The standalone proton authenticator is really nice, though it does not seem to integrate with browser extensions. We could benefit from the convenience of auto fill if it were an extension. Would be great if it's it's own extension that would show up to auto fill just like Pass is doing, with the option to ask for a password or pin.

Or an option for a different password specifically for the authenticator app could also work.

A standalone account option for Proton Authenticator to enhance security. Linking an authenticator to the same primary account that holds a password manager like Proton Pass creates a critical single point of failure. If that single account is ever compromised, an attacker gains access to both the passwords and the 2FA codes, defeating the entire purpose of two-factor authentication. A separate authenticator account would ensure these crucial security layers remain properly isolated.

I would also allow unlocking Proton Pass via hardware token, instead of just PIN or password.

Agree. Appreciate the convenience of integrated 2FA and the commitment for support is critical, but a second factor really requires a separate app. Could argue a separate app with the same service still doesn't suffice. Will continue with Duo or Ente until one is developed.

Hello Proton Community and Developers,

As an active Proton Pass user, I appreciate the **convenience** of the integrated Two-Factor Authentication (2FA) code generator feature offered alongside password management. Accessing both passwords and 2FA codes within a single app is indeed practical.

However, from a security best practices standpoint, storing passwords and their corresponding 2FA codes in the same location weakens the core "separation of factors" principle behind 2FA and creates a potential "single point of failure". If the password manager is compromised, both the passwords and the 2FA codes are exposed simultaneously. This significantly reduces the effectiveness of the additional security layer that 2FA is meant to provide.

Therefore, I would like to suggest the following to Proton: In addition to the current integrated 2FA solution, please consider developing a **standalone 'Proton Authenticator' app**.

**Why this is important:**

This would offer several key benefits:

1. **Enhanced Security:** It would allow users to manage their 2FA codes in a location completely separate from their stored passwords, aligning better with fundamental 2FA security principles.
2. **User Choice and Flexibility:** This separate app would offer users a *choice*. Those who prefer the convenience can continue using the integrated solution in Proton Pass, while those who prioritize maximizing security by keeping factors separate could opt for the standalone app.
3. **Proton Ecosystem Value:** A standalone app could still leverage Proton's trusted, encrypted infrastructure (e.g., potentially offering features like encrypted backup/sync via Proton Drive), adding further value to the Proton ecosystem.

**Potential Implementation Model:**

Considering Proton's existing business model, access to this standalone 'Proton Authenticator' app could potentially be included as part of **paid Proton subscription tiers** (e.g., Proton Unlimited or the relevant Pass Plus plan), similar to how the integrated 2FA feature might be tiered. This would provide additional value to subscribers while aligning with the current structure.

**Conclusion:**

Developing such an app would reinforce Proton's commitment to security and privacy, catering to users with different security preferences and needs. Offering users the choice between integrated convenience and the maximum security of separated factors would make the Proton offering even stronger.

I hope the Proton team will consider this suggestion and that other community members will find it valuable and support it.

Thank you.

I agree.
It is a contradiction, nonsense, to store distinct site access data (or of other thing) in a single place with a single access mehtod, for instance the PIN of the browser extension or else the fingerprint for the desktop application.
Obviously it is important that the vaults data are crypted with a strong method, and I see no problem if ProtonPass stores also all 2FA (or possibly MFA) data of a user, but, what I see from CatatonicMan message, the important is how a user accesses the distinct categories of stored security information.
The problem here is in the user safety. If his/her password/PIN is stolen (or even fingeprint), all the advantages of 2FA or MFA approach are lost.
So, at least, there should be distinct passwords/ PINs to access the distinct stored categories of 2FA data (for instance password and OTP code).
For instance, there is a KeePass OTP plugin that allows to set a different pasword for the OTP data access.
In fact, I currently use ProtonPass, but I save OTP data in a different place
I am a faithful user of all Proton products and agree with and believe in all the security/ safety aims of Proton.
Tehefore I'd like to use ProtonPass in a full way

ProtonPass application other than that, it would be nice to have an external 2FA application.

Add own Authenticator function to your Proton offer. - Being new to Proton Pass & not a specialist, I observe that most major alternative software providers offer this function according to below mentioned wikipedia source, but not Proton, so far. Please evaluate & share your decision. Thanks in advance.

https://en.wikipedia.org/wiki/Comparison_of_OTP_applications

There have been numerous amazing changes and additions to the Proton suite. It has been enjoyable to observe and experience the growth of Proton services alongside the community. Proton Pass is a perfect addition to the suite, providing a reliable option for password management and security. I would love to see the option for two-factor authentication (2FA) integrated within Proton Pass. Using a separate authenticator, such as Microsoft's Authenticator in my case, adds another app and account that "crowds" my phone. I believe that adding this feature would significantly enhance the quality of life!

When setting up proton pass's 2FA. Don't reuse the 2fa code from proton mail, and require a separate 2fa code for proton pass.