Proton pass

Guys I use proton mail and proton pass but the issue I have is that how can I have a secure password for proton mail with 2fa if I use proton pass? If I have a less difficult password then I am lowering my security and If I want to have a 2fa (with local encrypted file) then I have to save it on some secure cloud, which for me is proton drive or mega then again I have those passwords saved in proton pass so I would have to login to proton pass first, If I lower password of those apps then again it risks security. ( I am sorry I am so confused). Please help!

  • ULS@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    10 months ago

    Password manager inception. Sign up for last pass, and bitwarden, and Google auth and Ms auth. Get a burner phone and rotate and change passwords monthly.

    …sorry for my useless post.

  • orsetto@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    0
    ·
    10 months ago

    Best thing you can do is learn a very strong and complex password to use for your proton account, that’s what I did.

    It takes a bit of time but eventually you’ll learn to type it in fast.

      • Evkob@lemmy.ca
        link
        fedilink
        arrow-up
        0
        ·
        10 months ago

        Okay yeah I’ll admit that’s pretty bad, haha. The only password I actually know nowadays is the passphrase to my Keepass database, which clocks in at 40 characters. I rarely say this to people, but have you considered a shorter password? :P

        • Lauch@feddit.de
          link
          fedilink
          arrow-up
          0
          ·
          10 months ago

          I don’t even know my master password :D I use some script to generate it and I just copy+paste it.

  • CapillaryUpgrade@lemmy.sdf.org
    link
    fedilink
    arrow-up
    0
    ·
    10 months ago

    Use a passphrase (not a password) and a physical security key, like a yubikey. It also supports TOTP or whatever 2fa Proton uses, you just connect it with a laptop or phone and it gives you a key.

    A physical key is much more secure than 2fa from a password manager (although both are probably fine)

  • governorkeagan@lemdro.id
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 months ago

    I use all of Proton’s products as well. I’ve found a Yubikey works best for the 2FA codes. I’m also working on having a backup password manager

    • Kayn@dormi.zone
      link
      fedilink
      arrow-up
      0
      ·
      10 months ago

      Sorry if it’s a dumb question, but why not just change your account password to something you’d use for a pass database?

  • Lauch@feddit.de
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 months ago

    In my opinion the centralization of all your data and secrets to one single company is itself a security risk. When I realized that, I completely stopped using proton. I see 2 main issues with using all-proton: 1. they could turn evil (like a lot of big companies do) 2. They can have exploits which then can effect all your data / secrets. I switched to have a different company for each service and I don’t really pay more than what I would have to pay proton to get the same things.