Use Security Key without Authenticator App
I would like to additionally secure my account with a security key only, not with a 2FA authenticator app.
-
ProtonFan33
commented
I literally made a "uservoice" acc just to ask/propose a fix to this
How can it be that the password manager stays unlocked in my browser?!
A pin doesn't give me enough peace of mind for protecting my password manager! that's nuts, nowadays our lives are basically stored in there
atm my mane is still 1Password (fingerprint on smartphone and ipad, still scared of keyloggers on laptop), would like to make a full switch, but don't like to always tipe the code in, for convenience but especially for security reasons!
please resolve asap thanks -
P Wilson
commented
The first time I opened the extension after a system reboot I nearly had a heart attack that somehow I was still completely logged in. Please let us unlock it with a physical key!
-
MemphiZ
commented
Can we please have an option to not have to use only a "Master Password" to encrypt/decrypt our Vaults and instead use a security key like Yubikey in combination with a Password or PIN?
To be clear, I'm not talking about the security key being used in static password mode which basically acts as a HID and can also be compromised using a keylogger, but a real FIDO2 or GPG challenge instead.
A real world example that is technically possible right now:
Your companies IT department for example can remote into your machine, log the password by installing a keylogger and unlock the Vault on the same machine when you're away. This leads to all your passwords being compromised.Thanks in advance!
-
Daniel
commented
Yes - just a PIN to unlock the browser extensions is too unsecure! Physical security key or with OTP is very important.
-
Z commented
Please, add passkeys support with mandatory PIN! Urgent!!!! Detach everything from Proton Mail as well
-
Justin
commented
This is critical! I am seriously considering returning to bitwarden due to lack of this feature. Worse, its got rudimentary implementation for proton SSO but not a core functionality of proton pass!
-
Karol
commented
I was thinking about adding security feature that would require yubikey to access passwords
-
Cyrille Vivion commented
For a product who wants to push security and privacy, this functionality seems unavoidable to me.
I'm a user of KeepassXC and it supports Yubikey, the Keepass2Android app also supports this on Android.
This is the only lack that prevents me from migrating to ProtonPass -
customer654
commented
The ability to use yubikey as 2fa to log in to (not unlock) proton pass mobile apps (ios and android) would be excellent. (Bitwarden support this.)
-
[Deleted User]
commented
I wish Proton would let me use physical keys to access all Proton IOS apps. If we are forced to use authentication codes, how can I stop using Bitwarden? I currently store all of my keys in Bitwarden and login to Bitwarden using my physical key. I can’t store my keys in Proton Pass and still login to Pass!!!
-
William MacLachlan
commented
II too would like this. If it can be a feature on Bitwarden, then it can be done here.
-
Mason Curry commented
This is a great use case for a physical key - it keeps your vault unlocked until the X-minute timeout before you need to use it again.
-
baz
commented
Been a premium user of bitwarden for a few years now and considering the switch BUT I really dont like the lack of no AUTO LOG-OUT option for the app and browser addon like Bitwarden has. Proton instead only offers a LOCK.
In bitwarden settings on app and browser addon you can set the program to LOCK (require a code) or LOGOUT (require password + your 2FA) at a specific time interval (instant, 1min, 5min, 10min, 1hr etc)
I much prefer LOGOUT so that the account is secure and requires a password + my 2FA(yubikey) to get back in. It feels much more secure to have the vaults logged-out than just locked with a simple passkey!
A device restart on phone or pc and the protonpass app / browser addon stays LIVE and LOGGED IN. I feel like this is a disaster waiting to happen.
Add an account AUTO LOG OUT feature!
-
Stephen
commented
This is a feature that I really need to be able to start using Proton Pass!
-
VMsystems
commented
Bitwarden already support this feature so you can do the mfa with a yubikey
-
loift
commented
In addition to unlock our vault through a 6 digit pin, it would be nice to be able to unlock it through physical security keys.
The current 6 digit cap as well as the divided input field (2x3 digits) make it impossible to utilize such a security key when configured to output a static password.