Separate Password for Proton Pass
I don't use ProtonMail as my default mail service, therefore my Proton account is protected by a generated password that I can't and don't want to remember (using Bitwarden).
Having a way to use a completely different password than the one of my proton account to unlock Proton Pass will be a dealbreaker for me.
You can now set an extra password for Proton Pass in addition to your Proton account password, allowing for better compartmentalization and peace of mind. https://proton.me/support/pass-extra-password
This feature is rolling out today to all Lifetime plans, followed by a staged rollout for Unlimited plans, and it will be available to everyone else over the coming days.
-
John commented
I just finished reading: https://proton.me/support/pass-extra-password, that's not what I voted for. I think this is not a bad thing what you implemented as "extra layer of security" but I want to set my "Proton Account" password to be some super random ultra long gibberish and my "Proton Pass" password to some secure but somehow memorable. I want to unlock the "Proton Pass" with the "Proton Pass" password and if I want to sign in to my Proton Account, let's say to read my mails I am going to copy out the "super random ultra long gibberish" Proton Account password to sign in into everything else besides the Proton Pass Account.
As I already mentioned, I think the "extra password" feature as implemented can be good for some people, but a "seperate password only for Proton Pass" is what we requested.
-
Andy commented
I think what the community asked for was a separate password for Proton Pass, but not the additional one.
As I understand it, a separate password was asked for was to make Proton Pass an independent (from the Proton account) place to keep your passwords and other confidential data.
I am not entirely sure the additional password would do the same job as a separate password.
-
Kaleb commented
I think there has been a miss communication with what has been requested vs what has delivered (which I think is a great option to have might I add)
But this isn't quite what was requested / voted for by users :(
An alternate password is wanted for Pass, a sperate password from the one used to log into the rest of the Proton suite of apps.
-
Kizu commented
this was not the idea proton. it was not. come on.
-
Time Pencil commented
Separate password! NOT an additional password. Good grief!
There's no prospect of me ever applying a second password to Pass. (There's also no prospect of me ever paying for Pass while the desktop app is 'dark mode' only.)
Congratulations, Proton, on taking your first step towards enshittification.
-
Paul commented
From what your proton pass email says this is not what we asked for at all.
-
Basile commented
Looks like proton didn't really understand the feature request. They are implementing an extra password (you will need two passwords to unlock proton pass) but the feature request is about having a separate, independent password (you only need this password to unlock proton pass, you can save your proton mail password in proton pass).
-
Craviee commented
Thanks for this, after this is done I'm gladly moving from BitWarden to Pass.
P.M has an excellent question, when can we expect this feature to be released? -
P.M commented
How long do you guys think that this will take before this feature get released?
-
Simon Jacobs commented
Please add other login methods for users to choose between. Just having the PIN on PC seems unsafe. It would be great if entering a Masterpassword (such as with Bitwarden) or using a physical key would be possible.
-
Shawn commented
Proton Team, thanks so much for this feature! Now, it would be great to also support the option to unlock using a security key like Yubikey as well instead of just signing in for the 1st time.
-
SD commented
Great news! Thanks.
-
Tony Hackenberg commented
Yippee! Glad about this development (separate password for Proton Pass)!
-
Anonymous commented
Fantastic news! Thank you so much!
-
Thomas commented
Took some time, but I'm glad to see it happen! This is genuinely exciting news
-
Thomas Holz commented
Ich geh sogar nch einen schritt weiter
Seperates PW JA
Änderung auf Passwortloses einloggen versus hardware key > Yubikey etc
zwangs einbindung eines 2fa´s selbst mit hardwareschlüsselm ( 2 passwort prinzip )
Der 2fa beispielsweise irgendein authenticator + den hardwarekey ist schon recht safe, passwörter hingegen können zufallstreffer haben ^^ und meistens merkt man die sich, der 2fa ist generiert und einmalig und nur für kurze zeit gültig, der hardwarekey schickt seinen key zum dienst und der fügt dem key einen weiteren teil hinzu worauf hin der hardwarekey diesen prüft und authentifiziert und dann erst schickt er den verschlüsselten key los worauf hin die gegenparteil diesen wiedererkennt und verwenden kann. So die drehe. -
paul commented
If I switched to Proton Pass at present, my username is my public facing email address, which has been sold God-knows-how-many times across the internet. In addition, as the one password I'll have to be able to remember, I'll need to switch the account password to something less secure than the intense string of characters generated by my current password service.
While my current password solution password isn't optimally secure, the service I use isn't a matter of public record (i.e. no @protonmail.com) and the login I use is exclusively for that service (not my public facing primary email address).
Oh, and it would also unlock my proton drive and calendar. Right now this is a hard pass.
-
JDJ commented
I would love to see an opt-in feature that adds:
1. An extra password (like the mailbox password) or its own password to proton pass.
2. The ability to select which alias is used to log in, defaulting back to the proton mail address should the alias (accidentally) be deleted.
3. An optional extra 2fa just for proton pass wouldn’t be too bad either.
Short summary, (optional) separate/extra credentials for accessing the vault than the credentials for all proton services.
This would be great and I think could also be implemented in a way that doesn’t break the current user experience for those that don’t feel like they require this extra security.
It would highly likely also bring more users to Proton Pass from other password managers.
-
JDJ commented
I would love to see an opt-in feature that adds:
1. An extra password (like the mailbox password) or its own password to proton pass.
2. The ability to select which alias is used to log in, defaulting back to the proton mail address should the alias (accidentally) be deleted.
3. An optional extra 2fa just for proton pass wouldn’t be too bad either.
I agree with many in these comments that the way it’s set up now isn’t the best opsec, using the same and username password for all secure and private services, not really a best practice.
Though at the same time, I do understand the ease of use this gives less tech savvy users. As a former IT support guy and now fairly seasoned sysadmin I’ve seen many people struggle with the balance between security and user friendliness.
The way proton designs their products is to make it as accessible to less tech savvy people as it is to the more privacy/security oriented people.For this reason, stay in the same market as you are now, but add more advanced security features for those that know how to use it and/or want more security.
Since that was the whole idea that started proton. More privacy and security without having to sacrifice.I truly hope Proton add a feature like this, cuz I would love to hop over to proton pass.
-
Gilles commented
This also creates a big problem :
1. my Proton accont password is recorded into ProtonPass... don't want to use a separate password manager just for it !
2. I have changed my password for my Proton account using the generate password feature of ProtonPass to have a safer/more complex one
3. BUT then, as my main Proton account password was changed, I got instantly logged off from all my ProtonPass instances, on all devices, BEFORE it would even give me the choice to update my Proton account entry in ProtonPass.
4. luckily enough I had pasted the new password into a notepad before saving the change. Otherwiswe I would have lost my Proton account access as I could not reconnect to ProtonPass without having the new, complex password that ProtonPass did NOT give the chance to save before kicking me out of my own account...
Having a separate password for ProtonPass would bring the possibility to remain connected to it even when changing the Proton account password and update related entry if kept in it