It’s very common for people with VPN subscriptions to share their credentials with friends and family. However, if you’re on Proton Unlimited, your Proton VPN password, is the same as your Proton Mail password, and probably your Proton Pass password.
For those of you who are on Proton Unlimited, how do you let friends and family use your Proton VPN account without granting them access your Proton Mail, Proton Drive, and more?
I personally have a proton duo plan for me and my partner so it’s not an issue for me, but you could export a Wireguard config and use it with the official Wireguard app
If you use any of the other proton services like mail etc I think this is a terrible idea. Even if you just export a wireguard conf if you don’t trust the person you share it with proton can and will block the full account for abuse if that comes up.
You don’t mind that your partner has access to your email or Proton Drive files? Or are those separate with Proton Duo?
I have no idea what a WireGuard config is. Also, I don’t have Proton Unlimited.
I’m just asking this question in case I ever do, because sharing VPN credentials is extremely common. So based on the comments so far, it seems that Proton has no workaround for this, and I guess they will never develop one because it is in their financial interest.
I run Proton over my home network so I guess technically I share it with anyone using my wifi but I do give out my credentials to other people.
I know you like an ELI5 so…
WireGuard is like a secret tunnel between two friends. A WireGuard config is a small map that shows who can use the tunnel. It includes a secret key that only the friends know. With the same map and key, they can send messages safely.
Proton allows users to generate these.
But if you still really want to do that, you set up 2FA and log in to your account on their devices to set up the VPN. Even if they happen to learn your password, they can’t do anything with it without your 2FA.
You should not do that. I believe you’ll be violating the ToS of Proton if you do. Your account is only for you.
I need to learn how to do that. Is your network stuck with one VPN IP, or can you change it?
If I ever did learn how to do that, I would want a set-up with multiple networks, one with the VPN location, and another with the real IP. I know some countries will have local websites, that are unaccessible from abroad. And I’m not talking about streaming websites. I am talking about online shops and even forums.
Do those people live away from you? And if yes, aren’t you afraid of them accessing your email and cloud drive?
Thank you for explaining in a graspable way. And when you use a WireGuard config, can your friend be anywhere in the world? Can they connect to any country or only the IP/location that you grant them access to? Can do they need to install ProtonVPN on their device?
That requires being in the same location. I know lots of people who share their VPN credentials with friends and family in different countries. I know friends who also share custody of an account to split the cost, and they don’t live in the same country. I have done that before, but not with a VPN.
Well, you have an answer and a solution now. You can do what you want.
I can change it.
That was a typo. I do not give out my credentials.
Yeah the config is just a small file that tells the Wireguard app how to connect to Proton VPN. Once your friend has the generated file and Wireguard installed they are set.
Each config is specific, its not like a VPN app where you can switch to whatever server you want whenever. If you want to know more you should read up on it via Protons own material.
the apps will work without the mailbox password but the browser extension won’t
The sharing of login criteria between modules is the biggest problem with unlimited. One’s password manager in particular should never be compromised in this way.
I’m surprised this is not mentioned more often.
You can add an extra password specifically for Proton Pass
I was gonna ask about that. The extra password only isolates Proton Pass, right? It doesn’t isolate Proton Mail from Proton VPN?
Indeed, this is not evidence of a well designed system. What about TOTP?
It does not solve the problem either which is that I’d like a simple password for my vpn which is easy to remember on the fly, with no TOTP, so I can temporarily pop proton vpn onto a borrowed laptop (for example) or give/lend it to members of my family. While my password manager is nailed down.
Unlimited is off limits for me!
I share my VPN subscriptions by giving out specific Wireguard configs to friends. Obviously they don’t then get the benefit of the shiny UIs but it’s a solution that works just fine.
You can generate configs for multiple servers so if one dies or you want another location you “just” load the desired config. Wireguard has good baseline apps for all platforms.