Emergency access
Many password managers offer an Emergency Access feature whereby in the event of something happening to you a family member/trusted friend can gain access to your password vaults. Once you set them up, they can request access. if you do not reject access in whatever number of days you specify, then they gain access. This is a nice assurance that a family member can access your info if something happens to you without having to share your login info with them now.
-
Mark Garrett commented
Some are saying this isn't possible, but I think it could be done. This is how I see it working.
Setup:
1. Target user picks another Proton user be their Emergency Access user.
2. Target user picks enters the amount of time they want the delay period to override the access to last.
3. Target user enters their Proton password
4. Target user's Proton client downloads Emergency access user's public key
5. Target user's Proton client encrypts the Target user's password (or some other secret that can be used to decrypt the content of the Target users account) with Emergency access user's public key.
6. Cypher text of the Target user's Proton Password is uploaded to Proton's servers, but target user is not given authorization to access the password.Usage:
1. Emergency Access user requests access
2. Either Target user rejects the request, or the delay period elapses (and we stop here)
3. Emergency Access user is granted access to Target User's account
4. Emergency Access user's proton client downloads the cypher text of the Target user's password (or other secret)
5. Emergency Access user's proton client decrypts the Target user's password/secret locally
6. Target user's Proton login info is added to Emergency Access user's Proton PassCaveats:
* If Emergency Access obtains access to Protons servers by other means (They work at Proton or they hack Proton), they potentially could obtain access to Target user without the delay period elapsing.
* This doesn’t explain how to handle 2fa. -
Jo commented
It's primordial for me and my business if I pass away.
-
Rwd commented
A very important feature as nobody knows when his/her life ends.
A bit of planning ahead does not harm. -
sampling_trekker380 commented
I understand the idea but this will introduce a backdoor into Proton.
What could be a solution though is something like 1 Password is doing.
On the one hand they have something called emergency kit which is basically a PDF with your password and your recovery key.
This could be kept (printed form) in a safe at your home or maybe at the bank. https://support.1password.com/emergency-kit/On the other hand, they have "Family Managers" which can hold a recovery key of the family members. But those essentially become the Master accounts of multiple other accounts and this can create a vulnerability. It's not a very big deal for most people though.
https://support.1password.com/family-organizer/#add-or-remove-a-family-organizer
https://support.1password.com/family-recovery-plan/ -
Pharaoh commented
A legacy account that's only accessible through certain things like yubi key, authentication app or even something like an RSA SecurID. Two of these can be placed in a lock box and when used should either access specific allowed information or wipe all information from the account.
-
Roger Stube commented
For those of us not getting any younger this is a critical feature!
-
Zazuo commented
Yes. This + YubiKey support are the only critical missing features. There are other important things but this is essential!
-
gk23vj5 commented
This + Yubikey is why I'm still on Bitwarden. I think this is important.
-
Julio commented
The same way vaults can be share they can be delay-shared, just extra step to confirm/deny access, this feature would be amazing
-
Jamaladinho commented
Any updates on that one? I am not sure whether this would really undermine the security model, as I am not an expert. However, it seems other providers like Bitwarden, which I at least think are rather serious and reliable, are somehow able to offer this feature.
-
P commented
Essential feature for me, to fully adopt proton pass. With so many things only available digitally, a digital will becomes necessary, to ensure my family can access details if/when something happens.
-
A commented
Can't be done securely. This would require either proton to know your encryption keys, or you to encrypt the shared data to the recipient's keys ahead of time and have proton escrow that, neither of which are desirable under proton's security model.
-
JWF commented
This should not be a Proton Pass-specific feature, but instead something for Proton Accounts. I forget its exact name, but Google has a similar feature to designate a digital caretaker for your account in the event something happens to you unexpectedly. There are configurable choices about how someone could receive access and what data they would have access to.
Something like this for the entire Proton Account would be more useful than Proton Pass alone. I have the same concern for my passwords as I do my Calendar and my Drive.
-
Lance Moore commented
Secure shared access in case of emergency is hugely important. My trusted friends need to be able to access my accounts and pay my bills, etc., when the time comes. I really don't want to email my info to them. :-( or put it on a piece of paper.
-
Michael Hopkins commented
Really want to ditch LastPass for Proton Pass, but it's going to be hard without some kind of method to share my vault with loved ones in a hit-by-a-bus scenario.
-
verbose786 commented
I don't like the thought of this as it would require a "trusted" middleman to hold onto the encryption key. I think you would be better off using something like Shamir's secret sharing algorithm (https://en.wikipedia.org/wiki/Shamir%27s_secret_sharing) to distribute your key among trusted peers. This way you can "ensure" that they won't use their parts of the key until the case in which they are supposed to arises.
-
P.M. commented
One of the most compelling features of my current password manager (LastPass) is the emergency access feature. I very much like the ability to allow approved people to request access to my account and, should I not decline that request in a self-determined amount of time, to allow them to have full access. Unexpected things happen all the time and easing the ability for my loved ones to manage my affairs is quite reassuring to me.
I certainly understand the security issues. My initial e-mail request about this got a response that said that implementing this would, perforce, allow access to the whole Proton account, but that is something I'm fine with, as they would get that through such a request anyway.
-
J commented
Good idea and hope it could be done securely without risks.
-
Attila Matolcsy commented
While I support this, but only if the security of the passwords are not compromised as with this way they need to open up access. So encryption becomes a question.
-
Rob commented
Could be useful to be able to allow emergency access by agreement through multiple trusted parties or when not logged into any proton ser ices for a long period of time.