Skip to content

How can we improve Proton Pass or Authenticator?

← Proton Pass & Authenticator

Device-bound passkeys with attestation - Please add support

My employer is shifting to device-bound passkeys with the isBackupEligible flag set FALSE. ProtonPass does not support these Passkeys.

I am not the biggest fan of Yubikeys (as I misplace and break them), and the only app which supports device-bound passkeys, at this time, seems to be MS Authenticator. 🤮
Please would you add device-bound key support.
I only have a surface level understanding of this, but MS has a write up of their Passkey features here: https://techcommunity.microsoft.com/blog/microsoft-entra-blog/the-latest-enhancements-in-microsoft-authenticator/4078807

7 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Golliwog shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Douglas Morris commented  ·   ·  Report

    I would add to this as an interim goal to at least allow a passkey when it is created to be non-synced as there are times where you do not want them to sync, even if not truly 'Hardware Bound' it allows you to better tie keys to sources. I have no issue with allowing syncing, I am just asking we be allowed to mark a key to not sync off device.

    And of course, add support for Hardware Bound Passkeys on devices with TEE (Trusted Execution Environments) or SE (Secure Enclaves) which is most Android and iOS devices in the last few years, If you can do that and ensure it is used with TEE or SE, then you are effectively at Level 2.

Proton Pass & Authenticator: New feature

Categories