And that’s how I got kicked out of the local trader joes…

I was going to say it but didn’t want to be the only one. I do recommend and use it though.

• It may make it more difficult to login such as 2FA code, geo location etc. More logs on logins, such as OS and so forth.
• I enabled it and it allows me to disable from the same settings screen.
• I was not signed out of any of my apps on any devices after enabling.
• I’m not sure about security keys and this yet.

Also AI based, so it will probably be something that learns typical login behavior’s such as geo-location, time of day, what service was used etc to ensure it matches your habits, if not or for extra security extra login steps required.

I enabled it because hey, why not? Doesn’t cost me anything extra then some more time logging in.

I am assuming much of this is more advanced login security. Such as geo locations, you can’t be in NY and CA in less than 5 minutes.

Yes, it is recommended to purchase 2. It literally makes them identical in case you lose your primary. 1 in a safe and 1 on your key ring kinda thing.

Some websites may not allow recovery if you lose your key, so yes a 2nd one is useful if possible. And yes, you would be able to use both interchangeably.

It’s one key with NFC for mobile devices plus a port of your choice. I’d check out there main site for this model, https://www.yubico.com/product/yubikey-5-series/yubikey-5c-nfc/

It is kinda pricey but they work well and they are well built, very easy for setup and use. I’ve almost always had better luck finding it a bit cheaper on Amazon.

I personally use Aegis for Android (https://getaegis.app/) and FreeOTP for iOS (https://apps.apple.com/us/app/freeotp-authenticator/id872559395) both open source.

YubiKey makes several models for physical keys but I could understand not wanting it. I use NFC for my mobile device and USB-C on my computers.

This is also largely based on threat model as something is better than nothing. I don’t believe the average person is going to, much less successfully, implement full layered security.

If more people could just:

• Use long passphrases
• Never reuse passwords for more than one service
• Use an encrypted password manager
• Enable 2FA (Preferability via app not SMS)

It would solve a large majority of the issues. It’s important to note that most stolen logins are actually from data breaches and malware. Before Proton Pass I stored everything in KeePass, we’re talking many years. I have yet to ever have unauthorized activity or login on any of my accounts, I’ve even been lucky not to show up on any data breaches.

Sure, I got a “FIPS 140-2 certified encrypted USB” which really can just be done with VeraCrypt for FREE (Supply Chain Prevention), used for archive backups, but otherwise just not clicking on links in random emails or visiting sketchy websites.

I have no question on it’s security, I’ve used their services for years and never had any issues. It’s well thought out, designed and there is a full article on their website about the security of pass in particular.

Just be sure to use settings such as setting a pin to access the app/extension, not a bad idea to consider device security as well based on your threat model.

Yeah, in order:

1. Standard VPN
2. Protons “Secure Core” VPN
3. No VPN

To ensure a fair comparison I made sure to manually select the same server for the test as well. It does depend on time of day but I’ve never gone below 200mb/s unless my internet goes out or lose power of course. I could probably make a new post for ppl to share theirs and include my mobile data connection speeds too.

It’s also probably important to note I do have a paid plan with Proton, so probably better service than the free VPN option.

EDIT: Just checked my wife’s phone and there is a search icon in the top right on iOS latest update…works great even for content. Are you running an older version?

I’m amazed the iOS version doesn’t have a search function. That should be at the top of the list, they already have it for android.

This is an often unknown benefit too, super easy as it works off the bat. Although, I did setup “directories” in SimpleLogin so I can make more customized and filtered emails, but does require premium…

Development is slow because of how much testing/refining they do. I’ve never not got an email or been unable to access it, even while traveling in the US & Canada. If your looking at the free tier the biggest issue at least for me would be the 500MB (1GB after steps taken).

I also have probably 30 email filters setup for absolute automation to set folders and tags to keep it all organized – Super easy to setup compared to other email services.

Yeah, I can understand that. Personally, I also use a Yubico key for login for the added security with easy. For both proton and services that let me use it.

If your primarily looking for pass, right now they have $1/mo locked in for life deal. I did consider making a new proton for the same reason you stated just for pass. But I honestly just slacked and took the easier route.

I’ve used the linux client too and it is pretty bad, I ended up just setting it up thru OpenVPN, followed a article and set it up for autoconnect. So no GUI, but I left it alone. I had used the browser extension for a bit on linux too, better than the linux app.

I’m sorry, I don’t quite understand. For example, on 5Ghz Wi-fi I get about 490mb/s, with VPN I’m getting about 450mb/s. It’s all strongly based on time of day but overall, if anything it’s higher latency but the difference has not affected me. Even using ProtonVPN on mobile 4G/5G networks I haven’t had loading issues, just more captcha requests making sure I’m not a bot but it’s a good trade off.

With VPN enabled:

With VPN enabled, using secured core server (still can stream YT, might buffer for a second at the start)

With-out VPN enabled:

I’m sure @ProtonPrivacy@lemmy.world could give a full explanation. But my understanding is yes, it’s stored in the cloud. It would have to be since it syncs with all signed in devices. Although, it’s encrypted before it’s sent, when it’s traveling and on Protons servers. Then it’s decrypted on device.

They actually have a pretty good article about the security model for Pass in particular, with some useful links too. https://proton.me/blog/proton-pass-security-model

I think it’s a great service and certainly improves privacy and security. Although, there are articles and plenty of discussion online in regards to the pros/cons, VPN brands and weather a VPN is even effective. For me, it’s another tool in the toolbox but I find it harder to get people to use a VPN than any of the other services but not directly because of Proton (speeds, re-connecting time, it’s not a fix all solution – none of which is really something that can be fixed)

I’m running GraphineOS and just downloaded the .APK for the apps, the notifications are an issue though…but Mail, Drive, VPN and Pass works great! But it would be best thru f-droid.

Personally, Android backup would be great but I use linux too and I’d love to see an option to set it up as a NAS drive on any device for backup…