Proton Pass is an open source, end-to-end encrypted password manager app. Create and store passwords, email aliases, 2FA codes, and notes on all your devices
If they’re going to try to compete with Bitwarden they could at least offer 2FA for free instead of paywalling it as a feature. It was disappointing when Bitwarden did it, and it’s even more disappointing with Proton - it’s like failing an open book test.
It’s mainly a difference in threat model. 2FA within a password manager is still 2FA for concerns of a website login being hacked by remote adversaries, which is the most important problem to solve.
If you use 2FA within your password manager, you should still lock that outer-most password vault with 2FA from a separate device (like you said), which solves your password vault being hacked by remote adversaries. Optionally, you can then use aggressive idle-locking of your vault on your personal devices, in case they’re stolen physically.
If they’re going to try to compete with Bitwarden they could at least offer 2FA for free instead of paywalling it as a feature. It was disappointing when Bitwarden did it, and it’s even more disappointing with Proton - it’s like failing an open book test.
You shouldn’t be using that feature anyway. Keeping your passwords and 2FA in the same place means you only have 1FA.
It’s mainly a difference in threat model. 2FA within a password manager is still 2FA for concerns of a website login being hacked by remote adversaries, which is the most important problem to solve.
If you use 2FA within your password manager, you should still lock that outer-most password vault with 2FA from a separate device (like you said), which solves your password vault being hacked by remote adversaries. Optionally, you can then use aggressive idle-locking of your vault on your personal devices, in case they’re stolen physically.