Proton announced another service yesterday: a password manager. This brought up again the discussion that many find it dangerous to use the same login data for their mails, calendar, contacts, cloud data, VPN service and now all their passwords. Two-password mode is possible but not very comfortable.
I’m most critical of this because of VPN, where you log in on many devices, some of which are old and insecure. Therefore, it would be nice if there would be a possibility to set other login data there. A solution could be that you could generate one time login data in your Proton account, at least for VPN verification where no data needs to get decrypted through your password.
App passwords are a thing as well when you use encryption on your account. Your main password is only used on safe devices, and you generate an app password to use on non-encrypted apps. They could add this on the Proton VPN app.
This would add another layer of security to your account, since in case of a breach they won’t have access to your account data outside of the app and you could disallow access for that password with a simple click.
The particularly spooky thing is the VPN login doesn’t even prompt for 2FA
Proton recommends you use different Proton accounts, but I think this solution is messy.
Indeed, some people are already using two different Proton accounts, one for Proton Mail and one for Proton VPN. It is probably not something the average user will want to do, but certainly possible for those that have this need in their threat model.
- Source
You can if you elect you use not the official ProtonVPN app but an OpenVPN or Wireguard app and download the configs from your ProtonVPN settings on the website.
With OpenVPN you’ll have to use the provided username and password. If these are ever compromised, you can regenerate new credentials.
With Wireguard when you generate the config, it shows you the private key that is not stored on their servers and is only shown once. It is up to you to keep that private key safe. If it is ever compromised you can revoke the certificate corresponding to the key and it will no longer be valid.
I already had a lot of discussions with the ProtonMail customer support about this (I am rather one of the more annoying customers in this regard) and after a lot of back and forth they made it quite clear that we won’t get this feature out of fear from password sharing. The only response you will ever get from ProtonMail about this is that when you want full security you will have to pay more for an second account. The plan with ProtonMail and ProtonVPN combined is more or less an budget plan for people who do not need/want high security.
hmm… I use a long Random Passwort and a Yubikey for Proton and i feel myself safe.
You can set up 2 password mode, where you have one password for auth and one for encryption. That should address this issue.
it’s totally unacceptable that a paying customer has to use same password for 2 products. should not even be an option.
You can. Enable the double password feature.
I’m very much hoping they implement this line with Proton Bridge. Once you sign into Bridge, the system generates another password for you to use with your mail client setup.
Proton VPN does the same for at least one protocol, also generating another use ID you can use for setting up any VPN access outside their client, so they’ve got existing templates for safer access to work with already. A mail account setting that provides such or allows for custom password for accessing Pass would be solid in my opinion.
I messaged them about that a while back, and the response was that VPN doesn’t contain any of your data, so there isn’t anything being exposed. Which kind of makes sense to me, so I’m not too worried about it.
This is expensive and you’ll not get the benefit of the one that has both services available in one package… 
That is a kind of a let down recommendation.
The account sharing reasoning doesn’t make much sense to me since if that were ones goal, they could just create various WireGuard profiles and share them with others…
Yeah. I have a random password and 2FA (granted a different app) so I feel ok.
This is just for protonmail iirc,
The 2nd password would be to decrypt the inbox after logging in.
While SL can have it. You can still use the PM pass to login with login with proton. Would be great if you can lock the login method while being link to your subscription.
Using an own VPN client isn’t really an accepted alternative.
yes, which means i can use one password for VPN and one for Inbox.
That is a kind of a let down recommendation.