Proton Pass & Authenticator
331 results found
-
Make text from ProtonPass web browser extension private
Clipboard managers have internal functions that tells them not to remember stuff copied from certain sources, which is the behaviour we'd want from whatever comes out of password managers.
Unfortunately, the copied text coming out of the ProtonPass web browser extension (at least on Firefox) is plain text and my clipboard manager remembers it forever in its memory, which is not ideal for security. (I'm using Pasteboard Viewer to check the type of text that is stored in the clipboard.)
Apparently, there is a way to tag text as sensitive from browser extensions: this was reported in an issue on…
67 votes -
Improve the Accuracy for the Weak Password Detection.
According to Proton Pass, this password is weak: !C2&e3D%BNaeyP
According to Hive Systems, Security.org, Kaspersky, Nord Pass, and Bit Warden, it is considered very secure.
If you generate a password within Proton Pass using symbols, letters, etc. with 14 characters, it considers that password secure, meaning that Proton Pass has a bias for its own generated passwords.
Side Note: The password used in this example was generated by Nord Pass.124 votes -
Improve Website Association Handling in Proton Pass
Currently, when logging into a website using the Proton Pass browser extension, if the URL of the website does not exactly match any of the existing "website" entries in a saved login, the extension prompts the user to save it as a new login. However, this creates a duplicate entry with the same username/email and password but a different website URL. Since Proton Pass doesn’t currently support merging login entries, this leads to unnecessary clutter and confusion.
Suggestion:
Please consider adding a feature such as an "Add website to existing login" button in the save prompt. This would allow users…25 votes -
Domain URL matching rules
Proton pass should have URL matching rules like bitwarden. This makes it easier to handle different usecases.
For instance, at work I have different usernames/passwords on different subdomains and I would like to be able to limit certain credentials to specific subdomains and have others shared accross multiple subdomains.So that would be great to have a diffrent matching rules like:
- root domain
- hostname
- starts with
- regex
- exact match
- ...1,521 votes -
Unlimited 2FA for free accounts
The MFA shouldn’t be a paying feature for proton pass or any other proton app. This type of security nowadays are crucial to improve the protections of our account, to me there is nothing that would justify MFA being a paid feature.
359 votes -
Support regional date formats
Currently, dates always display in the American format (MMMM DD YYYY), which is completely backwards in my region of the world. Quite surprising considering Proton is a European company! Please support proper regionalisation.
15 votes -
Ignore Microsoft Authenticator "passwords" (Android)
I cannot avoid using Microsoft Authenticator for work.
But whenever I use it to enter a one-time code, Proton Pass pops up and offers to save the "password".
This is where the online service will pop up a two-digit number, and then the authenticator asks you to type the same number. And then unlock with biometrics. And then let you into thAe online service.
It would be slightly less annoying if Proton Pass could just ignore it.
13 votes -
Encrypted file attachments on export
When exporting data from Proton Pass in the encrypted PGP format with the "Include file attachments" option enabled, the resulting ZIP file contains attachments that remain unencrypted. This means that while the main vault data is encrypted, the attachments within the ZIP file are not.
Currently, Proton Pass does not offer an option to encrypt or password-protect the ZIP file containing the attachments.
26 votes -
Allow users to select minimize to tray or close desktop app
Currently, the Linux desktop app closes to tray by the default. However, it would be important to allow users to change this behavior by specifying if they want the app to shutdown instead of minimizing to tray upon closing the window.
19 votes -
Don't close web browser extension dialog on backdrop click
It will be super usefull if the web browser extension could stay open on backdrop click. It's easier when you copy/paste multiple infos !
Stay safe and private <3
19 votes -
Protecting a secure link with a password
It would be great if we could additionally protect a secure link with a password. This would prevent anyone who happens to have the link or virus scanners that check every link in an email from accessing the sensitive data directly.
13 votes -
Associate alias with login under one record
I find that I end up tracking two items for a number of logins: the login record and an associated email alias. Would it make sense to have the alias be a sub-record of the login record?
15 votes -
Authenticator app encrypted export
Allow user to set password to create encrypted export of the MFA codes. This feature is in many other apps, and prevents relying on cloud platforms (e.g. iCloud, Proton itself) to create & restore backups.
12 votes -
Proton pass doesn't work consistently
I really like proton mail app and VPN and want to use pass to stay with the same system but it doesn't show automatic suggestions in gboard consistently enough. It doesn't respond to log in fields that often or offer passwords when needed sometimes I need to delete what's on my clipboard before it works. Very frustrating as having to open the app every time is a chore. I tried to save a recently created login, it took me to the app but then I had to re-enter the details myself, luckily I had the password copied as I previously…
6 votes -
Add SSO to Business Suite subscription
Proton Pass has SSO in Pass Professional subscription allowing organisation's users to sign in with their credentials in the organisation instead of separate credentials for Proton Pass. This is awesome feature, but I don't get why it is not enabled for Proton Business Suite. It is more evident Business Suite subscribers are actually organisation that have multiple users and their own IdP to allow standard authentication protocols for organisation's users.
11 votes -
A Proton Pass login option for biometrics or extra password rather than device PIN.
The setting that enables biometrics with a fallback to device PIN seems to be a weakness to me as you can force the biometrics to fail and device PIN can be weak. I suggest that if an extra password has been added that an option to fallback to that rather than device PIN should be available.
This problem is on a Mac. I see that on mobile devices you can turn off the fallback to PIN and it will force a re-login.
5 votes -
Add another grade level of "Good/Average" in between "Weak" and "Strong" for password strength
As a security-minded IT professional, I'm finding myself confused that very similar passwords are considered "Weak" or "Strong". If I generate a 14-character random password with lowercase, uppercase, numbers and symbols, Proton marks about half of them "Weak" and half "Strong". Similarly, all randomly generated 16-character lowercase passwords are marked "Vulnerable", while increasing that to 17 chars results in all being marked "Strong". There seems to be some strange inconsistencies with the grading algorithm (see another user's request titled "Improve the Accuracy for the Weak Password Detection").
Regardless of user knowledge and experience level, and accepting for now the separate…
10 votes -
Authenticator: Click to show code. Hide all by default.
Currently, android Proton Authencator can work in one of two modes:
1. Hide all codes and never display the code in the UI (even when clicked).
2. Show all codes at all times.But this is not enough.
If you hide all your codes, you can only copy the code to the clipboard and use it on your phone/device. If you show all codes, you expose yourself to over-the-shoulder snooping.
A very common use case is that someone wants to keep all codes hidden by default but reveal a particular code when it's time to use it, when the user…
6 votes -
Proton Pass make attachments available offline
As Proton Pass becomes an items/everything manager, it would be valuable option to make attachments available offline. Examples include attachments for passport photos, drivers license, medical cards, etc.
7 votes -
Vault Resizing
Ability to adjust column widths on the new desktop app (I'm on Windows). Currently, for vaults with longer names, the only way to see the full name is to go into the "edit vault" page.
Alternative (or addition) might be something where the viewable space expands on hover to display the whole name.
18 votes
- Don't see your idea?