Proton pass

Guys I use proton mail and proton pass but the issue I have is that how can I have a secure password for proton mail with 2fa if I use proton pass? If I have a less difficult password then I am lowering my security and If I want to have a 2fa (with local encrypted file) then I have to save it on some secure cloud, which for me is proton drive or mega then again I have those passwords saved in proton pass so I would have to login to proton pass first, If I lower password of those apps then again it risks security. ( I am sorry I am so confused). Please help!

    • degen@midwest.social
      link
      fedilink
      English
      arrow-up
      5
      ·
      10 months ago

      Yeah, from what I’ve read the best approach is a different service for 2fa and/or something involving backups and a physical safe.

      • Evkob@lemmy.ca
        link
        fedilink
        arrow-up
        4
        ·
        10 months ago

        Okay yeah I’ll admit that’s pretty bad, haha. The only password I actually know nowadays is the passphrase to my Keepass database, which clocks in at 40 characters. I rarely say this to people, but have you considered a shorter password? :P

        • Lauch@feddit.de
          link
          fedilink
          arrow-up
          2
          ·
          10 months ago

          I don’t even know my master password :D I use some script to generate it and I just copy+paste it.

  • ULS
    link
    fedilink
    arrow-up
    6
    ·
    10 months ago

    Password manager inception. Sign up for last pass, and bitwarden, and Google auth and Ms auth. Get a burner phone and rotate and change passwords monthly.

    …sorry for my useless post.

  • CapillaryUpgrade@lemmy.sdf.org
    link
    fedilink
    arrow-up
    5
    ·
    10 months ago

    Use a passphrase (not a password) and a physical security key, like a yubikey. It also supports TOTP or whatever 2fa Proton uses, you just connect it with a laptop or phone and it gives you a key.

    A physical key is much more secure than 2fa from a password manager (although both are probably fine)

  • Lauch@feddit.de
    link
    fedilink
    English
    arrow-up
    4
    ·
    10 months ago

    In my opinion the centralization of all your data and secrets to one single company is itself a security risk. When I realized that, I completely stopped using proton. I see 2 main issues with using all-proton: 1. they could turn evil (like a lot of big companies do) 2. They can have exploits which then can effect all your data / secrets. I switched to have a different company for each service and I don’t really pay more than what I would have to pay proton to get the same things.

  • governorkeagan@lemdro.id
    link
    fedilink
    English
    arrow-up
    3
    ·
    10 months ago

    I use all of Proton’s products as well. I’ve found a Yubikey works best for the 2FA codes. I’m also working on having a backup password manager

  • orsetto@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    3
    ·
    10 months ago

    Best thing you can do is learn a very strong and complex password to use for your proton account, that’s what I did.

    It takes a bit of time but eventually you’ll learn to type it in fast.

    • mobsenpaiOP
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      Okay lets say I set a memorable password then I would also be removing 2fa from account as well?

  • therebedragons
    link
    fedilink
    arrow-up
    2
    ·
    10 months ago

    Im in the same boat. They really need to allow a second password for the pass database.

    • Kayn@dormi.zone
      link
      fedilink
      arrow-up
      2
      ·
      10 months ago

      Sorry if it’s a dumb question, but why not just change your account password to something you’d use for a pass database?

      • Cinner@lemmy.worldB
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        Yeah that’s already how it works. That’s why in certain browsers logging in takes forever if you have a ton of mail, it has to decrypt the metadata of each email, then the contents when you click that email. Try enabling email content search on proton with over 5k emails.

    • mobsenpaiOP
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      Proton pass is a password manager but it uses the same account as proton mail. So I can’t have a secure password for proton mail as I would have to use it to login to proton pass first.

  • jxrdsn@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    10 months ago

    Either have a strong password and write it down somewhere, or use another password manager for proton? That seems kinda unnecessary though. Would be nice if proton supported yubikey or passkey or something.