Option to add Secret Key (like how 1Password has)
I think Proton Pass should let the user decide to add a secret key along side their master password to their Proton Pass account.
So, similar to how 1Password creates their secret key to protect 1Password users.
The option should be opt-in as the user needs to add it during the sign up process or needs to go into settings if not already configured to add to the user's Proton Pass account.
This feature adds additional security as if the master password is discovered. The account still can't be accessed without the secret key.
-
rpaulson commented
I also like the secret key feature, but I guess, if you set up an extra password for Proton Pass you can think of the Proton master password as your secret key. You'll only need it to sign in (similar to the secret key and 1Password). Afterwards you use the extra password (similar to the 1Password master password) to unlock your vaults. So even if, for example, a camera records you typing your extra password, you should be fine, as long as you have a high entropy Proton master password and a potential attacker doesn't get hold of a device that is locked but where you're signed in already.