Proton Pass Monitor: Dark Web Scanning, Password Health, Inactive 2FA
It would be nice to keep my vault healthy with secure passwords. A dashboard could help manage this. Most other password managers have features likes this.
Hi everyone! We're happy to announce that Proton Pass Monitor is now available: https://proton.me/blog/proton-pass-monitor
✨ Discover weak and reused passwords
✨ Find accounts with inactive 2FA
✨ Get breach notifications for emails, aliases, and passwords.
You can also check out the following support articles:
-
B commented
My proton pass synced all my devices, now I have over 1000 passwords for about 100 sites.
-
smitchen commented
I would love to see the ability for Proton Pass to view my passwords and see any duplicates or similarities between them. Not only seeing exact copies, but similarities (ex password1 vs PassWord2).
I have too many passwords to go through them all to see what passwords that are older than when I used a password manager to randomize them
-
Shedoram commented
Similar to Dashlane it will be great to include advanced monitoring to identify any security breach
-
LonelyTree27 commented
That would indeed be very useful, both as a password audit (strength of passwords, password age, availability of 2FA or MFA for accounts where it hasn't been configured, ...) and as breach detection.
-
Chosenman commented
Absolutely agree with duplicate deletion and multiple selection for deletion. Option for duplicate deletion during import would be beneficial too. Duplicates listed in new to old order (groups).
-
Patrick Stewart commented
This is a serious issue for me; I have many hundreds of entries. I have been using Bitwarden, and I was juggling the two apps while i decided which was best, plus importing all the browsers, which had many duplicate entries... now I have close to a thousand entries with all the duplicates! Some have slight variations, or data I may want to consolidate into a single entry. So, Ideally, a utility that utilizes AI to search for duplicates or very similar entries and offers to merge or remove them would be fabulous.
-
[Deleted User] commented
It would be really great!
-
Mehdi Meziane commented
Remove duplicate entries to clean up the account list. Sometimes old entries are selected and trick the login form. Thanks in advance.
-
output461 commented
Similar suggestion to Add dashboard to check double passwords, compromised accounts/passwords, weak/old passwords, missing 2FA, dataleaks, etc.. Let's combine votes there https://protonmail.uservoice.com/forums/953584-proton-pass/suggestions/46854529-add-dashboard-to-check-double-passwords-compromis
-
Frank commented
So not only in combination with import.
-
Frank commented
I suggest an option to list items having a same password.
Such a list with the first/eldest item per password.
Then when clicked a sublist with belonging items.
Option per each item in the sublist for delete, merge or open -
Dillon commented
Absolutely necessary and a must-have for high quality password managers. Knowing which passwords are at risk of being compromised due to a breach (re-used passwords).
-
sl33pinC4t commented
This could be done using K-anonimity feature proposed by Have I been Pwned.
Meaning part of the hashed password is used to find corresponding elements in HIBP.
Then the hashes are compared localy when the user is logged in.
This allows to keep the zero-knowledge aspect for Proton and to detect potentialy leaks. -
Luke commented
What Bitwarden web vault dashboard has is a perfect example of what should be done. Have the ability to see all this data is really important to have a good password base, especially when having hundreds of passwords.
-
A user commented
Knowing which accounts don’t have 2FA would be useful. (Right now, I just stumble upon them and fix them as I go along.) And for those services that don’t provide 2FA, knowing whether your password is weak or whether you have it repeated in some other login would help.
I’m not entirely comfortable with integrating with haveibeenpwned because that would mean sending my password out for someone else to look at so they can check if it has been compromised, and one of Proton’s selling points for me is that they don’t rely on other companies’ privacy promises. If you decide to implement it, please make it opt-in with bold red letters saying that your password will be shared with someone besides yourself.
-
Peter Bailey commented
Other password managers I've used, namely Nordpass, have the ability for multiple deletions. I'm not aware of any password managers that can find duplicates.
-
Peter Bailey commented
PP needs to be able to find duplicate entries. I have many, many duplicate entries, probably from earlier password managers or browsers. But, PP doesn't seem to filter any incoming entries.
And, once duplicate entries are found, it needs to be able to delete multiple entries at once. I should be able to choose more than one entry at a time and delete them all at once.
-
silvan commented
app gets useless without this function :/ pleaseee prioritize :)
-
Jack commented
There should be something inside of Proton Pass where it will give you password security enhancement recommendations where you can also see your password health score and all of your weak and reused passwords.
-
Jessy commented
I would call this similar to what other password manager software call it: "Dark web monitoring" (duh, whatever that means), an integration of haveibeenwpnd with data leaks monitoring.
I have doubts I'd like anyone to monitor the passwords since it has to be truly zero-knowledge. I wonder if that is technically safe to verify your password being leaked.