Today, we’re happy to announce another significant milestone in the growth of the Proton ecosystem with the launch of the Proton Pass beta for Lifetime and Visionary users. Invites will roll out over the next week, and you’ll receive an email from us at your Proton Mail email address when you’re eligible.
[…]
A password manager has been one of the most common requests from the Proton community ever since we first launched Proton Mail. However, while Proton Pass uses end-to-end encryption to protect your login credentials, it will be much more than a standard-issue password manager. This will become clear over the next weeks and months as we prepare Proton Pass for a public launch later this year.
[…]
We’re launching Proton Pass now for two primary reasons. First, joining with SimpleLogin increased our ability to develop a new password manager without impacting efforts on other Proton services. Second, passwords are such sensitive information that an insecure password manager is a risk to the Proton community. Proton Pass is not just another password manager. It’s perhaps the first one built by a dedicated encryption and privacy company, leading to tangible differences in security. For example, while many other password managers only encrypt the password field, Proton Pass uses end-to-end encryption on all fields (including the username, web address, and more).
Still limited to a few testers, not fully edited or released yet, obviously. They do point out that they haven’t had the green flag for the Firefox extension of it, recommending Brave Browser until then.
I mean I get it, limiting people/company/software/apps trust to less entities and maybe limiting the attack surface as well, but at what point does ito becomes all egg in one basket kind of situation?
In my opinion, using any password manager is putting all your eggs in one basket. If someone gains access, all your accounts are compromised no matter which one you go with. So you might as well make it slightly more convenient by keeping everything in one place. Just my thoughts though.
If you don’t put your 2FA codes in it i don’t really agree but I get your opinion. Still passwords managers are the only way to make people use good password security so I don’t see a way without them.
Proton Pass is still in beta for now and we should wait a bit to see how things will evolve. Other password managers as of now are more feature rich. But i am confident this will become a good option and I probably will use it eventually
Would still be worth being listed, as a self-host option. When self-hosting, most critics of their terms of services aren’t taken in consideration, and paid locked features are free.
I think the important thing to look forward to when looking at password managers is passkey support. Both Bitwarden and 1Password (the cloud options listed on Privacy Guides) have committed to supporting them.
I find it difficult to believe that Proton Pass won’t do the same, but I think we should at least wait until it’s stable/more feature rich. Password managers are critical pieces of software, so they require careful consideration before they’re adopted/recommended.
I disagree with de-listing Bitwarden, by the way, as they’ve shown that they’re willing to improve and have over time, but regardless, even if we were to have that conversation, it should be in its own thread, not here.
I can definitely see where KeePassXC are coming from, but I initially read the Proton announcement and didn’t think it was a big deal since it obviously seems targeted towards commercial/mainstream password manager users (like LastPass) and not people who use KeePassXC or similar.
Until more people get access to it and there is a more verified audit, I will stick with Bitwarden. Most probably I will migrate to Proton Pass, but also it is very important for me to have the same functionality as Bitwarden. I love to use the Bitwarden storage as a safe backup for really important documents that I can than Bitwarden shares automatically with my family in case of death(It is set to send them 60 days after the last login), which looks like it is not possible with Proton Pass.
.