With Proton Pass, a new password manager is available in a beta version. The tool comes from the Swiss developers of the end-to-end encrypted e-mail service Proton Mail. The new password manager also wants to shine with complete end-to-end encryption of all input fields, not just the password field.
Proton Pass is the result of the acquisition of the anonymization service SimpleLogin last year Announcement blog post. Proton Pass is “perhaps the first (password manager) built by a dedicated encryption and privacy company.” This leads to “noticeable differences” in security technology: while the competition usually only encrypts the password field, Proton Pass uses the same security technology for all fields. After all, you can already draw many conclusions about the person behind the meta information, for example, on which websites user accounts are maintained.
Under the hood
Technically, Proton Pass uses bcrypt password hashing and a hardened implementation of Secure Remote Password (SRP) for authentication. It is also one of the first password managers to support two-factor authentication (2FA). Proton Pass will be open source at launch.
Initially, the Proton Pass beta will be available to Lifetime and Visionary group users. The password manager works initially on iOS, Android and desktop systems – there are browser extensions for Brave and Chrome. According to Proton in the blog post, Mozilla was not able to release the extension in time. Proton wants to send out invitations to beta users starting next week. The general availability of Proton Pass is planned “later this year”. Recently, popular competitor 1Password made headlines for increasingly pushing its users into the cloud.
(jvo)