Proton Pass & Authenticator
1270 results found
-
Optional unlock-before-autofill security model for browser extension
Proton Pass currently follows a browser-trust security model: once the browser session is unlocked, autofill is allowed without additional user authentication.
For users who keep their browser open for long periods or occasionally share devices, this effectively means the password manager is also unlocked. The existing PIN protects access to the Proton Pass UI, but does not gate
autofill itself, so credentials can still be filled without explicit authentication.I would like to suggest offering an optional vault-style security model, where autofill requires explicit user authentication (password or biometrics), and optionally auto-locks after inactivity independent of browser state.
This would…
5 votes -
master password on proton internet browser extension
Hello,
I would like to be able to lock/unlock the ProtonPass extension on my browser using the additional password from my password manager. Currently, only the PIN code seems to be offered.
Sincerely
2 votes -
Device-bound passkeys with attestation - Please add support
My employer is shifting to device-bound passkeys with the isBackupEligible flag set FALSE. ProtonPass does not support these Passkeys.
I am not the biggest fan of Yubikeys (as I misplace and break them), and the only app which supports device-bound passkeys, at this time, seems to be MS Authenticator. 🤮
Please would you add device-bound key support.
I only have a surface level understanding of this, but MS has a write up of their Passkey features here: https://techcommunity.microsoft.com/blog/microsoft-entra-blog/the-latest-enhancements-in-microsoft-authenticator/40788077 votes -
Have Proton Pass automatically save Passkeys into it's own vault
I would like Proton Pass to detect when a new passkey is created and add it into it's own "Passkey" vault that was setup by default. I like it when my passwords and Passkeys are seperate. I know I can do it myself but if the process was automated that would be better.
3 votes -
Autofill intelligence and reliability
The biggest problem that keeps cropping up in user reviews is the unreliability of the autofill feature. Proton Pass often fails to recognize login fields correctly, fills in fields incorrectly, or logs out unexpectedly. Proton needs to make significant improvements in this area. Competitors such as 1Password and Dashlane have developed significantly more sophisticated systems that can easily handle complex forms, multi-step login processes, and unconventional websites. Proton Pass should use machine learning to learn from failed autofill attempts and continuously improve its recognition rate. A fallback mechanism that automatically tries alternative filling methods when problems arise, rather than simply…
5 votes -
Handle wildcard in url mapping
Could it be possible in the future to handle wildcard in url mapping ?
As a web developer, i'm using dev environments, so urls are something like https://mywebsite-pr-*.fr/. Currently, it doesn't recognize url and doesn't propose me to autofill password.
Manually search then copy the credentials is kind of cumbersome. Thanks for your time reading !
4 votes -
Support for ARM-based Microsoft Windows / Devices
With the growing support for Windows on ARM and my use of a Snapdragon X Elite laptop, I was wondering if there are any plans to release a native ARM-compatible version of Proton Pass for Windows. I'd love to know if this is on the roadmap.
9 votes -
add comet browser for import password provision
add comet browser for import password provision
5 votes -
Pass filter search improvement
Proton Pass filter search improvement.
An optimized filter search in Pass will make the service more user-friendly. For example, you can search for items with attached files, or search for items that contain certain filled-in fields.
13 votes -
Domain URL matching rules
Proton pass should have URL matching rules like bitwarden. This makes it easier to handle different usecases.
For instance, at work I have different usernames/passwords on different subdomains and I would like to be able to limit certain credentials to specific subdomains and have others shared accross multiple subdomains.So that would be great to have a diffrent matching rules like:
- root domain
- hostname
- starts with
- regex
- exact match
- ...1,807 votes -
sync Generated passwords
I feel the Generated passwords (which is a very nice feature) should be synchronized across the board. Today, a password generated on the mobile app is stored there for 2 weeks, but it is not visible on the desktop app, even though the same function exists there. Synchronization of a newly generated password would be handy to, example, copy and paste into an application on the desktop or vice versa, or save it in the Proton Pass app from any device.
3 votes -
Add WebDAV for optional self-hosted sync
Please consider adding an option to disable Proton Cloud and sync via WebDAV instead. This would allow users to store their password data on their own servers (like Nextcloud) for complete control. It's a valuable privacy feature for those who prefer not to rely on cloud services while still enjoying multi-device access.
4 votes -
Mac toolbar app (drop-down)
Currently when pressing the Proton Pass icon in the Mac toolbar it gives you two options: 'Open Proton Pass' and 'Quit'. That is so useless. Launching the app via spotlight search is faster. In browsers you have a nice app that opens in a sort of fold-out/drop-down way. It quickly let's you access it without actually opening the entire app. We need this for the Mac-native app as well.
5 votes -
unlock Authenticator with Physical Security Key
Currently you can unlock the Proton Authenticator app with 'biometrics' which uses your Windows Sign In security. However, you can't use the physical security key option as the way to unlock the Authenticator app.
14 votes -
Add the vault export functionality to Proton Pass CLI
Having the ability to automate backups of your vault via the CLI would be great.
7 votes -
The ability to mark a passkey for only certain subdomains
I recognize some website will use a subdomain for authentication and you want the passkey to work across them, but it is really annoying for me to login to certain services that have two or 3 services under 1 domain that do not link together, each has its own passkey.
The ability to stop the wrong passkey from showing up when logging in would be handy! Even just a "Ignore this passkey on this subdomain/url" option!
2 votes -
Extra Password to Unlock TOTP
Okay, hear me out on this one
ProtonPass supports managing passwords and then there is a field for TOTPHowever because TOTP is supposed to be as 2FA, on a separate device, right now TOTP passwords are accessed by the same Proton password as ProtonMail and ProtonPass, which really defeats the purpose of 2FA
We need to shield TOTP passwords by a separate password so that TOTP feature would be unlocked on a separate device (such as phone) and it would not be accessible on the main device (such as laptop) until the password is given.
This would allow ProtonPass…
2 votes -
Retrieve SMS Codes automatically
When logging into an account that uses SMS-based 2FA, Proton Pass should automatically detect the incoming OTP and offer to autofill it with a single tap — just like it already does for TOTP codes.
This could be done using Android's SMS Retriever API, similar to what was implemented by Dahslane and other password managers.
Reference
https://www.dashlane.com/blog/dashlane-android-retrieve-sms-codes
https://developers.google.com/identity/sms-retriever/overview4 votes -
Send email login alerts
It would be good if Proton Pass could send an email alert for new login attempts to an email address the user specifies.
The current login attempt notification from Proton Mail doesn't work for a) users of custom roms due to lack of unified push and b) users of only Proton Pass.
2 votes -
Auto-lock options for the Authenticator
It would be great to have auto-lock options for the app:
• lock after X minutes of inactivity in the app,
• lock after X minutes of system inactivity,
• and an option to lock (or not) when the OS gets locked.This would let users control whether the app should stay unlocked after the system is unlocked, or require the password again. This adds flexibility and better security.
6 votes
- Don't see your idea?