Skip to content

Anonymous

My feedback

101 results found

  1. 4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  2. 5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  3. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  4. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  5. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  6. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  7. 6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  8. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    Anonymous commented  · 

    Even if you use Proton Authenticator and don't store any TOTPs in Proton Pass, you will run into the same problem the minute you enable the account sync feature on Proton Authenticator. I'd say, remove TOTP out of Proton Pass entirely, and fix the account sync feature on Proton Authenticator to close all TOTP theft loopholes.

  9. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    Anonymous commented  · 

    This is indeed a real problem and very dangerous problem.

    Example Scenario:
    Proton User stores passwords in Proton Pass. User stores TOTPs in Proton Authenticator. User activates account sync feature in Proton Authenticator.

    Bad actor compromises / steals Proton User's recovery passphrase, thereby enabling bad actor to disable 2FA and reset the user's account password. Now the bad actor has access to all passwords stored in Proton Pass. Next the bad actor installs their own copy of Proton Authenticator and turns on the sync account feature and enters the new account password. Instantly last synced copy of all TOTPs from the user's Proton Authenticator is synced to the bad Actor's Proton Authenticator. The bad actor now has all the passwords and 2FA TOTPs they need to break into your banking and other critical sites.

    Although the account sync feature is a great idea, how it passed security and pen testing makes me wonder. And yes when you change the account password the existing instances of Proton Authenticator stop syncing and is logged out; but whatever was last synced is still in the synced account and that is what will be downloaded to the bad actor's Proton Authenticator.

    Anonymous supported this idea  · 
  10. 4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  11. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  12. 7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  13. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  14. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  15. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
    An error occurred while saving the comment
    Anonymous commented  · 

    Simple solution. When pass create an alias it should put it in a dedicated alias vault or at the least allow the user to,in the alias config section, set a default vault where newly created aliases should be stored.

  16. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  17. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  18. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous shared this idea  · 
  19. 212 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
  20. 221 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Anonymous supported this idea  · 
← Previous 1 3 4 5 6