Connect with us

Hi, what are you looking for?


Identity & Access

Proton Launches Open Source Password Manager

Proton makes its open source Proton Pass password manager globally available for major browsers and mobile devices.

Internet privacy company Proton this week announced the global launch of its open source password manager, Proton Pass.

The password manager is now available as a browser extension for major browsers such as Chrome, Firefox, and Edge, as well as for iPhone/iPad and Android users.

At its core, Proton Pass works as a traditional password manager, enabling users to generate and save passwords. The tool also supports passphrases, the use of unique passwords for each website, and one-click logins.

However, Proton explains, the password manager also helps users protect their email addresses, essentially protecting their identities.

For that, in addition to suggesting a strong password when signing up for an online service, Proton Pass will also suggest using a hide-my-email alias.

Randomly generated email addresses meant to hide a user’s real email address, email aliases prevent third-parties from identifying individuals and filter out trackers and other marketing tools.

“If you sign up for a website using a hide-my-email alias and it gets hacked, it can only expose that alias. Your real email address would remain safe. If this happens and you start to receive phishing emails or spam via that alias, you can simply disable it,” Proton explains.

Advertisement. Scroll to continue reading.

The company also notes that Proton Pass uses end-to-end encryption on all fields, including username and web address.

The password manager uses a strong bcrypt password hashing implementation and a hardened implementation of Secure Remote Password (SRP) for authentication, syncs data between multiple devices, and offers end-to-end encrypted data backups.

The free version of Proton Pass supports unlimited logins and encrypted notes, but only offers a limited number of hide-my-email aliases and two-factor authentication (2FA) logins. Extra vaults and unlimited email aliases and 2FA logins can be unlocked by purchasing a subscription.

Related: Internet Access, Privacy ‘Essential for Freedom’: Proton Chief

Related: Apple Releases Open Source Password Manager Resources

Related: Flaw in Password Managers Allowed Apps to Steal Credentials

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...


The private equity firm merges the newly acquired ForgeRock with Ping Identity, combining two of the biggest names in enterprise IAM market.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...