A bit of context:
I am a long time user of Proton (5+ years, Unlimited user) services. I am also a long time user of 1Password (since 2016). Understandably I have hundreds of items currently in my 1Password account, and a safe work flow on my devices with that.
Would it make sense to start moving those entries to Proton Pass (as it is included) and be off a bit cheaper, or keep them separated as to not throw all the eggs in the Proton basket?
Ideas, thoughts, tips or experiences?
In my opinion, the best choice is to keep things seperate and save yourself from a digital lockout(in case of an outage or false positive abuse report from Proton).
As for cost savings, Bitwarden is an option.
I looked into proton pass ~9 months ago and it just wasn’t ready. Needed a few more features before I was willing to move from Bitwarden. However, I gave it another look 2 weeks ago and proton pass satisfied all of my needs. Since I was already paying for proton unlimited, it just made sense for me to change. And it’s been a perfectly good experience so far! A couple of thoughts:
While I do run Linux, I don’t need a native app for it. I exclusively use a browser extension on my desktop. It does everything that I need. I do use a native app on IOS and it works quite well.
The 2fa in proton is pretty good now, which I needed. It can also store other types of data like credit cards, identities, etc. But it’s not quite as good at identifying fields for auto fill. Pretty close though so I’m not bothered by this.
My biggest ”complaint” is protecting my proton account. I use it for email, storage, etc. so I can’t accept a weak password for it. But I also need to have reliable access to other passwords stored in proton pass. For this, I want something long yet memorable and easy enough to type out. These two requirements are roughly at odds with each other.
My solution for now is to keep my Bitwarden account and use it as a source to recover my proton account when necessary. I think it’s a good pattern actually and I may expand this in the future with methods like syncing data between the two tools.
I want something long yet memorable and easy enough to type out. These two requirements are roughly at odds with each other.
My ‘go to’ for long passwords are song lyrics. I try to find a lyric that has a number (or word that can be subbed with a number) and one where a symbol makes sense: Just the 2 of us you & I
I am a Proton and 1Password user. For now, I still prefer 1Password over ProtonPass. The only thing really keeping me from fully adopting ProtonPass is the lack of a Linux client (last I checked) and the excellent 2FA integration that was recently added to 1Password. Last I checked, Proton does not have that yet.
You are correct. I just check and the current web version now includes TOTP (2FA secret key) support. I am not sure if passkey support is there or if this functionality is available on all platforms, but it looks like the delta between 1Password and ProtonPass is becoming near insignificant.
I guess we are sort of in the same boat, and will keep off for now from using Proton Pass. :)
If you’re already paying for proton unlimited I don’t see any reason you shouldn’t go for it.
Also, forgive me if I’m wrong, but your post makes it sound like you don’t know, you can just export all your passwords as a file and import them into proton all at once
That i do know, it’s more, the features in Proton Pass, and wanting (or not) a bunch of different services at a single company. And daily usage and support (Linux clients etc).
There have been cases where people got locked out of their Proton account, it may be a good practice to actually keep your log-in vault on a separate service just to avoid that headache.
How come? Seems concerning.
Yes, it is concerning. I don’t remember where I read this, but someone was saying that their account was falsely flagged for suspicious activity and they lost access to everything, including Pass. Very similar to what can happen on Google. I don’t want to say much more details as I might be misremembering and don’t want to spread misinformation.
I guess you kind of answered your own question.
- Is keeping things separated important?
- do you want the additional cost saving.
In my case I was on the paying plan of bitwarden ( 10€/ year ). I kept them separated and will probably keep paying for both. The bitwarden money really is negligible…
That and I’m quite happy with bitwarden. You could always extract your pwd from the password manager and save them somewhere secure in an encrypted file. SHOULD something happen you still have a backup somewhere…
Just make sure to keep your back up safe.
Keep in mind that if 1 password decides to lock you out you still lose all your passwords.
If you’re doing periodic backups of your logins (I need to, it’s been a couple months) the egg basket issue doesn’t matter much.
When LastPass turned to LastAss, I moved to Bitwarden. The move itself took some time but it wasn’t horribly painful.
I use Proton VPN and have a mailbox with them and like it well enough. Bitwarden is open source and they have 3rd party audits from time to time. I recommend giving it a look.
That is literally not the question. I never mention LastPass nor Bitwarden.
Then please feel free to ignore my post. Just sharing a similar experience.
Bitwarden
I like your style cowboy
Literally not the question
Bitwarden is a means of saving some money and also not putting all your eggs in one basket, so it kind of is an answer to your question.
As others have said, no matter what you use, make sure you have regular backups.
I saved myself the cash and left 1Password, personally. I turn on 2FA for everything I can, and the TOTPs go in Ente Auth. 1Password was better though.
most password managers give you the option to export your saved credentials. Pick a format that proton pass can read and then import it into proton pass.