A bit of context:

I am a long time user of Proton (5+ years, Unlimited user) services. I am also a long time user of 1Password (since 2016). Understandably I have hundreds of items currently in my 1Password account, and a safe work flow on my devices with that.

Would it make sense to start moving those entries to Proton Pass (as it is included) and be off a bit cheaper, or keep them separated as to not throw all the eggs in the Proton basket?

Ideas, thoughts, tips or experiences?

  • GreenEngineering3475@lemmy.world
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    1
    ·
    3 months ago

    In my opinion, the best choice is to keep things seperate and save yourself from a digital lockout(in case of an outage or false positive abuse report from Proton).

    As for cost savings, Bitwarden is an option.

  • Lodra@programming.dev
    link
    fedilink
    English
    arrow-up
    9
    ·
    edit-2
    3 months ago

    I looked into proton pass ~9 months ago and it just wasn’t ready. Needed a few more features before I was willing to move from Bitwarden. However, I gave it another look 2 weeks ago and proton pass satisfied all of my needs. Since I was already paying for proton unlimited, it just made sense for me to change. And it’s been a perfectly good experience so far! A couple of thoughts:

    While I do run Linux, I don’t need a native app for it. I exclusively use a browser extension on my desktop. It does everything that I need. I do use a native app on IOS and it works quite well.

    The 2fa in proton is pretty good now, which I needed. It can also store other types of data like credit cards, identities, etc. But it’s not quite as good at identifying fields for auto fill. Pretty close though so I’m not bothered by this.

    My biggest ”complaint” is protecting my proton account. I use it for email, storage, etc. so I can’t accept a weak password for it. But I also need to have reliable access to other passwords stored in proton pass. For this, I want something long yet memorable and easy enough to type out. These two requirements are roughly at odds with each other.

    My solution for now is to keep my Bitwarden account and use it as a source to recover my proton account when necessary. I think it’s a good pattern actually and I may expand this in the future with methods like syncing data between the two tools.

    • Bob Robertson IX @discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      3
      ·
      3 months ago

      I want something long yet memorable and easy enough to type out. These two requirements are roughly at odds with each other.

      My ‘go to’ for long passwords are song lyrics. I try to find a lyric that has a number (or word that can be subbed with a number) and one where a symbol makes sense: Just the 2 of us you & I

    • 🔗 David Sommerseth@infosec.exchange
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      3 months ago

      @Lodra @ff0000 Just don’t forget your Bitwarden login … Which would be critical if your Proton account gets locked up …

      I recommend Proton Pass these days to my users (I have Visionary plan and manages a business account too). But I use Bitwarden primarily myself, to keep it fresh in memory. It would be completely embarrassing to admit for my 20+ users I can’t help them with their accounts.

  • DesolateMood@lemm.ee
    link
    fedilink
    English
    arrow-up
    7
    ·
    3 months ago

    If you’re already paying for proton unlimited I don’t see any reason you shouldn’t go for it.

    Also, forgive me if I’m wrong, but your post makes it sound like you don’t know, you can just export all your passwords as a file and import them into proton all at once

    • R...OP
      link
      fedilink
      English
      arrow-up
      4
      ·
      3 months ago

      That i do know, it’s more, the features in Proton Pass, and wanting (or not) a bunch of different services at a single company. And daily usage and support (Linux clients etc).

    • NeatNit@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      3
      ·
      3 months ago

      There have been cases where people got locked out of their Proton account, it may be a good practice to actually keep your log-in vault on a separate service just to avoid that headache.

        • NeatNit@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          3 months ago

          Yes, it is concerning. I don’t remember where I read this, but someone was saying that their account was falsely flagged for suspicious activity and they lost access to everything, including Pass. Very similar to what can happen on Google. I don’t want to say much more details as I might be misremembering and don’t want to spread misinformation.

  • Jo Miran
    link
    fedilink
    English
    arrow-up
    7
    ·
    3 months ago

    I am a Proton and 1Password user. For now, I still prefer 1Password over ProtonPass. The only thing really keeping me from fully adopting ProtonPass is the lack of a Linux client (last I checked) and the excellent 2FA integration that was recently added to 1Password. Last I checked, Proton does not have that yet.

      • Jo Miran
        link
        fedilink
        English
        arrow-up
        4
        ·
        3 months ago

        You are correct. I just check and the current web version now includes TOTP (2FA secret key) support. I am not sure if passkey support is there or if this functionality is available on all platforms, but it looks like the delta between 1Password and ProtonPass is becoming near insignificant.

    • R...OP
      link
      fedilink
      English
      arrow-up
      3
      ·
      3 months ago

      I guess we are sort of in the same boat, and will keep off for now from using Proton Pass. :)

  • fluckx@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    3 months ago

    I guess you kind of answered your own question.

    • Is keeping things separated important?
    • do you want the additional cost saving.

    In my case I was on the paying plan of bitwarden ( 10€/ year ). I kept them separated and will probably keep paying for both. The bitwarden money really is negligible…

    That and I’m quite happy with bitwarden. You could always extract your pwd from the password manager and save them somewhere secure in an encrypted file. SHOULD something happen you still have a backup somewhere…

    Just make sure to keep your back up safe.

    Keep in mind that if 1 password decides to lock you out you still lose all your passwords.

  • Steve@communick.news
    link
    fedilink
    English
    arrow-up
    4
    ·
    3 months ago

    If you’re doing periodic backups of your logins (I need to, it’s been a couple months) the egg basket issue doesn’t matter much.

  • DoctorWhookah@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    3 months ago

    When LastPass turned to LastAss, I moved to Bitwarden. The move itself took some time but it wasn’t horribly painful.

    I use Proton VPN and have a mailbox with them and like it well enough. Bitwarden is open source and they have 3rd party audits from time to time. I recommend giving it a look.

    • R...OP
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      4
      ·
      3 months ago

      That is literally not the question. I never mention LastPass nor Bitwarden.

    • R...OP
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      6
      ·
      3 months ago

      Literally not the question

      • Matt@lemdro.id
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 months ago

        Bitwarden is a means of saving some money and also not putting all your eggs in one basket, so it kind of is an answer to your question.

        As others have said, no matter what you use, make sure you have regular backups.

  • EmperorHenry@infosec.pub
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    3 months ago

    most password managers give you the option to export your saved credentials. Pick a format that proton pass can read and then import it into proton pass.