Summary:
Allow users to create a second, "limited" password for their Proton account, which would only provide access to limited data (e-mails and Proton Pass data) of their choosing.

How it would work:

1. A user creates a limited password for their account and chooses which of their Proton e-mail addresses and Proton Pass data are accessible with it.

2. Upon logging in with the limited password, only those selected addresses (and associated messages and data) and Proton Pass passwords are visible and accessible.

3. Other e-mail addresses and Proton Pass data remain completely hidden and inaccessible.

Purpose:
Limited passwords would help users better protect their most sensitive data by only allowing access to and knowledge of data which the user has deemed less sensitive.

This would help users protect their data in the following scenarios:
- When forced to reveal their password under duress.
- When users need to allow family and next of kin to access their data in emergency situations.
- When logging in on devices or networks that can't be fully trusted.

Note:
To protect against duress, limited passwords should be implemented in such a way that when using them to log in, an attacker cannot determine if the password provided by the user is a limited password or the full password.