Having a separate password for Proton Pass would improve user trust. Most Proton Pass users are not IT-security experts and may not fully grasp the intricacies of how the system operates. Therefore, it is important to keep things as simple as possible.
Currently, some basic principles of password security are violated:
- Never reuse passwords [1]
- Memorize as less passwords as possible to avoid the password fatigue [2]
While I am confident there is a solid rationale behind Proton's implementation choices, explaining these decisions might require delving into complex technical details. Lengthy explanations can be difficult to understand and may inadvertently reduce trust.
Having a separate password for Proton Pass would improve user trust. Most Proton Pass users are not IT-security experts and may not fully grasp the intricacies of how the system operates. Therefore, it is important to keep things as simple as possible.
Currently, some basic principles of password security are violated:
- Never reuse passwords [1]
- Memorize as less passwords as possible to avoid the password fatigue [2]
While I am confident there is a solid rationale behind Proton's implementation choices, explaining these decisions might require delving into complex technical details. Lengthy explanations can be difficult to understand and may inadvertently reduce trust.
[1] https://proton.me/blog/creating-password-policy#Never-reuse-passwords
[2] https://proton.me/blog/password-fatigue