Proton Pass is #opensource and has now passed an independent #security audit: https://proton.me/blog/pass-open-source-security-audit.
All fields and metadata in Pass are secured by #e2e encryption, so you can rest assured that no one, not even Proton, can access your information.
@protonmail Awesome, and great protocol to also publish the report by @cure53 , I know they're awesome people! :)
This makes you a serious contender to 1Password IMHO who also publish their reports but don't publish the source code. There's also Bitwarden which is also audited and open source of course.
This leads me to the questions:
1. Do you plan on open sourcing the server and supporting self-hosting?
2. What's the support of passkeys?
3. Is in-depth integration into the OS planned, e.g., through Linux SecretService API and/or wayland protocols (input-methods und text-input AFAIK)
@protonmail @cure53 Thank you for taking the time and answering my questions! W.r.t. (1) I do hope that this can be solved soon-ish, as it should IMHO be mostly a legal thing which shouldn't eat the development resources. It just helps build trust and hopefully even improves the product for less technical people!
Passkeys are definitely in the same vein something that hopefully helps a lot of non-tech users but it's crucial for adoption that everyone is pulling on the same rope. Apple is there, Google is coming and 1P and Bitwarden already have it in the pipeline as well, it'd be a bummer if it would be held back for Proton users!
Linux universal autofill is quite complicated (similar to Windows autofill) unfortunately but it hopefully is getting better with some Wayland protocols being in the works... but there's a lot of questions that need to be resolved :'-)
Proton Mail
lj·rk