My feedback
37 results found
-
49 votes
supported this idea
·
-
32 votes
supported this idea
·
-
22 votes
supported this idea
·
An error occurred while saving the comment -
696 votes
supported this idea
·
-
1,095 votes
supported this idea
·
-
107 votes
supported this idea
·
-
816 votes
supported this idea
·
-
320 votes
supported this idea
·
-
5,394 votes
An error occurred while saving the comment
commented
7 years later...
supported this idea
·
-
132 votes
An error occurred while saving the comment
commented
Horrible idea, Get ready for MFA bombing (being spammed with prompts until you give in and click "Approve") like what happend to apple Icloud users recently if this is implemented.
push authentication is vulnerabile to social engieering attcks like this, I'ld quite posibly leave proton if they put this in.
Passkeys or FIDO2 Secutykeys would be a more secure passwordless option -
767 votes
An error occurred while saving the comment
commented
If they can achive this without the Know Your Customer (KYC) requirements that are imposed on the majority of today's traditioanl financal system it would be amazing.
Unless it's KYC free, id rather see wider adoption of a cryptocurrency like monero
supported this idea
·
-
211 votes
An error occurred while saving the comment
commented
TOTP is not the best MFA and idealy you would not store the keys for it on any device you will authenticate to
I would simplay recommend using a Yubikyey (maybe two so you have a backup) and keeping the TOTP secret on the yubikey(s) with the Yubico authenricator app
this restores TOTP back to being on a keyfob wich there is a reason it started out on keyfobs is it creates an air-gap where the seed/key/secret can’t be leaked -
238 votes
An error occurred while saving the comment
commented
Was going to post this mysefl, have 3 of my votes sir!
even if the storage counts against mail and drive. certin things make more sense to be an attachment alongside the login record in a password manager instead of a losse folder in cloud storage.
supported this idea
·
-
3,606 votes
supported this idea
·
An error occurred while saving the comment
commented
"Possibly in 2016."
Checks calendar, 2023. 7 years latter...
why is this still marked as planed? -
6 votes
shared this idea
·
-
236 votes
An error occurred while saving the comment
commented
Agreed, take how Apple implements Security keys as an example of how this should work.
You need at least two to even turn on U2F, and then OTP and other methods like SMS are shut off when you do with the exception of password/account recovery.
Having plain old TOTP as a plain old signin MFA and not at most a recovery method where I’m notified of login attempts alongside security keys should not be a thing it nullifies the added security.
Google also does similar if you opt in to their “advanced protection program”.
The largest players in the industry seem to be in agreement, that this is how security keys should work; They should be your only MFA.
supported this idea
·
An error occurred while saving the comment
commented
Would be great to see them go beyond this and allow the use of webauthn or passkey as a passwordless authentication method
-
221 votes
An error occurred while saving the comment
commented
An actual iPad app is sorely needed.
The “iPhone emulator” mode that is used on iPad currently frustrates me to the point I don’t use it
supported this idea
·
-
146 votes
An error occurred while saving the comment
commented
Email is inherently insecure by its original design/architecture.
If you need complete confidence you should not be transmitting the data via email.
Post-Quantum Encryption is quantum resistant not quantum proof.
No system is future proof or unhackable -
154 votes
supported this idea
·
-
2,253 votes
supported this idea
·
An error occurred while saving the comment
commented
What would make Proton MobileOS diffrent from say CalyxOS or GraphineOS?
I did put in 3 votes for a desktop OS because at the moment proton has the infrusturcture and apps to make a more private ChromeOS altenrive, or maore daily use Tails, wichever way you wan t to spin it.
I don't see what value would be added byt them poducting a mobile OS, but i'll gve it a vote bescaus i wouldn't mind it.
Not in favor of ongoing sync to a less secure storage, but one time import is sorely needed.
Som of us have in the hundreds of GB in other clouds. I'm sure an import mechanism directly in proton's infrastructure would be much faster than downloading form the traditional public cloud and uploading to proton.