Separate Password for Proton Pass
I don't use ProtonMail as my default mail service, therefore my Proton account is protected by a generated password that I can't and don't want to remember (using Bitwarden).
Having a way to use a completely different password than the one of my proton account to unlock Proton Pass will be a dealbreaker for me.
You can now set an extra password for Proton Pass in addition to your Proton account password, allowing for better compartmentalization and peace of mind. https://proton.me/support/pass-extra-password
This feature is rolling out today to all Lifetime plans, followed by a staged rollout for Unlimited plans, and it will be available to everyone else over the coming days.
-
G commented
Critical for security reasons to have unique seperate password/phrase to get into our Pass-similar to 1Password-that only the user has access to and is encrypted. Thanks.
-
Thomas Wagner commented
This is essential, so that we can set up a Pass-Phrase or password which is easier to remember(And potentially less secure) than a generated one, but still enjoy the security of a generated password for our general proton account.
An option to turn using a different password as on our proton account with a toggle would be nice as well. Till then i will continue using Bitwarden. -
Mayra Morales commented
The fact that Protonpass remembers my password all time is so bad. My master password is rather complex, I want to type at least once a day so I don't forget it.
so having a different password for protonpass and the option to unlock it with the master password or a pin
-
Til Goepfert commented
Absolutely. In the same vain I'd like to see better security on the browser extension allowing for it to be unlocked with something more secure than a 6-digit pin.
-
Duckling commented
It's absolutely critical to have password manager and email passwords as separate things, don't think using Proton Pass is a viable option until that's possible to do.
-
Dave commented
I currently use Nordpass but want to change to Protonpass my protonmail.com password is encrypted in Nordpass so to log on to Protonpass on my iphone it appears that I have to open Nordpass and copy paste my protonmail.com password to Protonpass that's not acceptable, therefore I didn't setup Protonpass on my iphone yet I did setup the web extension, it works slightly different as I can login via Nordpass directly, but I will not be able to fully remove Nordpass for that reason.
What Protonpass needs is a separate Master password to log in and Protonmail can then access an encripted password to log on to that.
On the iphone app the Master password needs an option to Unlock with Face ID. -
Shaik commented
I accidentally saved my protonmail login credentials including 2FA to my proton pass and I forgot the password! Thank God Proton Pass was installed on an another android device. Just imagine if I had only one device and I forgot my Protonmail PW!
-
Ken commented
This duplicates the idea with more votes for a separate PP passphrase from the Protonmail login
-
Ken commented
This duplicates the idea with more votes for a separate PP passphrase from the Protonmail login
-
RAX commented
I would like my employees to use ProtonPass only and not Proton-Mail. This requires "only" a Proton-Pass login and no mail login.
-
RID commented
I learnt hard way, didn't think I change password on ProtonMail thought I would be given time to make a note or copy new password! Then got logged out off Email and Proton Pass.
I sent email to Support as no way to get password, or to login to a Gmail account.
Lucky found paper copy of Gmail account.Proton Support was great help.
Would be good have a different easier password for Proton manger.
Am using the pin number, not looked if I can setup on Phone. -
William MacLachlan commented
You can use a unique 6 digit PIN to secure your vault. You can also set it to auto-lock
-
Ryan commented
Bitwarden allows the user the option to require a password to open on Android, even if the phone is unlocked. This is because my unlock code is only a few digits, whereas the master password to my vault is much longer. I don't want anyone who can unlock my phone to instantly have access to all my passwords.
-
spoon commented
This needs to happen. Having the same credentials for mail and pass is a dealbreaker for me.
-
Ron Jackson commented
Completely agree. I still use Bitwarden for this reason.
-
Paul commented
100% agree with this. If someone gains access to your email account password they literally have access to everything.
Side scenario I just ran into that would also encourage a separate password. I updated my Proton Email password and used Proton Pass to generate a password. Guess what happened next? Once I updated my password it logged me out of Proton Pass and needed my new password. However I don't know it since it was generated by Proton Pass. I tried to reset my password and then needed my phrase. Oh guess where that is? Yep, Proton Pass. If I had a master password that was separate I wouldn't have had this problem.
Luckily for me I still have my LastPass Manager to get my phrase.
-
Username commented
Other Proton services offer this feature, and this is a security feature that should be implemented.
If your email or calendar account is compromised, that's an issue and potentially very damaging.
But by having a password manager, Proton have made the target on themselves even larger. They have become even tastier, remember this is publicly in response to the fourth LastPass hack. With LastPass they just had all your passwords, saved cards, addresses, social security and so on. With Proton they'll have all that plus your emails, plus your online storage, plus your 2FA if you add it to ProtonPass (you can).
If your ProtonPass + 2FA has a separate password to the rest of the account then that at least is a more laborious compromise than a total open-sesame as it stands currently.
-
Ranakan commented
I totally agree. That's why I use mostly BitWarden : "Don't put all your eggs in one basket".
This should be an option in order to have more security layers on your account. Especially if you want to import all of your credentials on Proton Pass. -
A Doug commented
Ehhh, this should never be done... This would be going backwards in time. The point is to have a single secure identity to access your secure services (email, cloud storage, VPN, passwords). Why not figure out a strong enough password that works for you and use MFA on your account?
-
Bassam Saleh commented
add the ability to change the master password for proton pass. Since I use proton pass not other proton services