Proton just launched a new password manager, and it looks to be pretty feature-rich and quite polished. It's great seeing another password manager option from a trusted organization!

It's not likely to pull me away from Bitwarden (and I did just migrate away from Proton's services two weeks ago), but options are good.

proton.me/pass

Follow

@john_b
I also like to diversify my security products. Even though I love bitwarden, I still like having my MFA tokens generated by a separate app (Aegis).

Putting your eggs in one basket means you are putting all your trust in that basket to keep you safe.

@john_b
I'm curious why you migrated away from Proton services and where you ended up?

I've had a protonmail account since they first started up, but never upgraded to a paid plan.

@voltronic Basically because the premise of Protonmail (the only service of theirs that I really used) is kind of flawed in real-world practice. Email just isn't secure, even if you're encrypting the message content (which I honestly only had a chance to do a handful of times in my 5 years with PM). There are better ways to securely transmit messages without problematic metadata complications (hi, SimpleX!).

Plus the PM app and web UI are dated and had me missing features.

(1/2)

@voltronic I moved to FastMail, which costs about half of what I was paying for PM while providing way more storage, significantly better apps, tons of useful features (like snoozing messages! oh how I've missed that!), and did I mention better apps?

The service is also fast (as advertised), the migration process was completely painless, and I'm just quite happy with the move.

I still have immense respect for what Proton stands for, but using apps which felt 10+ years old wasn't fun.

(2/2)

@john_b
Thanks, I might have to check out FastMail.

The UI/UX of ProtonMail has bothered me too. If they really want to get people to migrate away from Google, then it should be as easy to use.

@voltronic Yep!

The only MFA tokens I have in Bitwarden are for accounts shared with my wife; otherwise, she'd never use MFA :facepalm:

All the MFA tokens for my personal accounts are stored on a Yubikey (well, two Yubikeys - one stays in a locked fire safe just in case) with the Yubico Authenticator app. (Storing the tokens on external hardware is also really nice when you change phones as often as I do.)

@voltronic @john_b

I'm same keep 2fa & passwords separate in different apps/services

set up that proton pass though for one device you get a 7day trial then can upgrade to keep all pass features for $12, $1 a month,(charged annually 80% off right now)or $4.99 a month which is pretty okay pricing for the pass service alone if you need all the features - free plan also unlimited logins & notes & devices 10 hide email aliases

proton unlimited also on offer 17% discount for all proton services

@voltronic @john_b

downside though absence of a nice web interface, such as what you have for Proton Mail, Proton Drive you have to either install an app or browser extension to use it

@ecksmc
Since you mentioned email aliases, I should endorse SimpleLogin. Bitwarden bought them not long ago, and this is where it gets cool. You're only supposed to have a small number of email aliases allowed for the free SimpleLogin account. But I've found a way around that.

Log into both services and generate an API key in SimpleLogin. Now in Bitwarden, you add a new account and generate a new Username for an account. Under Service, specify SimpleLogin and plug in the API key.

@john_b

@ecksmc
Now when you go look in your SimpleLogin account and view all of your aliases, you'll find that a new one has been created even if you have exceeded your allowed max.

@john_b

@voltronic Sneaky - I like it!

My approach is to set up catch-all forwarding on a couple of my spare domains via Cloudflare. I can process those with Email Workers in CF if needed, or otherwise just forward them to my Fastmail inbox (with a special label). This way I can easily create a unique email address for every login - though of course I miss out on being able to reply from any of those "aliased" addresses.

@ecksmc

@john_b @voltronic

personally i don't bother with email aliases

gmail, protonmail, tutanota are my three i use

used aliases in past though these days i don't sign up for as much stuff or register for new platforms as much as i used to

always handy to hear new methods/tips though 👍

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.