this post was submitted on 06 May 2024
124 points (95.6% liked)

Proton

5318 readers
39 users here now

Empowering you to choose a better internet where privacy is the default. Protect yourself online with Proton Mail, Proton VPN, Proton Calendar, Proton Drive. Proton Pass and SimpleLogin.

Proton Mail is the world's largest secure email provider. Swiss, end-to-end encrypted, private, and free.

Proton VPN is the world’s only open-source, publicly audited, unlimited and free VPN. Swiss-based, no-ads, and no-logs.

Proton Calendar is the world's first end-to-end encrypted calendar that allows you to keep your life private.

Proton Drive is a free end-to-end encrypted cloud storage that allows you to securely backup and share your files. It's open source, publicly audited, and Swiss-based.

Proton Pass Proton Pass is a free and open-source password manager which brings a higher level of security with rigorous end-to-end encryption of all data (including usernames, URLs, notes, and more) and email alias support.

SimpleLogin lets you send and receive emails anonymously via easily-generated unique email aliases.

founded 1 year ago
MODERATORS
 

from the team:


Hi everyone,

We’re happy to announce that the 2nd highest-voted feature request is rolling out this week — Proton Pass Monitor.

Proton Pass Monitor keeps your data safe with dark web monitoring, checking for weak and reused passwords, scanning for accounts with inactive 2FA, and providing easy access to Proton Sentinel.

You can also check out the following support articles:

https://proton.me/support/what-is-pass-monitor https://proton.me/support/how-to-use-pass-monitor

Let us know what you think! As always, we appreciate your support and feedback.

— Proton Team

P.S. We also want to give a huge shoutout to u/Alfondorion who (along with many others) suggested the name.

It may take a little time for Proton Pass Monitor to become available on all platforms, thanks for your patience!

top 17 comments
sorted by: hot top controversial new old
[–] reallyzen@lemmy.ml 17 points 6 months ago (1 children)

I guess the 1st highest-voted feature request is a Linux client for Proton Drive?

[–] fluckx@lemmy.world 7 points 6 months ago* (last edited 6 months ago)

Pretty sure a Linux client for proton drive isn't on the protonpass roadmap :)

Edit: sorry that seems to come off quite bitter/sarcastic. It was meant as a lighthearted joke. I assumed its the second most requested feature on protonpass rather than proton in general. But I could be wrong.

[–] JackGreenEarth@lemm.ee 10 points 6 months ago (1 children)

Inaccurate advertising, I don't get boxes popping out from the screen on my phone when using the app /s

[–] RGB3x3@lemmy.world 6 points 6 months ago* (last edited 6 months ago)

Just put on your 3D glasses ^^and ^^take ^^some ^^lsd

[–] akilou@sh.itjust.works 7 points 6 months ago (2 children)

How does Proton decide if a password is weak or not? About half (361 of 678) are considered weak, and I used either Bitwarden or Proton Pass itself to generate a random one. A bunch of the ones I've spot checked have upper, lower, numbers, and symbols and they're still getting flagged as weak. I wish there were a more granular scale because I'd be happy to change the passwords that are truly weak but I'm not going to change hundreds of passwords to a different random string.

[–] retro@infosec.pub 4 points 6 months ago (1 children)

Proton defines Strong as at least 75 bits of entropy and over 100 bits is recommended. May have soemthing to do with that

[–] akilou@sh.itjust.works 1 points 6 months ago (1 children)

They should either have more tiers or let you sort by entropy so I can focus on changing the least secure ones first

[–] retro@infosec.pub 2 points 6 months ago (1 children)

The tiers are vulnerable, weak and strong. Change the vulnerable ones first then the weak passwords

[–] akilou@sh.itjust.works 1 points 6 months ago

Yeah, but I have zero vulnerable and hundreds of weak. And like I said the "weak" ones were auto generated anyway.

[–] ChiefGhost295@lemmy.one 1 points 6 months ago

If something is weak, it is Proton's knowledge of password strength. For example, they call a 16-character password without special characters "weak," which has around 95 bits of entropy, so this doesn't make sense. They also overemphasize the role of special characters in passwords, as just increasing the password length by a single character would add more entropy than enabling special characters. Furthermore, many of Proton's articles regarding password strength contain a lot of misinformation. This one talking about password entropy might be their worst yet. You cannot seriously claim that a single word, "Bankruptcies," has 68.4 bits of entropy, which also isn't the only inaccurate claim that the article makes.

[–] Yeno@lemmy.world 7 points 6 months ago

Awesome addition, thank you for this.

[–] akilou@sh.itjust.works 5 points 6 months ago* (last edited 6 months ago)

This is awesome! I have access to it now and the "reused passwords" feature is helping me find duplicates. For example, some login credentials are for a website, some are for the same app as the website but they appear in Pass as separate. So cleaning those out is super easy now.

Edit: omg there are so many duplicates! A lot of them are also associated with "different" sites and display as two unique logins, but the two sites differ by http vs https.

[–] HKayn@dormi.zone 3 points 6 months ago

Thank you for mirroring Proton's announcements here on Lemmy!

[–] independantiste@sh.itjust.works 1 points 6 months ago* (last edited 6 months ago)

The Proton Pass team are really pushing out updates recently, love to see it!

[–] Bluefalcon@discuss.tchncs.de 1 points 6 months ago

Please make it easy to import expressVPN passwords

[–] Luci@lemmy.ca 0 points 6 months ago

Stop being so awesome Proton!!!

[–] GreenEngineering3475@lemmy.world -2 points 6 months ago

Great work, Proton.