Proton Pass introduces enhanced identity protection with Pass Monitor

Data breaches are increasingly common. Whenever you sign up for an online service, you provide it with personal information that’s valuable to hackers, such as email addresses, passwords, phone numbers, and more. Unfortunately, many online services fail to adequately secure this information. The number of breaches spiked by 78%, from 1,802 in 2022 to 3,205 in 2023(new window), affecting more than 353 million people.

To keep you safe, we’re introducing Pass Monitor for our password manager, a new suite of security features to help you secure your data. Pass Monitor alerts you of account weaknesses and data breaches so you can better defend your online accounts against attacks. We believe security should be easy, so Pass Monitor watches out for you automatically and guides you through solutions in the event your data leaks from a third-party service.

Pass Monitor includes four layers of security:

  • Dark Web Monitoring: We scan illicit data marketplaces on the dark web to check if your Proton addresses, email aliases, and up to 10 custom email addresses have been leaked. If we find anything, we alert you immediately so you can take quick action to secure your accounts.
  • Password Health: This is like a checkup for your account security. We’ll let you know if you have any weak or reused passwords that need to be updated.
  • Inactive two-factor authentication: 2FA is a second layer of security in addition to a password that greatly reduces the risk of hackers breaking into your accounts. Pass will identify accounts where you can enable 2FA.
  • Proton Sentinel: Released last year, our Proton Sentinel program uses AI and human analysts to detect and block account takeover attacks. We’re rolling this feature into Pass Monitor.

Password Health and 2FA checks are included in Proton Pass Free plans. You can get Dark Web Monitoring, Proton Sentinel, and other advanced security features with our Pass Plus plan. Pass Monitor will be available to everyone on all devices over the next few days. 

Proton gives you the best account security available

Strong passwords are critical for account security, but email security is often overlooked, even though most cyberattacks (like phishing) start with email. Proton Pass enhances security by offering alerts on potential threats and the ability to create unique email addresses for each account through hide-my-email aliases, significantly reducing the risk of cross-service attacks and data breaches.

Now we’re giving you even more proactive security coverage. Last month we launched Dark Web Monitoring in Proton Mail, which looks for leaks of the credentials associated with any Proton email addresses you have. But in fact, Pass Monitor goes even further by monitoring not just for Proton Mail addresses but also any hide-my-email aliases you’ve created and up to 10 (non-Proton) custom email addresses you’ve authorized. We use our own datasets of dark web hubs as well as those compiled by Have I Been Pwned(new window) and Constella Intelligence(new window), leaders in digital threat management. We only share custom email addresses (with your approval) with third parties for Dark Web Monitoring. 

Breach alerts provide details about what data was leaked, what service leaked it, when the data was found, and what steps you can take in response. 

The combination of Pass Monitor with hide-my-email aliases is especially powerful because if any of your aliases leak, you can simply disable it and generate a new one while your real email address remains private.

Boost your defenses with Password Health 

One of the common ways hackers break into people’s accounts is by cracking weak passwords in stolen datasets. (Our article on brute force attacks explains how this works.) Once a password is revealed, hackers then try to use it to log in to other accounts to see if it has been reused elsewhere. As a robust line of defense, two-factor authentication (2FA) can block hackers from accessing your account.

Password Health watches out for all three weaknesses and gives you an overview of the health of your passwords at a glance. Not only do we tell you if you have any weak or reused passwords, but you’ll also see where it’s reused and offer suggestions to create a more robust password.

Pass Monitor includes Inactive 2FA, which checks whether you have 2FA enabled for all the accounts that offer it. Subscribers with paid plans can activate 2FA directly in Proton Pass’s built-in authenticator, which lets you autofill one-time passcodes. Activating 2FA is critical because it prevents hackers from accessing your accounts without the additional one-time security code, even if your password leaks. 

All Password Health checks are carried out on your device, so your data remains end-to-end encrypted

Toward a more secure internet for all

As a company that always puts users first, we believe everybody should have access to the best possible tools to help keep them safe online. As a result, we are offering Pass Monitor’s basic functions for free to all our users. 

We can put our users first in this way because we are entirely funded through subscriptions. Unlike many of our competitors, we receive no money from shareholders or from venture capital. We’re only beholden to you, our community, and we thank you for the continued trust and support we enjoy.

If you’re not yet part of the Proton mission but you like the idea of software built exclusively for the benefit of people, we invite you to join us by creating a free Proton Pass account today.

Protect your passwords
Create a free account

Related articles

People and companies are generally subject to the laws of the country and city where they are located, and those laws can change when they move to a new place. However, the situation becomes more complicated when considering data, which can be subjec
Your online data is no longer just used for ads but also for training AI. Google uses publicly available information to train its AI models, raising concerns over whether AI is even compatible with data protection laws. People are worried companies
iPhone stores passwords in iCloud Keychain, Apple’s built-in password manager. It’s convenient but has some drawbacks. A major issue is that it doesn’t work well with other platforms, making it hard for Apple users to use their passwords and passkeys
There are many reasons you may need to share passwords, bank details, and other highly sensitive information. But we noticed that many people do this via messaging apps or other methods that put your data at risk. In response to the needs of our com
Large language models (LLMs) trained on public datasets can serve a wide range of purposes, from composing blog posts to programming. However, their true potential lies in contextualization, achieved by either fine-tuning the model or enriching its p
is Google Docs secure
Your online data is incredibly valuable, particularly to companies like Google that use it to make money through ads. This, along with Google’s numerous privacy violations, has led many to question the safety of their information and find alternative