PP

Proton Pass

SaaS alternative

Swiss-run password manager from Proton, with hide-my-email aliases, integrated 2FA, and open source clients.

Category
Passwords · SaaS alternative
Cost
Freemium
Country
Switzerland
Licensing
FOSS
Platforms
Web · iOS · Android · Linux · macOS · Windows · CLI

Pros and cons

+ what works
  • +Swiss jurisdiction and non-profit foundation as primary shareholder of Proton AG
  • +Clients are open source under GPLv3 with a published Cure53 audit
  • +Hide-my-email aliases, integrated TOTP, and passkey support all built in
  • +Free tier covers unlimited logins on unlimited devices, with 10 aliases and 2 vaults
watch out for
  • Server-side stack is closed source, so the zero-knowledge claim still rests on audit plus trust
  • Pass Monitor dark-web alerts, integrated 2FA, file attachments, and Proton Sentinel are paid-only
  • No self-host option; vaults live on Proton-operated infrastructure
  • Strong pull toward the Proton ecosystem (Mail, VPN, Drive) for a single account and billing relationship

Privacy notes

Vaults are end-to-end encrypted client-side: each vault key is a 32-byte random key encrypted to the user's key, and items are sealed with AES-256-GCM. The user key is wrapped with a bcrypt hash of the account password, and login uses a hardened SRP exchange so the server never sees the master password. Proton AG operates under Swiss jurisdiction and, since June 2024, is controlled by the non-profit Proton Foundation in Geneva. Cure53 audited the mobile apps, browser extensions, and API in mid-2023 with the report published; Proton holds ISO 27001 (2024) and SOC 2 Type II (2025) across the wider Proton stack.

Tags

#password-manager · #swiss · #e2ee · #foss-clients · #audited · #aliases

Does this work for you?

Did this work for you?


Notes from people who tried it

Comments (0)

No comments yet. Be the first.

Add a comment