Log in to Proton Account with FIDO2 / WebAuthn ( Passkeys / Passwordless )
With the rise in account takeover, password breaches, and the complexity of managing hundreds if not thousands of account credentials and their MFA, a better solution is needed that simplifies and offer bullet-proof protection against phishing and account takeover attacks.
Many services like 1Password, Yubico/Yubikey, and Apple offer the ability to generate and securely store passkeys that can then be used to authenticate to services that support WebAuthn/FIDO2. I strongly recommend that ProtonMail, ProtonVPN, ProtonDrive, ProtonCalendar, etc. to support passwordless/passkeys in the near future to stay on top of security and ensure that its customers are properly protecting their accounts.
End-to-End Encryption is rendered useless if an attacker or governments can successfully takeover accounts due to weak or breached credentials. I believe the use of passkeys/passwordless supports and enhanced the mission and goals of Proton.me which is centered around security and privacy.
FIDO passkeys streamline authentication by merging login and multi-factor authentication (MFA) into one step, eliminating the need for a one-time password (OTP) afterwards. But some services when they implement passkeys, still requires you to enter an OTP. I'd prefer if Proton ensured that when passkeys are used, it's equal to a normal login plus MFA.
We need FIDO login support on mobile and desktop app please. Not only web !
Marek Reg commented
Yes, Yes, Yes.
I think this is an essential feature!!!
Security such as Yubico key strengthens the security features.
Enter it as soon as possible. Please!!!
Pablo Strong commented
Yes! Passkeys are the future. We would like to see this implemented.
At the moment 2FA sign in at proton is possible using a security key. The new fido passkeys protocol works exactly the same. Yesterday I created such a passkey in my iCloud account for 2fa signing in at Proton. Imho the sign flow at Proton using a 2FA key seems a little outdated.
To avoid long discussions: Using the new fido sign flow users can choose between a software generated passkey where the private key is stored in a password manager. Or with a physical security key. In which such a key is always better, but not everyone has such a key.
Yes, I want this as well, but I would still use a password alongside a 2FA device.
Muhammad Zeeshan commented
Please create a passwordless login and 2FA authentication features like your other competitor "LastPass", "Zoho Vault" and many more.
This is a very important feature indeed. Passkeys must as soon as possible be adopted all across the industry.
Yes, please consider implementing Passkeys for logging into ALL of the Proton products. I have already started using Passkeys on sites that have started making it available. The experience is way more streamlined and easy for logging in and much more secure.
Hello, I thought a better and faster way to login into the proton account. Is possible to implement a login way that requires only a security key + fido pin? (Much like Microsoft does with Microsoft 365 accounts). This not only eliminate the needed to remember a password but also increase security because an hacker would need access physically to the security key and he have only few attempts (10 on yubico keys) to guess the fido pin.
J D commented
I want to see the integration of Apple’s Passkey sign in here on Proton since they are so focused on privacy and convenience for the User Experience. I think the site would benefit greatly from adding a feature like this as it helps us users not have to worry about losing our passwords and our accounts being compromised in a data breach if hackers were to target the site. I’ve already seen other sites begin to implement it and love how easy it is to use. Makes me feel like my login info is safe from attacks and it’s a much appreciated feature to never have to generate passwords myself and store them in another password manager as well. In addition to that, I’ve read that other tech companies are in agreement on standardizing the implementation of this passkey technology so it just seems like the obvious move to make. I’m only requesting this be considered to be added sooner rather than later. Thanks Proton team!