 vote -
Proton Pass WYSIWYG editor truncating Memorable generated passwords
When I use a Memorable password generated by Proton Pass, then Proton Pass makes it difficult to view the entire password all at once.
Please allow the password field to grow vertically to accommodate wrapping across multiple lines.
This problem happens at least in the Google Chrome Proton Pass browser plugin in the WYSIWYG editor UI, and likely happens on other platforms as well.
As long as you're going to generate extremely long passwords like that, you should show them without requiring marqueeing/scrolling the text.
1 vote -
Proton Mail: Better Copy & Paste UX
Please don't show an annoying toast notification every time I copy a recipient email address.
This notification covers up other important UI elements.
The notification isn't horizontally centered in the draft email DIV.
I want an account level option to permanently disable these notifications.
And I want to be able to use industry standard hotkeys (Control+C / Command+C) to copy recipient email addresses.
1 vote -
Treat subdomains as essentially identical to parent domains
Please treat nested domains like a.b.c.d as essentially identical to b.c.d and c.d.
This helps several Proton Pass features to work in a more practical manner, including autofill and password update.
Without this enhancement, Proton Pass often mistakenly creates duplicate login items, instead of prompting to update existing login items.
2 votes -
Gap in Dark Web Monitoring
Dark Web Monitoring neglects to scan for email addresses that appear in other login fields, such as Notes. This can cause reports of leaked accounts to skip many affected accounts.
What's more, any Dark Web Monitoring report that Proton Pass users have already marked as resolved, should be retroactively unresolved, whenever one or more additional records are found later to be associated with the leak.
1 vote -
Proton Pass: List field to house recovery codes
Hi,
I'd like a Recovery Codes field in the login item table, where I can list a few dozen recovery codes per account.
The notes section is risky for this information, because of the inherently unpredictable nature of copying and pasting large blocks of text. Many sites that implement recovery codes end up producing PDF files. People may try the Notes field, which can corrupt that critical data. Or they may even store recovery codes in Dropbox, USB drives, and other competitors to Proton.
A Recovery Codes list field can manage this data more securely and effectively.
1 vote -
Proton Pass mass delete favicons
Pass has an option that controls whether favicons will be applied to new login records. But there's no way to bulk remove favicons from old login records.
1 vote -
Proton Mail: Provide filter management UI in mobile apps
Hi,
Please provide the filter management UI controls in Proton Mail mobile apps. It slows me down to have filter management limited to the Web app.
1 vote -
Proton Pass: Parse email addresses from notes
Many of my records have email addresses squirreled away in a Notes section. This creates gaps in security reports. For example, records that do not formally associate with the email field, don't count towards the total, in Dark Web Monitor email lists.
Please detect when email addresses are found in Notes, and provide an interface to bulk promote these into the formal record email address field.
The industry spec for email addresses is overly complicated. The PPCRE \S+@\S+ pattern, or a mature email library, should be able to extract them with relatively few false positives, mainly SSH or git URL's.
1 vote -
Proton Pass: Integrate with HTTP Basic Auth
Please integrate with HTTP Basic Auth. Many services, such as Transmission Remote, continue to rely on HTTP Basic Auth to implement authentication.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication
This problem seems to happen in multiple browsers, including Google Chrome, Firefox, Safari, Edge, and others. Work with browser developers to fix how HTTP Basic Auth integrates with password managers.
As a workaround, the Proton Pass user has to manually copy the credentials via the clipboard, which is slow.
Concurrently, please work with Transmission developers to get a more modern, password manager friendly authentication system stood up, so that the service will no longer rely on HTTP…
1 vote -
Proton Pass Monitoring: Warn on insecure URL schemes
When I have HTTP or GOPHER (as opposed to HTTPS) URL's in my records, then I want Proton Pass to warn me. So that I reduce the risk of transmitting sensitive credentials in cleartext over the network.
Same story for FTP (as opposed to SFTP, FTPS, FTPES), TELNET and TFTP (as opposed to SSH, RSYNC, GIT), and other insecure protocols.
1 vote -
Proton Pass mobile: Can't highlight or copy passwords in generator UI
Please enable text selection for passwords in the mobile generator UI, so that we can copy candidate passwords to the clipboard.
Numerous online services have poor password manager integration, so the clipboard is often the only way to quickly input complex passwords.
1 vote -
Proton Pass: Hide trashed records from breach lists
For comparison, the Weak Passwords UI already does this. We should hide trashed records from Dark Web Monitoring breach lists for consistency.
As a workaround, I can manually empty the trash as I work through breach results. But that's a much slower workflow than emptying the trash exactly once, after I am satisfied that the breaches are resolved.
1 vote -
Proton Pass: Optionally badge Pass Monitor when account(s) have weak passwords
I would like (an option) to badge Pass Monitor whenever my vaults have records with weak passwords. That way, I can proactively improve the security posture of my systems with fewer manual steps.
Other components like Dark Web Monitoring already badge Pass Monitor, so there is value in terms of consistency for applying the same notification mechanism for other Pass Monitor findings.
1 vote -
Proton Pass: Latency when deleting records
Hi,
Sometimes when I delete a record, then it takes a few minutes before the record appears in Trash. This slows down productivity.
1 vote -
Support emails missing context
Hi,
I have a few support requests in flight. When I get a support email from Proton, the essential context of the support item is missing, requests for additional information become difficult to respond to.
Please ensure that support emails include the original text description of the problem. So that the recipient is reminded of which particular issue that support email conversation is about.
1 vote -
Proton Pass: Autofill broken for Barnes & Noble
Some how B&N breaks password management integration.
Let's work with B&N devs to fix the problem.
1 vote -
Autofill UI renders offscreen
When Proton Pass raises the autofill UI on websites where the credentials form fields are near the very left of the browser window, then the autofill UI falls off the edge of the page. Which makes it difficult to use.
Please tune the CSS properties to ensure that Proton Pass elements, including autofill, password generation, passkeys, and TOTP autofill, have a reasonable margin of at least a few em between the element and the top, right, bottom, and left edges of the browser window.
1 vote
- Don't see your idea?