Proton AG, a Swiss software developer known for its privacy-focused products, has announced the global availability of Proton Pass, an open-source and free-to-use password manager. This new addition to Proton’s portfolio is available as a browser extension or mobile app on Android and iOS, and it offers users a secure, end-to-end encrypted vault to store their passwords and notes.
Table of Contents
What Makes Proton Pass Stand Out?
Proton Pass is not just another password manager. It offers unique features that set it apart from its competitors. One of these is the password generation functionality, a standard feature on all modern password managers.
However, Proton Pass takes it a step further by enabling users to create a “hide-my-email alias.” This randomly generated email address acts as a relay point between the online service and your actual email account, preventing service providers from identifying or tracking you.
This email forwarding system was first introduced in Proton Mail in January 2022, filtering out marketing trackers and other hidden tags before the message reaches your primary inbox.
These email aliases also limit the repercussions of data breaches, as the email address exposed in these cases will be unique to your account at a website, making them useless to hackers to use in credential stuffing attacks.
Another element that differentiates Proton Pass from other free password managers is the use of strong bcrypt password hashing (instead of problematic PBKDF2 implementations) and a hardened implementation of Secure Remote Password (SRP) for authentication.
Contrary to other password managers that only encrypt the password field, Proton Pass encrypts everything, including the username, web address, and any other data the user saves on each item.
Looking to increase your Productivity ? Check out our list of the Top 10 Must-Have Open Source Android Apps for Productivity
Security and Privacy
Proton emphasizes its “privacy-friendly” Swiss jurisdiction as an advantage over other products, implying that Swiss law enforcement authorities will only request user data reviews from the company in verified instances of illegal activity.
The vendor’s assurances on the robust security architecture will soon be verified by independent auditors at Cure53, who are currently examining the software’s code for weaknesses. Proton Pass also uses an open-source, auditable design so anyone can verify the security of the platform.
Proton is planning to release the reports from independent security audits. The company plans to open source Proton Pass so that security experts can verify the security model. There will be security audits, security reports, and a bug bounty program as well.
Limitations and Pricing
The free version of Proton Pass gives users unlimited logins and encrypted notes but only provides ten hide-my-email aliases and only 2FA autofill for 3 logins.
For unlimited 2FA and private email addresses, users must pay for Proton Pass Plus, which costs $1/month (annual charge) until the end of July 2023. After that date, the product will have a regular price of $3.99.
Subscribers to Proton Unlimited, Business, Visionary, or Family plans, will get the premium version of Proton Pass without an additional charge.
The Proton Pass Plus option comes with unlimited hide-my-email addresses. Also important is 2FA authentication, which the Free option doesn’t cover.
Support for multiple vaults and autofill credit cards are two reasons to upgrade the Plus. These features are a must-have service from password managers in my opinion. Sadly, Proton Pass doesn’t have it yet, but it’ll be available via a future update.
Check out other Proton Pass alternatives for Android in our list of the TOP 5 Best Open Source Password Managers on Android
In conclusion, Proton Pass is a solid password manager that offers a unique blend of security, privacy, and convenience. While it may not have all the bells and whistles of some other password managers, its focus on end-to-end encryption and privacy features make it a compelling choice for users who prioritize these aspects.
The free version is a great starting point for those who want to try out the service, but the Plus version, with its additional features and unlimited hide-my-email aliases, is worth considering for those who want a more comprehensive solution.
The Proton team has promised to release desktop versions of Proton Pass for Windows and macOS, but these are unavailable at this time. For now, the password manager is available to download as an app for the Android and iOS platforms and the Chrome, Firefox, Edge, and Brave web browsers as an extension.
Overall, Proton Pass doesn’t have all the bells and whistles of 1Password, but it’s a solid password manager. A native desktop app would be nice. Credit card autofilling would be useful too. But the basic version of Proton Pass is free with support for multiple devices.
If you are using Proton Mail as your main email address, Proton Pass could be particularly compelling, as the email alias feature integrates seamlessly with your Proton Mail email address.
Proton Pass could also quickly become a way to attract new users to the Proton ecosystem with its free offering. The company recently surpassed 100 million user accounts.
Those interested in seeing Proton Pass’ source code may view it from the project’s GitHub repository. This transparency is a testament to Proton’s commitment to security and privacy, and it allows users and security experts alike to verify the robustness of Proton Pass’ security architecture.