ProtonBlog(new window)

Proton Pass Plus plan now includes the Proton Sentinel high-security program

Share this page

Your passwords are some of your most sensitive personal information. They’re the keys that allow you to access your online accounts, be it your cloud storage, email inbox, or banking accounts. Proton Pass helps millions of people safeguard their passwords and other login information with end-to-end encryption and publicly audited open-source code. 

Now, we’re providing even more protection for your most sensitive information. Starting today, everyone with a Proton Pass Plus plan will have access to our high-security Proton Sentinel program, which has already blocked over 3,000 account takeover attacks since we introduced it in August.  

Protect your passwords with Proton’s strongest security

Proton Pass uses end-to-end encryption on all your data by default, meaning that if Proton itself is breached, your passwords and other metadata will remain securely encrypted (you can get more details by reading Proton Pass’s security model(new window)). And now, Proton Pass also offers protection against the number one threat to your passwords, one that other password managers can’t mitigate well — being fooled by fraudsters. 

This is crucial, as, unless it’s part of your job, most people don’t have time to become cybersecurity experts, and traditional password managers offer little to no protection against user compromise. This is why hackers send out so many phishing emails. With a standard password manager, if a hacker can fool you into exposing your account password, the best you can do is reset it before they do too much damage. 

Proton Sentinel provides an effective defense against these types of social engineering attacks, which accounted for 92% of successful cyberattacks on individuals according to a report by Positive Technologies(new window). In these successful attacks, hackers stole individuals’ login credentials 36% of the time, making them the most common target. 

Proton Sentinel can prevent an attacker from accessing to your data even if they have successfully stolen your Proton Account username and password. Proton Sentinel combines artificial intelligence monitoring with human expertise to detect, identify, and challenge any suspicious account takeover attempt. And Proton Sentinel does this well because it leverages the lessons we learned building Proton’s anti-abuse systems that protect over 100 million accounts. These systems have seen a vast number of login attempts and are able to correctly characterize and identify threat actors on a massive scale.

Proton Sentinel helps you protect the account that matters most

Your email and password manager accounts are the most important since attackers can use them to reset the passwords to all your other online accounts. If you use Proton Mail and Proton Pass together, you already benefit from the fact that there’s just a single point of entry, as opposed to two points of failure that you have to secure separately. 

Once you activate Proton Sentinel, you have access to the following enhanced protection:

  • Our automated systems perform continuous monitoring, increasing the likelihood of detecting suspicious login attempts.
  • Sentinel immediately escalates any suspicious events to our team of security analysts who evaluate the assessments generated by our automated systems.
  • Sentinel automatically blocks suspicious login attempts or issue challenges, even if the attacker has somehow managed to obtain the correct credentials.
  • Proton Sentinel provides an advanced dashboard where you can see all security events on your account and the actions it has taken.
  • If you activate Proton Sentinel, your support requests concerning account security are also automatically escalated to our specialized security professionals.

With Proton Sentinel, you’re protected by both the power of AI and human intelligence, as we have specialized security analysts examine each suspicious event and help identify account takeover attempts. This goes well beyond the level of security automated systems alone can provide and far surpasses what traditional password managers can provide. 

Learn more about Proton Sentinel(new window)

Activating Proton Sentinel

The Proton Sentinel program may not be necessary for everyone. It was originally designed to protect high-profile members of the Proton community who may be at greater risk of cyberattacks, such as politicians, executives, journalists, activists, etc. But if you feel you’re at risk — or simply want the heightened security Proton Sentinel provides — you can activate Proton Sentinel by logging in to your account at account.proton.me/pass, going to Security and Privacy, and clicking the toggle switch next to Enable Proton Sentinel to turn it on.

If you have more questions about Proton Sentinel or about account security in general, please contact our Support team.

Protect your privacy with Proton
Create a free account

Share this page

Son Nguyen(new window)

Son is the Founder of SimpleLogin, which he continues to work on, along with Proton Pass. Previously, he was the director of engineering at Workwell and CTO at Fitle. Son graduated from Ecole Polytechnique with an MSc in computer science and was a gold medalist at the International Mathematical Olympiad.

Related articles

What is 3-2-1 backup
Data backup is vital for businesses and individuals alike: In case something happens to your primary computer, you always have a copy of your data to fall back on.  How should you approach backup, though? The 3-2-1 rule can act as a guide when decid
What was your first pet’s name? In what city were you born?  We’ve all had to answer these questions to reset a long-forgotten password, but consider how that works. Much of this information is easy to find for others (or easily forgotten by you), m
In the early days when Proton started, we often received a question along the lines of “I love the product and what Proton stands for, but how do I know you will still be around to protect my data 10 years from now?”  Ten years and 100 million accou
Credential stuffing is a popular type of cyberattack where attackers take login credentials and use them on thousands of websites, hoping to fraudulently gain access to people’s accounts. It’s an effective attack, but fortunately, one that’s easy to
With Skiff abruptly shutting down operations, many people are on the lookout for alternatives that don’t compromise on privacy — and won’t suddenly disappear. People were attracted to Skiff because it promised privacy, no ads, end-to-end encryption,
Skiff is dead. On Feb. 9, the email company Skiff announced it was being bought by Notion. Many Skiff customers have been shocked by this news, as their inboxes have been sold out from under them. Skiff gave people six months to export their data be