Added Protection for Sensitive Passwords
adding an option to secure specific passwords with an additional password to view or edit. This would provide extra protection for sensitive accounts and enhance user security.
-
Xavier commented
Need this. I'd like to store crypto seedphrase / private key on my proton but having them freely available to any malware I would accidentally run is a risk too high.
That way I could get the decrypted seedphrase only when entering this additional password (or 2FA) on a known secure device (on my iPhone for example rather than on my Windows which is much more insecure).
For even better security, the user could have the choice not to store secure password so that if their device is compromised, decryption cannot be bruteforced. It would be needed to hit protonpass server to fetch the password, which would not be returned in case the password / 2FA is incorrect and rate limiting would be implemtend.
-
Simon commented
I like this idea, or having an additional password for a 'high security' vault as it were. I use proton pass for my every day logins & have kept another password manager for important logins I don't need very often. It would be nice to have them in proton but behind another layer of security.