Proton Pass protects your passwords with the same proven end-to-end encryption technology that secures over 100 million Proton accounts, and has been battle-tested for a decade with Proton Mail.
As scientists, we know that transparency and peer review lead to better security. All Proton Pass apps are open source(new window) and can be independently reviewed by anyone. Our security claims are not mere claims, but facts that can be independently verified by all.
Like all Proton services, Proton Pass has been audited by independent third-party experts, and such security reports(new window) are available to the public. Proton Pass security is also enhanced by a public bug bounty program, that invites and rewards security researchers who can identify security improvements in our apps.
Advanced security and privacy features
256-bit AES-GCM vault encryption
Passwords and other items stored in Proton Pass are kept in encrypted vaults. When you create a vault, Proton Pass generates a 32-byte random vault key that cannot be brute-forced.
Your data is encrypted with 256-bit AES-GCM. Nobody (not even Proton) can read or create new vault keys.
Proton Sentinel allows Proton Pass Plus to protect your data even if an attacker has the correct password. Sentinel uses sophisticated AI systems that protect over 100 million Proton accounts and can identify the signatures of threat actors.
Together with human security analysts working 24/7, it blocks malicious logins more effectively than automated systems alone.
Proton helps people who live under governments that are hostile to privacy. Alternative routing is an advanced anti-censorship feature that allows you to access your password manager even if your government or internet service provider tries to block access.
This means that Proton Pass can work even if you travel to countries with strict internet censorship.
Proton Pass makes it easy to share streaming service logins with your family and simple to share company accounts with your colleagues. Password sharing in Proton Pass is a free and secure way to share sensitive information.
OpenPGP with ECC
In order to protect your vault key and facilitate the sharing functionality (in case you want to share a login with a trusted third party), Proton Pass uses the OpenPGP encryption standard with elliptic curve cryptography (ECC Curve25519).
OpenPGP is open source, has been audited and battle-tested for nearly 30 years, and has no known vulnerabilities. Proton’s OpenPGP implementation is also modular, to allow easy upgrading to post-quantum encryption algorithms in the future.
Passwords are only part of the equation
Proton Pass is more than a password manager, it’s also an identity manager that helps to protect your privacy.