Mark Garrett
My feedback
14 results found
-
1,145 votes
An error occurred while saving the comment Mark Garrett supported this idea ·
-
589 votes
Mark Garrett supported this idea ·
-
838 votes
Mark Garrett supported this idea ·
-
364 votes
Mark Garrett supported this idea ·
-
463 votes
Mark Garrett supported this idea ·
-
301 votes
Mark Garrett supported this idea ·
-
252 votes
Mark Garrett supported this idea ·
-
483 votes
Mark Garrett supported this idea ·
-
321 votes
Mark Garrett supported this idea ·
-
976 votes
Mark Garrett supported this idea ·
-
240 votes
Mark Garrett supported this idea ·
-
186 votes
Mark Garrett shared this idea ·
-
1,468 votes
Mark Garrett supported this idea ·
-
3,750 votes
Mark Garrett supported this idea ·
Some are saying this isn't possible, but I think it could be done. This is how I see it working.
Setup:
1. Target user picks another Proton user be their Emergency Access user.
2. Target user picks enters the amount of time they want the delay period to override the access to last.
3. Target user enters their Proton password
4. Target user's Proton client downloads Emergency access user's public key
5. Target user's Proton client encrypts the Target user's password (or some other secret that can be used to decrypt the content of the Target users account) with Emergency access user's public key.
6. Cypher text of the Target user's Proton Password is uploaded to Proton's servers, but target user is not given authorization to access the password.
Usage:
1. Emergency Access user requests access
2. Either Target user rejects the request, or the delay period elapses (and we stop here)
3. Emergency Access user is granted access to Target User's account
4. Emergency Access user's proton client downloads the cypher text of the Target user's password (or other secret)
5. Emergency Access user's proton client decrypts the Target user's password/secret locally
6. Target user's Proton login info is added to Emergency Access user's Proton Pass
Caveats:
* If Emergency Access obtains access to Protons servers by other means (They work at Proton or they hack Proton), they potentially could obtain access to Target user without the delay period elapsing.
* This doesn’t explain how to handle 2fa.