Which password manager do you use and why? If you're looking to make the switch, you can follow me over to Proton Pass here: www.allthingssecured.com/yt/proton-pass
The advantage of not having an auto click is that you can add extra characters that are not stored in your password manager, just in case it gets compromised
@@Trancer006 As I understand it, Proton Pass inserts the password's first part and you add the second part yourself. That way not even if PP is compromised would the true password be exposed. But you have to always remember the second part. I have to say it removes the simplicity of a password manager to some degree.
Yep, I like that idea and feature, too. Let alone I like the pause where I have to click to continue, to confirm where I'm at, and what I'm doing when logging into a site.
I'm fairly new to Proton Mail, and just started using their VPN. I'm not as tech savvy so my progress is slow. Having been a Dashlane user for several years, I'm hesitant to try learning to use a new password manager. Slow and steady for me. I'm 74 btw, and enjoy learning new things. Great video, thank you so much!
@@p7w5jThey recently made native apps, I think the android one is still in beta but will be out shortly so that’s gonna improve it greatly (the ios one is already out and is extremely fast)
@@p7w5j I run android and bitwarden, no issues at all with fill speed. In fact, same as I had with 1password, nordpass, and lastpass when I tested those. Just recently made the switch last month, and I certainly wouldn't have switched over to bitwarden if it had slow fill speed.
@@p7w5j The only thing I can think of that you might be having issues with is unlocking the vault, and that would be due to how you set up the vault encryption. If you set the encryption level to something absurdly high, it could take a phone 30 seconds to decrypt it and unlock your vault.
I’ve been using proton since it first came out last year. I loved the integration with simple login. When I switched, I took a lot of time going through every online account I have and changing the email address to an alias. Now I don’t use my real email with anyone except family and friends. Plus, I like that I can sort all of those alias emails into a specific folder and mark them as read so I don’t get notifications for every email.
In the Apple ecosystem, Apple Passwords ticks a lot of boxes. 2FA, Passkeys, hardware backed (Secure Enclave), dedicated Desktop & Mobile App, even third-party browsers extensions now (even though using Safari is my primary choice). And it’s free and synced across all your Apple devices…
Maybe you have addressed this in the past 1) Why not bitwarden? Besides that it's not part of a the proton suite. 2) How good of an idea is to put all yours eggs in one basket. I would probably prefer, a different services for password manager, mail, documents and 2FA. 3) Extra to 2, isn't it a bad idea to put your 2FA keys in the password manager? Didn't you just do a minus one on the factors? Isn't the whole point to make sure that if the credentials (knowledge, location etc) is compromised, there is still a barrier to protect entry?
Excellent questions. Allow me to try to answer: 1. I like Bitwarden, but it just never appealed to me when I tested it. I still rate it as the best, so it’s purely preference. 2. This all eggs in one basket is one reason I took so long to switch. The extra password was very important to me. Also, Proton Mail and Proton Pass don’t even come close to being “all my eggs”…for what it’s worth. 3. True, to a degree. I covered this in an earlier video explaining my login security strategy that I think you’d enjoy: ruclips.net/video/XOvapxmgPjc/видео.htmlsi=JZ59NENjXCS-yxU0
I would definitely switch when proton pass finally supports ssh agents in the command line the same way 1password does. I wouldn't even hesitate, but because I depend on it in my day to day basis as a programmer, I will stick to 1password for now.
I really like Proton, use their email, drive and calendar but still using Bitwarden. I think I will continue to do so, not keeping all my eggs in one basket mentality.
@darrenjosephgregory I am curious, do you also use different devices to access your different applications? If one of your devices is exploited then the attacker likely has access to all applications accessed through that device.
@@Lupinicus1664 I guess the answer to your question is 'it depends' I use desktop, ipad and an android phone, some applications or sites I will use all three to access others only the desktop and I use a Yubikey to secure all three.
I discover your youtube channel few weeks ago. I'm from Belgium (the french part of the country) and really enjoy the content and how your english is easy to understand (for me). The animations features really help to understand the technical stuffs or keep things organized. So just for that really thank you for your job ! BTW, I'm a dashlane user for few years now but the alias feature of Proton and your pedagogy really convinced me to switch to this Proton environnement !
I’m a big fan of Proton as a company, but I have a small concern. Having everything under one company, like emails, files, passwords, 2FA, and more, might not be as secure as having each of these things in its own separate place. That way, if one thing gets compromised, the others won’t be affected. Or maybe I’m just being too cautious, lol.
It’s a valid concern. That’s why it was so important for me to have the extra password for Pass that separates its encryption from the rest of the products.
I've been using proton pass (especially aliases) for almost 6 months now and it's worth all the money that it asks. Feature rich and appealing look in interface.
Using Proton Pass for a while and I am really happy with it. It works seamlessly on Windows, iOS, iPadOS and Linux, so all OS I use for business and private.
as owning my data (as in on hardware that i control) is rather important to me, i do use Bitwarden in a self hosted way. though, i would use Keypass instead if the syncing between like 5+ devices across all plattforms wouldn't be so user unfriendly (without cloud or 3rd party service). so for now i'm just sticking with bitwarden, till something better appears that ticks the box of: owning data & ease of use across multiple devices. i only use Proton for VPN and email related things, which includes the alias feature from pass. but i do love what proton generally does.
Okay, I watched your video, and I learned alot. Yes, Proton Pass looks incredible. I just created an account, and I am trying to learn it. I learn the Multiple Vault capabilities. Impressive !!!
I also use the two password mode for my proton account if you don’t mind the minor inconvenience I feel the adds a lot of extra security, especially if you keep a lot of sensitive data in your proton account. And when I say two password mode, I do not mean the extra password on Proton Pass. There is a two password mode in the settings of your proton account that you can enable, but I would only suggest doing it if you know what you’re doing and are very careful.
@@AllThingsSecured I would just be careful not to lock yourself out of your account. It is a bit overkill for most people, but I think if we’re gonna keep all our eggs in one basket, it should be a very secure basket.
I can see where some may not want that auto-click as without auto-click, one could add a suffix to the password before clicking continue. It would be useful if you share the password manager or if the password manager ever got breached.
@@AllThingsSecured The file downloads but is in plain text ( like a csv file. when you import to the other program ..isn't that a risk doing it that way? I know all of them do it that way. It would be nice if you could put your own password on the csv before and then when you uploaded it you could use the same password in order to upload.
Hi! Proton Pass lacks the three significant missing features mentioned in your video, but others like identities, software licenses, SSH keys, and a few more. It's not a real competitor for 1Password. Cheers!
I agree that 1Password has the best user experience and is the most polished product but I hope to switch to Proton Pass as soon as a few of the missing features like SSH keys or CLI integration are implemented, as 1Password Family has a huge flaw. As a Family admin I'm able to delete the accounts of other Family member and I'm able to see the content of all vaults if I want to (besides the private vaults, which I could still delete altogether with the whole account of a person). This issue is known to 1Password for years now, but unfortunately they don't care as it's (probably) just easier to relabel their business solution and market it as a Family account. Families are not businesses. A well implemented family account should prevent abuse of power, it should not rely on trust. Bitwarden and Proton Pass did a much better job in this regard.
I won't use Proton Pass for the same reason I won't use Apple Passwords: It's all one big account. Not only is this less secure (yes Proton has a way of dealing with it), it also means one company has power over all my important data. One thing goes wrong and they can lock me out of everything. Especially email and passwords I want to have separate from each other for that reason.
It is very good. It is a local PW manager, so the user is responsible for the upkeep and backups. There is a heavy learning curve compared to cloud based PW managers
KeePass (Windows only) is *really* good (and KeePassXC is the cross-platform version, so works in Linux, Windows, and Android). Secure (obviously); no subscription (it's free and open source), and no third parties. It's up to you to keep it safe. For me, the easiest way is to keep my primary KeePassXC file in Dropbox. Every device has KPXC and syncs to that. The biggest limitation is there's a bit of a learning curve but honestly, nothing stupid.
Works great on desktop, and I used it for years as I really loved being in control of my own password archive. However, on mobile, it's _terrible_... there are multiple different apps, all with varying degrees of janky UI and janky setup of syncing with wherever you're storing your password archive. So, when I wanted to help my family to stop re-using passwords, making up their own short and terrible ones, and writing them down on paper, I realized KeePass is just not the solution. I went with a family subscription of 1Password, which I do not regret. Especially as a software developer now that the desktop client includes an SSH Agent as well, which means I can use 1Password to authenticate with code repositories and sign code changes.
i pay proton, i have used proton for a long time, i use aliases, i love it. However I am not going to leave 1password. proton pass is not even close to 1password. And no attachment, no proton pass, No attachments = no go.
Sorry but I hate the auto-login feature. I feel I'm not in control, I have disabled it from 1Password. The same way I hate when you download a PDF file on Firefox and after that it just opens it in the browser (or with Acrobat Reader when you are on Windows). I always feel I've being hacked or just vulnerable because I could not check it before. As I have heard time ago: "more comfort, less security".
I've never had the experience of a downloaded PDF opening automatically. I've always had to click on the download after it is complete and that's always been the default behaviour on all the browsers I've used.
Thanks for this video. However, let me know what is the actual difference to 1Password? Why change to Proton? If you want to use Proton with the same features as available in 1Password, you also have to go for the payed plan and then the price is more or less the same. Feature like 1Password is still more advanced. So please tell me, what is the reason to change?
It seems that Proton pass is not as user friendly as 1Pass (Can't speak for Bitwarden). PP doesnt seems to have Keyboard shortcuts yet, Quick access, Offline mode with the 2 password mode (Seems like it should be important) and some UI limitations. On the security side, yes, 2 passwords is a major feature that makes the other password manager look subpar. Is it enough to switch though ?
If you're salting your passwords (as you yourself recommended) then auto-login is not a wanted feature but I suppose it would be nice if they offered the option to toggle it on for those that don't salt their passwords.
Do you have any thoughts on the password manager that is coming from MEGA drive? I have both Proton and MEGA and am trying to determine which to switch to, if I switch from 1Password.
I really like Proton, but I can't justify moving anything else over to Proton until Drive gets proper linux support. In fact I'm going to downgrade to the free tier unless this changes...
I would also like to see file attachments added to protonpass. I'm used to not utilizing auto login feature so that doesn't bother me. I also love the integrated alias feature
do you mean you can actually save passkeys INTO a yubikey? Or just USE it as a passkey, someway? If the 1st case, how many passkeys you can save on a single key, how much memory do they have? thanks
Major gripe with proton, it's slow.. backing up your photos, mail folders/labels. And try using the proton apps while being on a VPN (not the proton VPN) glasswire for Android or tracker control. Doesn't work
So you need to know your Proton mail account in order to access your Proton vault? seems insecure if you ask me, yea sure you can set that 2nd password but what if you want a completely random password that you keep on your vault. This makes it impossible.
They're going to have to be stored on something generally accessible otherwise I can't access them from anywhere and every device. But I suppose if you're not willing to give your passwords to anybody then you don't even need passwords, because you'll never be willing to log in anywhere.
please compare pronto to bitwarden. and i still don't understand the point of passkeys given that hardware keys (yubikey) can do the job just fine. my opinion is that hardware keys are more secure and more versatile (think for use with a public computer at the library). i don't mind having to enter a password in addition to authenticating with the hardware key.
You can create customizable aliases on Proton like simplelogin? Also, i have one question offtopic but i need enlightment. About aliases, what about if a platform doesnt accept my proton aliases? Is true i need to create another email if i dont want to compromise my own domain (secret)?
If u got a virus on ur PC and have a password manager app or extension, wouldn’t u be super screwed? I haven’t ever installed one on my PC ever because I like to install mods for games and stuff so just to be extra safe I have nothing personal on there. Is that the way to go or would a password manager be safe from attack?
@ Well other than steam and Microsoft for windows/gamepass for cod, nope no logins. Oh and some streaming services. But they all have different passwords but guess they r a set and forget sorta thing so putting the password in once is all that’s needed. Guess I really don’t need to even have it on there ur right.
I used to use proton pass from the very beginning. I discontinued using it, because it doesn't support passkeys on my mac's Safari browser. It doesn't work at all, and I use passkeys a lot when tey to login. I have a lot of accounts (more than 20) with passkeys and I can't live without them. Also I use Safari and I don't want to switch to chrome/firefox just to access passkeys. So iCloud Keychain is still better than proton pass (I guess)
Have they fixed the defect that allows access to passwords if the device is already unlocked? With other password managers I have to re-authenticate to use a password even if the device is already unlocked.
How would you switch from apple keychain to 1password or Nord? Can they import all the passwords, and can you delete them all in one swoop in apple keychain? Also, I don’t like yubikey, have you reviewed Google titan? Thanks!
If you want to start a new conversation instead of replying, you have to log into your linked Simplelogin account, create a 'reverse alias', and send your email to that. Currently, this is not possible within the Proton Pass interface.
I think when you change password managers you are forced to change passwords on each service. Not that it is a bad thing using new passwords. However most allow you to export your passwords to a csv. Also I think it is obvious that the reason for the change is that you are no longer comfortable with the previous choice for a password manager, like Last Pass. The problem I have is that while it seems to be simple enough with an export and import of that csv file downloaded, it is also plain text csv when you download it. Maybe it is after the upload that you decide to change all your passwords once in the new system. Password managers should allow you to download your csv file with a password on it and then when you import it in the new password manager you could also then just supply the password. Just my thought...anything done in plain text is not a great way to do it unless in the new system you change all your passwords again. Guess I am not very trusting when it comes to the plain text download and upload. Most won't change their new passwords in the new password manager. People can be lazy about this process.
There's no need to change any passwords when switching password managers. The only place they ever exist in unencrypted form is on your machine and if that's compromised then it makes no difference whether you change passwords after changing managers.
how interesting that there are no instructions in any of the Proton Pass tutorials telling one how to migrate Apple Password to Proton Pass. One might think they would have worked OT on that one. I can find nothing.
I wanted to like Proton Pass, but it lost me as soon as I tried to do an import. In short, it's terrible. The limitations on what it can import (and I'm not including attachments) meant that it only imported about 40% of what I had in Bitwarden. Both 1Password and Enpass imported without any issues. The problem stems from the way Bitwarden stores information. For items that don't fit cleanly into one of Bitwarden's categories, information is stored as a note. Each note can have custom fields. Proton Pass does not import these...it only imports the item name--leaving a false sense of confidence that items imported. I even tried an exported 1Password file that was an import of Bitwarden. (Which had all of the information.) Same problem. Proton Fail. With that said, if the ONLY thing one keeps in solutions like this is login items, I suppose it's an adequate solution. But it's certainly not better than 1Password or Bitwarden.
Which password manager do you use and why? If you're looking to make the switch, you can follow me over to Proton Pass here: www.allthingssecured.com/yt/proton-pass
Bitwarden!!
@@bigdreams5554yeah me too.
Sticky password, been using it a long long time.
Bitwarden
1Password - bc of YOU!
I personally use Bitwarden and would have liked a more in depth comparison on proton pass vs bitwarden.
Thanks. Maybe someday. I haven’t used Bitwarden too extensively.
I too use bitwarden.....Please do comparison...
@@Brutus78rt23 Bitwarden is good. Just use it and don't dwell on this.
Same here
Bitwarden blows proton pass out the water. I used both before moving to bitwarden. I still use proton pass when they have updates on IOS for fun.
The advantage of not having an auto click is that you can add extra characters that are not stored in your password manager, just in case it gets compromised
True, and I do that often. That would be another advantage of no auto-submit.
this is what I use.. its called double-blind method. I use Proton Pass and then add my unique phrase at the end
Wait can somebody explain to me what this means?
@@Trancer006 As I understand it, Proton Pass inserts the password's first part and you add the second part yourself. That way not even if PP is compromised would the true password be exposed. But you have to always remember the second part.
I have to say it removes the simplicity of a password manager to some degree.
Yep, I like that idea and feature, too. Let alone I like the pause where I have to click to continue, to confirm where I'm at, and what I'm doing when logging into a site.
I'm fairly new to Proton Mail, and just started using their VPN. I'm not as tech savvy so my progress is slow. Having been a Dashlane user for several years, I'm hesitant to try learning to use a new password manager. Slow and steady for me. I'm 74 btw, and enjoy learning new things. Great video, thank you so much!
Bitwarden, i don't like combining all services in one account
That’s a great option as well.
bitwarden is sucks FOR PHONE, slow autofill basically who android experience is so fuging slow
@@p7w5jThey recently made native apps, I think the android one is still in beta but will be out shortly so that’s gonna improve it greatly (the ios one is already out and is extremely fast)
@@p7w5j I run android and bitwarden, no issues at all with fill speed. In fact, same as I had with 1password, nordpass, and lastpass when I tested those. Just recently made the switch last month, and I certainly wouldn't have switched over to bitwarden if it had slow fill speed.
@@p7w5j The only thing I can think of that you might be having issues with is unlocking the vault, and that would be due to how you set up the vault encryption. If you set the encryption level to something absurdly high, it could take a phone 30 seconds to decrypt it and unlock your vault.
I’ve been using proton since it first came out last year. I loved the integration with simple login. When I switched, I took a lot of time going through every online account I have and changing the email address to an alias. Now I don’t use my real email with anyone except family and friends. Plus, I like that I can sort all of those alias emails into a specific folder and mark them as read so I don’t get notifications for every email.
Using multiple OS’s, I moved to Proton Pass a while back and have been very satisfied with it. I do own the entire Proton suite.
Nice 👍🏻
I prefer Bitwarden honestly
That’s great. I know a lot people who use Bitwarden. It’s a great option.
In the Apple ecosystem, Apple Passwords ticks a lot of boxes. 2FA, Passkeys, hardware backed (Secure Enclave), dedicated Desktop & Mobile App, even third-party browsers extensions now (even though using Safari is my primary choice). And it’s free and synced across all your Apple devices…
Maybe you have addressed this in the past
1) Why not bitwarden? Besides that it's not part of a the proton suite.
2) How good of an idea is to put all yours eggs in one basket. I would probably prefer, a different services for password manager, mail, documents and 2FA.
3) Extra to 2, isn't it a bad idea to put your 2FA keys in the password manager? Didn't you just do a minus one on the factors? Isn't the whole point to make sure that if the credentials (knowledge, location etc) is compromised, there is still a barrier to protect entry?
Excellent questions. Allow me to try to answer:
1. I like Bitwarden, but it just never appealed to me when I tested it. I still rate it as the best, so it’s purely preference.
2. This all eggs in one basket is one reason I took so long to switch. The extra password was very important to me. Also, Proton Mail and Proton Pass don’t even come close to being “all my eggs”…for what it’s worth.
3. True, to a degree. I covered this in an earlier video explaining my login security strategy that I think you’d enjoy: ruclips.net/video/XOvapxmgPjc/видео.htmlsi=JZ59NENjXCS-yxU0
Proton also offers a two person package “Duo” which brought me back. Agree that the alias feature is a real winner.
👍🏻
My password manager of choice will be keepass. It's been around for a long time.
It’s good as well, but not the most mass-market user friendly.
@AllThingsSecured maybe not but it won't stop me from using it. I like your channel and i learned a lot from you.
@@AllThingsSecured Its less convenient for sure. But thats why (imo) its better. The more convenient something is, the less secure it is.
I would definitely switch when proton pass finally supports ssh agents in the command line the same way 1password does. I wouldn't even hesitate, but because I depend on it in my day to day basis as a programmer, I will stick to 1password for now.
Proton all the way. They just keep getting better too!
Agreed.
I really like Proton, use their email, drive and calendar but still using Bitwarden. I think I will continue to do so, not keeping all my eggs in one basket mentality.
@darrenjosephgregory I am curious, do you also use different devices to access your different applications? If one of your devices is exploited then the attacker likely has access to all applications accessed through that device.
Makes sense 👍🏻
@@Lupinicus1664 I guess the answer to your question is 'it depends' I use desktop, ipad and an android phone, some applications or sites I will use all three to access others only the desktop and I use a Yubikey to secure all three.
@@AllThingsSecured I am tempted by the aliases offered by proton pass though I would have to upgrade from Mail Plus to Unlimited.
1pasword still the best
I discover your youtube channel few weeks ago. I'm from Belgium (the french part of the country) and really enjoy the content and how your english is easy to understand (for me). The animations features really help to understand the technical stuffs or keep things organized. So just for that really thank you for your job !
BTW, I'm a dashlane user for few years now but the alias feature of Proton and your pedagogy really convinced me to switch to this Proton environnement !
I didn't know the Proton Ecosystem was that sophisticated; thanks for the update!
finally protonpass getting recognition, I hope they stay free
I’m sure it will.
Hey! Could you do a review of the safest home / office wi-fi camera/ surveillance system?
I’m a big fan of Proton as a company, but I have a small concern. Having everything under one company, like emails, files, passwords, 2FA, and more, might not be as secure as having each of these things in its own separate place. That way, if one thing gets compromised, the others won’t be affected. Or maybe I’m just being too cautious, lol.
imo a password manager is ultimately worthless unless it's self-hosted.
It’s a valid concern. That’s why it was so important for me to have the extra password for Pass that separates its encryption from the rest of the products.
I've been using proton pass (especially aliases) for almost 6 months now and it's worth all the money that it asks.
Feature rich and appealing look in interface.
Using Proton Pass for a while and I am really happy with it. It works seamlessly on Windows, iOS, iPadOS and Linux, so all OS I use for business and private.
Great!
as owning my data (as in on hardware that i control) is rather important to me, i do use Bitwarden in a self hosted way. though, i would use Keypass instead if the syncing between like 5+ devices across all plattforms wouldn't be so user unfriendly (without cloud or 3rd party service). so for now i'm just sticking with bitwarden, till something better appears that ticks the box of: owning data & ease of use across multiple devices.
i only use Proton for VPN and email related things, which includes the alias feature from pass. but i do love what proton generally does.
I love that you e thought this out and developed a strategy that works for you. Nice work 👍🏻
Okay, I watched your video, and I learned alot. Yes, Proton Pass looks incredible. I just created an account, and I am trying to learn it. I learn the Multiple Vault capabilities. Impressive !!!
Proton: Please enable Yubikey option to lock Proton Pass vault.
👍🏻
Uwielbiam ten kanał! 😊
I also use the two password mode for my proton account if you don’t mind the minor inconvenience I feel the adds a lot of extra security, especially if you keep a lot of sensitive data in your proton account. And when I say two password mode, I do not mean the extra password on Proton Pass. There is a two password mode in the settings of your proton account that you can enable, but I would only suggest doing it if you know what you’re doing and are very careful.
Thanks for the feedback 👍🏻
@@AllThingsSecured I would just be careful not to lock yourself out of your account. It is a bit overkill for most people, but I think if we’re gonna keep all our eggs in one basket, it should be a very secure basket.
Keepass/xc is a king...
So weird, I just made the switch yesterday and this video came out
Awesome 🙌
Other than email aliases and the suite, I don't see what proton pass has over 1pass. And I'd much rather have the privacy com credit card aliasing.
You're definitely right, there are some great features in 1Password.
Lol i was about to comment "have u heard of proton pass", then a 1 min into video saw you selected exactly that. I love Proton products
Ha! Yup 👍🏻
Thanks for adding actual captions for the Deaf
I can see where some may not want that auto-click as without auto-click, one could add a suffix to the password before clicking continue. It would be useful if you share the password manager or if the password manager ever got breached.
Good point. 👍🏻
Great video- I am curious....how did you import your passwords from 1password to Proton?
It’s an easy export/import process.
@@AllThingsSecured The file downloads but is in plain text ( like a csv file. when you import to the other program ..isn't that a risk doing it that way? I know all of them do it that way. It would be nice if you could put your own password on the csv before and then when you uploaded it you could use the same password in order to upload.
@@AllThingsSecured Does that include file attachments, TOTP codes, and so on?
Keepass, own your data, don't rely on someone else's server.
Keepass ftw
You make it sound like a big issue as it is, I would trust proton than an old dell laptop repurposed to a nas. Lose the bandwagon
It’s probably a lot easier to hack you
Did some testing today. I‘m missing the feature to unlock the password vault by Yubikey as the primary login (not as the second factor).
It would be interesting compare privacy/security of Windows , MacOS and Linux. Like Android vs IOS video.
Hi! Proton Pass lacks the three significant missing features mentioned in your video, but others like identities, software licenses, SSH keys, and a few more. It's not a real competitor for 1Password. Cheers!
I agree that 1Password has the best user experience and is the most polished product but I hope to switch to Proton Pass as soon as a few of the missing features like SSH keys or CLI integration are implemented, as 1Password Family has a huge flaw. As a Family admin I'm able to delete the accounts of other Family member and I'm able to see the content of all vaults if I want to (besides the private vaults, which I could still delete altogether with the whole account of a person). This issue is known to 1Password for years now, but unfortunately they don't care as it's (probably) just easier to relabel their business solution and market it as a Family account. Families are not businesses. A well implemented family account should prevent abuse of power, it should not rely on trust. Bitwarden and Proton Pass did a much better job in this regard.
I won't use Proton Pass for the same reason I won't use Apple Passwords: It's all one big account. Not only is this less secure (yes Proton has a way of dealing with it), it also means one company has power over all my important data. One thing goes wrong and they can lock me out of everything. Especially email and passwords I want to have separate from each other for that reason.
You never talked about Keepass? Is it any good?
Yea, it’s really good, but it just hasn’t been my cup of tea.
It is very good. It is a local PW manager, so the user is responsible for the upkeep and backups. There is a heavy learning curve compared to cloud based PW managers
Simple and secure.
KeePass (Windows only) is *really* good (and KeePassXC is the cross-platform version, so works in Linux, Windows, and Android). Secure (obviously); no subscription (it's free and open source), and no third parties. It's up to you to keep it safe. For me, the easiest way is to keep my primary KeePassXC file in Dropbox. Every device has KPXC and syncs to that. The biggest limitation is there's a bit of a learning curve but honestly, nothing stupid.
Works great on desktop, and I used it for years as I really loved being in control of my own password archive. However, on mobile, it's _terrible_... there are multiple different apps, all with varying degrees of janky UI and janky setup of syncing with wherever you're storing your password archive. So, when I wanted to help my family to stop re-using passwords, making up their own short and terrible ones, and writing them down on paper, I realized KeePass is just not the solution. I went with a family subscription of 1Password, which I do not regret. Especially as a software developer now that the desktop client includes an SSH Agent as well, which means I can use 1Password to authenticate with code repositories and sign code changes.
i pay proton, i have used proton for a long time, i use aliases, i love it. However I am not going to leave 1password. proton pass is not even close to 1password. And no attachment, no proton pass, No attachments = no go.
Proton is really good, just lacking some features, but nordpass all the way, affordable and secure
Sorry but I hate the auto-login feature. I feel I'm not in control, I have disabled it from 1Password. The same way I hate when you download a PDF file on Firefox and after that it just opens it in the browser (or with Acrobat Reader when you are on Windows). I always feel I've being hacked or just vulnerable because I could not check it before.
As I have heard time ago: "more comfort, less security".
I've never had the experience of a downloaded PDF opening automatically. I've always had to click on the download after it is complete and that's always been the default behaviour on all the browsers I've used.
Lack of attachments will be a deal breaker for me until they add it.
Thanks for this video. However, let me know what is the actual difference to 1Password? Why change to Proton? If you want to use Proton with the same features as available in 1Password, you also have to go for the payed plan and then the price is more or less the same. Feature like 1Password is still more advanced. So please tell me, what is the reason to change?
Once you're already paying for Proton for email you're basically just getting the other features as well. The video did explain why the change.
What is your input about Mega Pass build by MEGA the privacy company
It seems that Proton pass is not as user friendly as 1Pass (Can't speak for Bitwarden). PP doesnt seems to have Keyboard shortcuts yet, Quick access, Offline mode with the 2 password mode (Seems like it should be important) and some UI limitations.
On the security side, yes, 2 passwords is a major feature that makes the other password manager look subpar. Is it enough to switch though ?
Which two passwords feature? 1Password requires an additional code when logging in from a new device.
0:19 because they paid you a lot of money? 😆
Nope. Try again.
If you're salting your passwords (as you yourself recommended) then auto-login is not a wanted feature but I suppose it would be nice if they offered the option to toggle it on for those that don't salt their passwords.
What do you think of the proton crypto wallet ?
I’m probably the only one still on LastPass 😂 might move to Apple passwords
Thanks for this. Good work.
Do you have any thoughts on the password manager that is coming from MEGA drive? I have both Proton and MEGA and am trying to determine which to switch to, if I switch from 1Password.
I really like Proton, but I can't justify moving anything else over to Proton until Drive gets proper linux support. In fact I'm going to downgrade to the free tier unless this changes...
Interesting. Thanks for sharing.
this is some good info
Does proton offer passwordless login with passkeys to their account?
Not that I’m aware of.
Tried this today. Unfortunately, as far as I can tell, this important feature is lacking.
@ I’ll stick with Bitwarden then
1Password does in a free public beta for passkey login, and Bitwarden does in the web vault settings.
Can you backup or export your data from proton pass encrypted?
I don’t it. The only feature 1PW doesn’t have is the email aliasing. Despite that, it has way more features.
What about Bitwarden?
It is good and probably doesn't pay much for promoting it.
I like Proton. Wouldn’t you want to use a second service anyways to back up your passwords?
Truth be told, I’m keeping my 1Password as a backup for now. Not sure how long I’ll do that, though.
Can’t you just back passwords up into a csv or equivalent file? I’m not going to use several services.
What can I use to scan my home network if Im not a pro on iMac
I would also like to see file attachments added to protonpass. I'm used to not utilizing auto login feature so that doesn't bother me. I also love the integrated alias feature
Agreed.
What is your opinion about the Proton Wallet?
So Proton has a better affiliate program than the other password managers?
Actually, it’s worse than 1Password’s if you really must know. 🤷
do you mean you can actually save passkeys INTO a yubikey? Or just USE it as a passkey, someway? If the 1st case, how many passkeys you can save on a single key, how much memory do they have? thanks
Yes. Newer YubiKeys can hold 100 passkeys.
@AllThingsSecured token2 newer 300... For 20€
Bitwarden. Why didn't you choose bitwarden over proton pass?
How about AxCrypt password manager?
I actually disagree with the auto login-in part due to the possible mis-clicks and security purposes, I'd compromise for a toggle-able option tho
2 features the Proton pass is missing is that they cant generate the passcode (PIN) and archive the passwords
Proton Pass has no self-hosted option, so I stick with Bitwarden.
Correct. If that’s a priority for you, your options are limited.
more precisely: one option plus, and one minus ?
I use Nord, pretty good tool 👍
Yup 👍🏻
Major gripe with proton, it's slow.. backing up your photos, mail folders/labels.
And try using the proton apps while being on a VPN (not the proton VPN) glasswire for Android or tracker control.
Doesn't work
Can we use custom domain with alias emails??
What would you recommend for your parents or people like your parents that need simplicity online?
@@richardharker2775 yes this question.
If you use a Yubikey to set up the vault on a new computer, why would you need a 2nd password?
Just extra security, to separate the encryption of the two.
So you need to know your Proton mail account in order to access your Proton vault? seems insecure if you ask me, yea sure you can set that 2nd password but what if you want a completely random password that you keep on your vault. This makes it impossible.
I love proton VPN ❤
I got Yubikey, why does it work on PC, IPad, but not my IPhone? It just says security pin unrecognised.
There is a way to have aliasing while using bitwarrent?
Keepass forever. Don’t give your passwords to anybody.
They're going to have to be stored on something generally accessible otherwise I can't access them from anywhere and every device. But I suppose if you're not willing to give your passwords to anybody then you don't even need passwords, because you'll never be willing to log in anywhere.
I use roboform.
please compare pronto to bitwarden. and i still don't understand the point of passkeys given that hardware keys (yubikey) can do the job just fine. my opinion is that hardware keys are more secure and more versatile (think for use with a public computer at the library). i don't mind having to enter a password in addition to authenticating with the hardware key.
I'd need a few different ones to work with a variety of devices and ports. That gets expensive as well as tedious to carry around.
Unfortunately, my work blocks their website not sure why.
That’s odd.
You can create customizable aliases on Proton like simplelogin? Also, i have one question offtopic but i need enlightment. About aliases, what about if a platform doesnt accept my proton aliases? Is true i need to create another email if i dont want to compromise my own domain (secret)?
Yes, they’ve integrated SimpleLogin into Proton. I’ve never had an alias rejected.
If u got a virus on ur PC and have a password manager app or extension, wouldn’t u be super screwed? I haven’t ever installed one on my PC ever because I like to install mods for games and stuff so just to be extra safe I have nothing personal on there. Is that the way to go or would a password manager be safe from attack?
I presume you also never log into anything from that machine. Then you have no need to keep a password manager on the machine.
@ Well other than steam and Microsoft for windows/gamepass for cod, nope no logins. Oh and some streaming services. But they all have different passwords but guess they r a set and forget sorta thing so putting the password in once is all that’s needed. Guess I really don’t need to even have it on there ur right.
Bitwarden all the way for me.
Glad you like it 👍🏻
I used to use proton pass from the very beginning. I discontinued using it, because it doesn't support passkeys on my mac's Safari browser. It doesn't work at all, and I use passkeys a lot when tey to login. I have a lot of accounts (more than 20) with passkeys and I can't live without them. Also I use Safari and I don't want to switch to chrome/firefox just to access passkeys. So iCloud Keychain is still better than proton pass (I guess)
I use Apple Passwort Manager and its free
Have they fixed the defect that allows access to passwords if the device is already unlocked? With other password managers I have to re-authenticate to use a password even if the device is already unlocked.
They need to add better security before I would be comfortable using it.
How would you switch from apple keychain to 1password or Nord? Can they import all the passwords, and can you delete them all in one swoop in apple keychain? Also, I don’t like yubikey, have you reviewed Google titan? Thanks!
Does proton pass have tags?
How do you send an email from an anonymous email address in Proton Pass?
It’s designed so that you reply to the alias email and it gets sent from the alias, not your primary email address.
If you want to start a new conversation instead of replying, you have to log into your linked Simplelogin account, create a 'reverse alias', and send your email to that.
Currently, this is not possible within the Proton Pass interface.
@@lunboks With my Proton account, SimpleLogin is integreted... i.e. I do not have a seperate SimpleLogin account...
I think when you change password managers you are forced to change passwords on each service. Not that it is a bad thing using new passwords. However most allow you to export your passwords to a csv. Also I think it is obvious that the reason for the change is that you are no longer comfortable with the previous choice for a password manager, like Last Pass. The problem I have is that while it seems to be simple enough with an export and import of that csv file downloaded, it is also plain text csv when you download it. Maybe it is after the upload that you decide to change all your passwords once in the new system. Password managers should allow you to download your csv file with a password on it and then when you import it in the new password manager you could also then just supply the password. Just my thought...anything done in plain text is not a great way to do it unless in the new system you change all your passwords again. Guess I am not very trusting when it comes to the plain text download and upload. Most won't change their new passwords in the new password manager. People can be lazy about this process.
There's no need to change any passwords when switching password managers. The only place they ever exist in unencrypted form is on your machine and if that's compromised then it makes no difference whether you change passwords after changing managers.
@@loganmedia4401 Thanks for the reply... so man in the middle attacks are not possible even though it is plain text.
Proton Wallet, for your Bitcoin!!
I haven’t tried it yet.
The autofill and clicking the login button for me in 1Pass is not good, because I pepper my passwords ;-)
I do too, so it would sometimes make things harder.
@@AllThingsSecured It's the old balance of security and usability. Love your videos tho!
About time Josh. Proton has been making huge improvements these last few years and they're just way ahead of the competition now.
Now that Apple has stolen device protection, the Passwords app requires Face ID and will not fall back to the code. Isn’t that just as safe?
Does it also now require authentication when accessing passwords even if the phone is already unlocked?
Yes. My main point though is that with stolen device protection on, it won’t fall back to a pin or a password if Face ID fails
The owner of a stolen can produce a photo on a photopaper… instead of Face ID ?!
What do you guys do when a service doesn’t offer 2FA?
how interesting that there are no instructions in any of the Proton Pass tutorials telling one how to migrate Apple Password to Proton Pass. One might think they would have worked OT on that one. I can find nothing.
I wanted to like Proton Pass, but it lost me as soon as I tried to do an import. In short, it's terrible. The limitations on what it can import (and I'm not including attachments) meant that it only imported about 40% of what I had in Bitwarden. Both 1Password and Enpass imported without any issues. The problem stems from the way Bitwarden stores information. For items that don't fit cleanly into one of Bitwarden's categories, information is stored as a note. Each note can have custom fields. Proton Pass does not import these...it only imports the item name--leaving a false sense of confidence that items imported. I even tried an exported 1Password file that was an import of Bitwarden. (Which had all of the information.) Same problem. Proton Fail.
With that said, if the ONLY thing one keeps in solutions like this is login items, I suppose it's an adequate solution. But it's certainly not better than 1Password or Bitwarden.
Forget Apple. It is not available for Windows or Android. Apple doesn't make its app cross-platform which I don't like