Separate Password for Proton Pass
I don't use ProtonMail as my default mail service, therefore my Proton account is protected by a generated password that I can't and don't want to remember (using Bitwarden).
Having a way to use a completely different password than the one of my proton account to unlock Proton Pass will be a dealbreaker for me.
You can now set an extra password for Proton Pass in addition to your Proton account password, allowing for better compartmentalization and peace of mind. https://proton.me/support/pass-extra-password
This feature is rolling out today to all Lifetime plans, followed by a staged rollout for Unlimited plans, and it will be available to everyone else over the coming days.
-
Thomas Holz commented
Ich geh sogar nch einen schritt weiter
Seperates PW JA
Änderung auf Passwortloses einloggen versus hardware key > Yubikey etc
zwangs einbindung eines 2fa´s selbst mit hardwareschlüsselm ( 2 passwort prinzip )
Der 2fa beispielsweise irgendein authenticator + den hardwarekey ist schon recht safe, passwörter hingegen können zufallstreffer haben ^^ und meistens merkt man die sich, der 2fa ist generiert und einmalig und nur für kurze zeit gültig, der hardwarekey schickt seinen key zum dienst und der fügt dem key einen weiteren teil hinzu worauf hin der hardwarekey diesen prüft und authentifiziert und dann erst schickt er den verschlüsselten key los worauf hin die gegenparteil diesen wiedererkennt und verwenden kann. So die drehe. -
paul commented
If I switched to Proton Pass at present, my username is my public facing email address, which has been sold God-knows-how-many times across the internet. In addition, as the one password I'll have to be able to remember, I'll need to switch the account password to something less secure than the intense string of characters generated by my current password service.
While my current password solution password isn't optimally secure, the service I use isn't a matter of public record (i.e. no @protonmail.com) and the login I use is exclusively for that service (not my public facing primary email address).
Oh, and it would also unlock my proton drive and calendar. Right now this is a hard pass.
-
JDJ commented
I would love to see an opt-in feature that adds:
1. An extra password (like the mailbox password) or its own password to proton pass.
2. The ability to select which alias is used to log in, defaulting back to the proton mail address should the alias (accidentally) be deleted.
3. An optional extra 2fa just for proton pass wouldn’t be too bad either.
Short summary, (optional) separate/extra credentials for accessing the vault than the credentials for all proton services.
This would be great and I think could also be implemented in a way that doesn’t break the current user experience for those that don’t feel like they require this extra security.
It would highly likely also bring more users to Proton Pass from other password managers.
-
JDJ commented
I would love to see an opt-in feature that adds:
1. An extra password (like the mailbox password) or its own password to proton pass.
2. The ability to select which alias is used to log in, defaulting back to the proton mail address should the alias (accidentally) be deleted.
3. An optional extra 2fa just for proton pass wouldn’t be too bad either.
I agree with many in these comments that the way it’s set up now isn’t the best opsec, using the same and username password for all secure and private services, not really a best practice.
Though at the same time, I do understand the ease of use this gives less tech savvy users. As a former IT support guy and now fairly seasoned sysadmin I’ve seen many people struggle with the balance between security and user friendliness.
The way proton designs their products is to make it as accessible to less tech savvy people as it is to the more privacy/security oriented people.For this reason, stay in the same market as you are now, but add more advanced security features for those that know how to use it and/or want more security.
Since that was the whole idea that started proton. More privacy and security without having to sacrifice.I truly hope Proton add a feature like this, cuz I would love to hop over to proton pass.
-
Gilles commented
This also creates a big problem :
1. my Proton accont password is recorded into ProtonPass... don't want to use a separate password manager just for it !
2. I have changed my password for my Proton account using the generate password feature of ProtonPass to have a safer/more complex one
3. BUT then, as my main Proton account password was changed, I got instantly logged off from all my ProtonPass instances, on all devices, BEFORE it would even give me the choice to update my Proton account entry in ProtonPass.
4. luckily enough I had pasted the new password into a notepad before saving the change. Otherwiswe I would have lost my Proton account access as I could not reconnect to ProtonPass without having the new, complex password that ProtonPass did NOT give the chance to save before kicking me out of my own account...
Having a separate password for ProtonPass would bring the possibility to remain connected to it even when changing the Proton account password and update related entry if kept in it -
David commented
I don't mind having the use of the pin while I'm logged in (this is actually more secure than when I was logged into LastPass), but I would like to see the occasional need to log back in (as I had to w LastPass), perhaps once a week or so, so I'll recall my master password. I'm actually very afraid I've forgotten my password because I've never had to log back in since creating my vault...!
-
Naresh Gupta commented
Also, I think better password or pin number should be required to see password in clear text in browser extension and app.
-
Ribbon3682 commented
I use proton as my main email service. It would be wonderful not only having separate passwords for mail and pass, but also for drive. Besides, it would be very interesting being able to login with only an specific alias and not all of them, that would be an extra layer of security.
-
Clark Everson commented
Lorin I understand your concern with those logins and while i think this feature is needed, and i can't switch until added, i disagree about removing those buttons. There are large clients that rely (especially on the sign in with google button) for the business SSO login. So removing it prevents those users from using this tool, which removes a segment of customers who could be using this as an alternative to 1password or bitwarden
-
Lorin Ricker commented
Adding my +1 (+many!) to having a separate Master Password for PPass, for all the reasons well-stated here by others. Also, please remove Facebook and Google authorization from PPass login/authentication -- that's like letting the wolves into the chicken coop! Relying on these information thieves for authentication/api services is a really bad look for Proton's security reputation!
-
Thorsten Rothenpieler commented
As many others stated already, this is a deal breaker for me.
As long as I'm forced to share my Proton Mail password with Proton Pass, I'm not going to switch from Bitwarden to Proton Pass.
It's a real shame because your password app seems great.
-
Don't Sleep commented
SUPER IMPORTANT. I can't believe it's not already a feature. 3 login attempts and logged out-big deal. I'm sorry I went with PP. I was using LastPass which has it's issues but at least I had a strong master password.
-
SD commented
It make no sense for secure product to have the same password for all services. Having my password for VPN stored in my ocal keychain, having the sme password for my email and Proton Pass?!? If someone get access to one place... they get everyting even if 2FA is used using email. I have to use 2FA with non Proton email to increse security. I would prefer only use Proton.
-
Sascha Win commented
this is so important. how can my password manager login be not separate from all other services.
-
mike b commented
It would be great to have a generated pass for Protonmail and a memorable pass for Proton Pass.
-
Get better commented
no don't separate password to log into proton pass that's gona big mistake for separate proton pass from protonmail account please don't listen to peoples dont do that.
-
Shawn commented
Please make this happen!
-
Clark Everson commented
This is the only thing preventing me from migrating to this app
-
Anon commented
You offer None, PIN and Biometric as options in your mobile app to unlock and only PIN code in the browser extension. Please add password as an option.
-
TWOK commented
This actually needs to be a passwordless (FIDO) logon, in addition to it being a separate password. Like others here, I generated a massive random password for Proton services using Dashlane and could never use it to sign into Protonpass without changing my master password to something human memorable. I could never recommend it to my friends or family without passwordless login.