The company behind Proton Mail, Proton, has launched a new password manager called Proton Pass. The service will eventually be free for everyone to use, but for now, only Proton’s Lifetime and Visionary users can use it as a test.
Proton Pass, like all of Proton’s other goods, uses end-to-end encryption (E2EE) to keep your personal information safe from prying eyes, including those of Proton and third parties. You can store your usernames, passwords, and notes. You can also add any randomly created email aliases that you can use instead of your real address.
The new password manager from Proton uses E2EE not only to your passwords, but also to your usernames, web addresses, and all the other fields related to your login information.
In a blog post about the service’s security model, Proton says that “all cryptographic operations, including key generation and data encryption, happen locally on your device.” Even if a third party asks Proton to do so, Proton says it can’t decrypt the data.
Today we're launching the Proton Pass beta.
With Pass, we're applying our privacy and encryption knowledge to a service that many of you have asked for.
Later on, Proton Pass will become a free password manager for all Proton users. Learn more here: https://t.co/9V4FlSWaYh pic.twitter.com/tkLl7SZN5S
— Proton (@ProtonPrivacy) April 20, 2023
This kind of “zero-knowledge” security model is advertised by other famous password managers, like 1Password and LastPass, the latter of which had a major data breach last year.
After hackers stole LastPass’s source code and encrypted password vaults, security experts criticized the company’s response. For example, researcher Jeremi Gosney said, “LastPass’s claim of ‘zero knowledge’ is a bald-faced lie, and it has about as much knowledge as a password manager can get away with.”
In a blog post, Proton founder Andy Yen says, “Protecting your passwords well requires a high level of skill with encryption and security, which few organizations have.”
“We’ve always been worried about the risk posed by a major password manager breach. Unfortunately, with the recent hack of LastPass, that risk became a reality.”
A little over a year after Proton bought SimpleLogin, a tool that lets users send private emails, the company has made a new password manager.
Yen says that this deal made it easier for the company to “develop a new password manager without affecting work on other Proton services.” He also says that it should help reduce the risks of using an insecure password manager with Proton’s products.
When Proton’s password manager is released to the public, it will be open source. Proton is also giving up to $10,000 in rewards to security researchers who find flaws in Proton Pass or any of its other products.
The password manager is currently available on desktop, Android, and iOS, and as a browser extension for Brave, Google Chrome, and Firefox is coming soon. It’s not clear if Proton Pass will allow passkeys yet, and the company didn’t answer The Verge’s request for more information right away.
Read More:
Ways Parents Can Help Their Children Break Free From Technology Addiction
CNBC Says The Pixel Fold Will Come Out In June and Cost More than $1,700.
The Apple AR Headset Will Work Right Out Of the Box with Books, Face Time, and Everything Else.
