Privacy Guides @lemmy.one Extra_Cucumber_2979 @lemmy.world 1 yr. ago

Proton Pass is now available

proton.me Proton Pass: Open Source Password Manager App | Proton

Proton Pass is an open source, end-to-end encrypted password manager app. Create and store passwords, email aliases, 2FA codes, and notes on all your devices

TechNews @radiation.party irradiated @radiation.party

BOT

1 yr. ago

[HN] Proton Pass: Open-Source and Encrypted Password Manager App

proton.me /pass

36 comments

I tried it and its pretty cool and polished, but Bitwarden is WAY better in every poseible way.
I wish that proton would focus on the depth of their present stack, as opposed to breadth.

I've been begging for rclone support for proton drive for a long time now.. without it, I basically have 1tb sitting there useless.
- Same thoughts here. ProtonVPN under Linux is very poorly supported.
  
  It's horrible. I've had to hack together a shell script to switch between countries using a bunch of openvpn config files. The official app broke my Linux Mint network setup.
  
  Wish I could up vote that 100 times!
  
  Just out of curiosity. How is it poorly supported?
  I haven't used it much yet, but the times i have it seems to have worked fine.
I'm pretty sure the app is great, but I am not a fan of putting all my eggs in the same basket. I will keep using Bitwarden for the time being.
- Same here. I'm fine using Proton for my mail & drive, but I also like keeping my passwords separate in bitwarden, and my 2fa separate in my raivo. A healthy separation is good.
I was in the beta of it, didn't use it though as i am on 1password.

For me it's important that i have a desktop application. I don't want to open my fcking webbrowser anytime i need a password or want to edit some credentials.

And they simply don't have one. I gave it as feedback and they say it's on their roadmap. I said they should take 1passwords desktop as inspiration as it works so fcking good; I really love that floating quick search that you can summon with a keycombo.
Any strong reasons to switch from KeePassXC?
Tempting. I've been using Bitwarden for awhile now and it's been fantastic. I am not sure I need to switch.
Proton is starting to loose focus in my opinion. I've been a costumer for 5 years only using email and I moved this year to fastmail and I couldn't be happier. Unlimited emails alias, good apps, ability to use thunderbird without a self hosted bridge.

The promise of a encrypted email does not work if your contacts are not on proton too (for me was 100% of my contacts).

If you are really focused on privacy you would choose nextcloud for cloud for example and keypass or Bitwarden for password managers.

I would like them to focus on email client features and stop this side hustles.
- Proton's whole reason to exist is to provide privacy, not email client features.
- I hear what you're saying but Nextcloud is definitely not a viable option for reliable backups. Wayyyy too buggy to trust
  
  Certainly way too buggy if you're selfhosting. At least that was my experience. And if you're not, the privacy component really goes away.
I’m a faithful Bitwarden user. No need to switch
I’m all for open source alternatives to bitwarden but this is non competitive with a mandatory subscription fee. Bitwarden is completely free for most users.
- I thought the same thing but it actually does have a limited free plan. Seems like, similar to BW, it restricts 2FA behind the pass, but also with the pass you get unlimited hide-my-email aliases, multiple vaults to organize in (I don't know what this means), and eventually autofill credit cards.
  
  This is quite a bit more expensive than BW's paid plan though. Not sure what all differences it has to BW otherwise.
Has anyone tried it yet? Two downsides for me:

there's no desktop app

there's no Safari desktop extension (I know most people don't care about this)

It's also more expensive than Bitwarden even at €1/mth
I use keepassXC and Ive never had a problem with it, Is there anything different about Proton Pass?
Is it open source though?
- Here you go :)
  
  https://github.com/ProtonPass
If they're going to try to compete with Bitwarden they could at least offer 2FA for free instead of paywalling it as a feature. It was disappointing when Bitwarden did it, and it's even more disappointing with Proton - it's like failing an open book test.
- You shouldn't be using that feature anyway. Keeping your passwords and 2FA in the same place means you only have 1FA.
  
  It's mainly a difference in threat model. 2FA within a password manager is still 2FA for concerns of a website login being hacked by remote adversaries, which is the most important problem to solve.
  
  If you use 2FA within your password manager, you should still lock that outer-most password vault with 2FA from a separate device (like you said), which solves your password vault being hacked by remote adversaries. Optionally, you can then use aggressive idle-locking of your vault on your personal devices, in case they're stolen physically.
What does 2FA authenticator mean? Is it a vault to store your 2FA seeds?
- Permanently Deleted
- yeah, although using a password manager as a 2FA provider sort of negates the "2F" part.
  
  Depends. I use 1Password and let it store all my 2FA, because my 1Password login is secured with another 2FA.
2FA is a paid feature!
- Permanently Deleted
Goodbye LastPass (I'm aware I should have migrated already but I was holding out for this)
- The most important step a man can take. It's not the first one, is it? It's the next one. Always the next step.
- Oh my god you're still on Lastpass? RUN!
Permanently Deleted
- I think you log in with your proton account, that supports yubikeys for 2fa

You've viewed 36 comments.