Separate Password for Proton Pass
I don't use ProtonMail as my default mail service, therefore my Proton account is protected by a generated password that I can't and don't want to remember (using Bitwarden).
Having a way to use a completely different password than the one of my proton account to unlock Proton Pass will be a dealbreaker for me.
You can now set an extra password for Proton Pass in addition to your Proton account password, allowing for better compartmentalization and peace of mind. https://proton.me/support/pass-extra-password
This feature is rolling out today to all Lifetime plans, followed by a staged rollout for Unlimited plans, and it will be available to everyone else over the coming days.
-
Shaked Eyal commented
That didn't answer on the feature request, so that can't be complete.
We have asked to have a separate account password from the mail account. -
FSEN commented
Sooo, what is the status now @Proton? It seems there was quite the misunderstanding here?
-
ryefly commented
We don't want an additional password. Pass should have its own/separate master password. That's the point of a password manager. Remember a secure password. If I set up a new PC, how do I get to my Proton account? If you generate a 50-character password for your Proton account, for example, how are you supposed to remember it?
Proton has worked against this request and closed it. According to the motto, look, we've given you a password.
-
Rafael commented
Adding an extra password is not what the request was about. How can you close this ticket without solving it?
-
Chaz commented
Guys this just doesn't make any sense because you're effectively still using Proton Mail as the defacto master password. Every password manager provider knows that people want to remember 1x password, for the manager, then the manager remembers password for the mail and other services, not the other way around. This is a deal breaker and I regret buying the lifetime pass without having done prior research. It's insane how you think this is ok?? We don't want an extra password we just want a SINGLE, separate password.
-
VladDBA commented
This isn't completed by any means.
-
UV commented
The fact that this ticket is marked completed is ridiculous!
The point of a separate password for Pass is THE most logical common sense thing there is. Every service always raves about how your master password is supposed to be used only in one place and should not be stored anywhere. Meanwhile the master password for Pass is the same password used for EVERY proton service there is? Make it make sense. Golliwog wrote out the perfect logic behind this desire and why it is so important to have separate passwords. -
Golliwog commented
I want segregated security between my password manager and my other services to:
1. reduce the frequency of use of my password manager password (every use of my password is an increased security threat).
2. decouple access to high-risk services (eg. email/calendar) from extreme-risk services (password manager).
3. allow me to disable 2FA on only my password manager as they are not suited to having 2FA enabled (chicken and egg problem).
For example, a traveling backpacker may want to check his emails at an internet café. He could use his ‘open everything’ Proton password to access his email with no 2FA (as this would require 2FA on his Pass account too) with a high risk of local security threats (eg. keylogger). Or he could open his password manager on his phone with his Proton Pass password and no 2FA, and then log into the café computer with his Proton email only password and 2FA. This second option keeps his Proton Pass password off the café computer and protects his Mail account from keyloggers using 2FA. Additionally, his risk profile is limited to only his email account.I dislike Proton’s current implementation because:
• using one password across all Proton service is analogous to re-using the same password across multiple websites.
• having multiple passwords to access Proton Pass negates the use of a password manager – a password manager should minimise the number of passwords that need remembering.I would recommend a tiered password system – Proton Pass password (master) can access all Proton services. Proton Mail/Calendar/Drive Password(s) can only access the services they are registered to (this may be one password for all services or different passwords for each service). I believe this would be possible with Proton’s current architecture (with or without requiring the passwords to be stored in the password manager).
Another feature could be a login via QR code when the user scans a QR code on the computer he wants to login to, and his phone negotiates the authentication (eg. Netflix’s login system on smart TVs). But, I am not sure if this is technically possible, or practical (as a user may not always have network connectivity on their phone).
Best luck with this new feature.
-
caro commented
Does not seem to really correspond to the wishes expressed
-
GSim commented
I am the original author for this ticket and for sure the solution you presented does not address it AT ALL.
I like that you listen to the community, but if that’s how you do it then you might as well not bother pretending… If this was a mistake due to a misunderstanding, it can happen (even though I thought I had clearly express the need). But please admit it and re-open the issue, thank you @Proton -
oswin commented
@Proton, thank you for working so diligently on the Pass product, releasing and shipping new features so promptly. It really is awesome!
I just request that we remain honest here and not pretend like this ticket is "done". I see your new ticket, but please consider how misrepresented its upvote count is right now. By re-interpreting this ticket to mean something it did not, the originally requested feature now has to start from square one.
That's not fair.
-
oswin commented
Sigh, disappointing. I was so excited to see Proton officially confirm they were finally working on this feature request... only to now find out they got the feature requirements (specifications) wrong.
OP very clearly specified the end goal to be that the "Proton account is protected by a generated password that I can't and don't want to remember". Meaning that Pass should be accessible with "a completely different password than the one of my Proton account".
How does that get interpreted as an extra, additional password?
-
Losmi Losmic commented
I think there was a big misunderstanding from Proton side in regards of this issue. I voted for SEPARATE password for proton pass so we can use only that one for getting into proton pass database and skip regular proton account password.
Edit: After reading other comments, I feel deceived here, as I'm not the only one who perfectly understood feature requirements, and Proton didn't.
-
Thorsten commented
This is not what I was voting for!
I need a SEPARATE password for Proton Pass, not an ADDITIONAL one.I was planning to store my Proton password (which is a cryptic one I don't remember) inside of Proton Pass. When I now need my Proton password to access Proton Pass, that wouldn't work.
Proton Pass should work with a single password only and that password must NOT be the one from my Proton main account.
-
Eric commented
Please re-open this. In my opinion, an "extra" password is not a "separate" password and I think it entirely misses the point.
The idea is that I have one really big password that I have to remember. That's what I use for my password manager. (Right now that's 1password, but I'd love for it to be Proton Pass.) Once I unlock my password manager, then I can unlock my email with a password I've never seen before.
The extra password requires me to remember a really hard password for my email AND a really hard password for my password manager. That's a different feature. One I don't actually want.
-
Rodolfo commented
What you released is not what was asked for, please reopen this!
-
Anonymous commented
Although I am happy to see feature updates for Proton Pass, this is not the feature that was requested here. Therefore I think it is a stretch to mark this feature request as completed and force everyone to vote on a new feature request. Especcially when it is the exact same request.
-
Gilles commented
As what has been implemented is NOT what has been asked at first, it is a bit of a shame to make us re-vote for the exact same feature !
Or at least transfert the 2000+ original votes ! -
Teke commented
This was not the idea, they were supposed to be separate passwords not an additional one. I still have to use another password manager to log in to proton mail/pass.
-
Mohadib Anofius commented
I agree, that's not why I voted, an additional password of PM for pass is an option it can be interesting, but I was more for the idea of GSim, a different password, not in addition ... it sucks so ...