Proton Releases Free Two-Factor Authentication App

[MacRumors]

Proton today launched Proton Authenticator, a free two-factor authentication app available across all major platforms including iOS, Android, Windows, macOS, and Linux.

The open-source app generates time-based one-time passwords as an additional security layer beyond regular login credentials. Unlike competitors such as Google Authenticator and Microsoft Authenticator, Proton Authenticator also offers end-to-end encrypted backup and cross-device sync without ads or tracking, just like Proton's other products.

The Swiss-based company claims users can import existing 2FA tokens from other apps within seconds, while the app works offline and automatically backs up authentication codes.

"Two-factor authentication is necessary for everyone – not just those who care about their privacy," said Eamonn Maguire, head of account security at Proton. "We believe strong security should never come at the cost of your convenience or privacy. That's why we've developed Proton Authenticator: to give users peace of mind that their 2FA codes are available wherever they need them, without relying on Google or Microsoft."

Proton notes that account takeover attacks cost billions annually, making 2FA increasingly important. App-based authentication is also more secure than using SMS codes, which are vulnerable to SIM swapping attacks.

Proton Authenticator can be downloaded from the Proton website. The launch continues the company's recent product expansion – earlier this week it introduced Lumo, a privacy-focused AI chatbot that doesn't store conversation records or use user data for model training.

Article Link: Proton Releases Free Two-Factor Authentication App

 

[Love-hate 🍏 relationship]

Free?

 

[Ph03n1xx]

Amazing, I've been looking forward to seeing something like this from Proton for years now.

 

[Ph03n1xx]

Free?

Yes, an account isn't needed to use it either

 

[adrianlondon]

You only need an account if you want to sync the codes to another device, otherwise it's not necessary.

It has an "import" option but (obviously) relies on your existing app having an export option. I use Authy, which doesn't.

The only advantage I can see to this app over Authy is its desktop app. However, I'm not sure I even want 2FA codes available on my desktop.

Any other reason to move from Authy? I know Proton is open-source whereas Authy isn't, but that doesn't bother me.

 

[Joe Bogger]

I still use 1Password 7 for 2FA codes until it's not possible. Does anyone know if 1P 7 still works under iOS26/MacOS26?

 

[Hammerd]

That’s good news!

 

[CharlesShaw]

What are the advantages and disadvantages of third-party 2FA when the entity already has its own 2FA? For example, I have 2FA enabled for my Amazon account. Why would I want to use a third party for that? [Edit to add: My carrier has the SIM lock feature, so it's locked.]

 

[Reimulo]

You only need an account if you want to sync the codes to another device, otherwise it's not necessary.


Any other reason to move from Authy?

Just downloaded the Proton-App to give it a try, and you don’t even need a Proton Account to sync - its done via iCloud.


Also the leak last year might be a good reason to move from Authy.

Authy Users Urged to Stay Alert After 33 Million Phone Numbers Exposed

Twilio has updated its Authy two-factor authentication (2FA) service after a hacker claimed to have retrieved 33 million phone numbers from its user...

www.macrumors.com

 

[DEMinSoCAL]

"to give users peace of mind that their 2FA codes are available wherever they need them, without relying on Google or Microsoft."

Is this an issue for anyone? I use MS Authenticator and never once have I regretting "relying on Microsoft"...it works "whenever I need them" and to be honest, I trust a giant company like MS more than Proton.

What is the real advantage of the Proton app over Microsoft's?

 

[klasma]

What are the advantages and disadvantages of third-party 2FA when the entity already has its own 2FA? For example, I have 2FA enabled for my Amazon account. Why would I want to use a third party for that?

The mechanism for TOTP codes is standardized, there is no particular benefit in using a “first-party” app for it. Use whatever app you like best. This is like choosing your favorite browser or email app.

One benefit of the Proton app is that it syncs your TOTP accounts cross-platform with end-to-end encryption, which for example Google Authenticator doesn’t do. Also desktop support.

 

[Joe Bogger]

What are the advantages and disadvantages of third-party 2FA when the entity already has its own 2FA? For example, I have 2FA enabled for my Amazon account. Why would I want to use a third party for that?

You got this wrong. This is not replacing the 2FA for any account, but delivering you the 2FA code number for any account.

 

[broodj3ham]

Apple passwords does this too...

 

[CharlesShaw]

You got this wrong. This is not replacing the 2FA for any account, but delivering you the 2FA code number for any account.

Apparently so, which is why I'm asking. If Amazon currently delivers my codes, why is it better if I get the codes through an app like this? And what could go wrong if you convince me it's better to use an app for them?

 

[krspkbl]

Awesome. I love Proton. I already use Proton Pass to store my 2FA codes. It would be cool to be able to export all my codes to this app and run it offline. They updated Proton Pass the other day and it logged me out so I couldn't do anything until I got home. I did use to have my Proton 2FA code in Google Authenticator and I have a printed copy of my code at home in a safe.

This could be super useful. Going to look into it now.

Apple passwords does this too...

Yeah but who actually uses Apple Passwords lol. It's so barebones and behind every other password manager.

 

[Joe Bogger]

Apparently so, which is why I'm asking. If Amazon currently delivers my codes, why is it better if I get the codes through an app like this? And what could go wrong if you convince me it's better to use an app for them?

Ok, I guess here you refer to codes send to you by SMS. Using an app adds another security layer to your account. There were minor cases where access to the phone was possible, where the app needs another access. Also SIM cards were caught to receive those SMS codes. Something that should be less of a problem meanwhile eSIMs are more common these days.
Not all accounts provide the SMS codes like Amazon, since the costs are paid by the account provider. So more use the app based 2FA, where this app delivered codes are one option.

 

[klasma]

Apparently so, which is why I'm asking. If Amazon currently delivers my codes, why is it better if I get the codes through an app like this? And what could go wrong if you convince me it's better to use an app for them?

Amazon doesn’t “deliver” your codes. With 2FA you’re either using passkeys or TOTP codes, likely via iCloud Passwords/Keychain. You always need a browser extension/integration or a separate authenticator app. There’s a private key stored on your device that is used to generate the codes that are sent to Amazon to authenticate yourself.

 

[adrianlondon]

Just downloaded the Proton-App to give it a try, and you don’t even need a Proton Account to sync - its done via iCloud.

It backs up to iCloud, but according to their FAQ you need to create an account to sync across devices.

 

[Black_Mage]

Nice! I’m currently using the Microsoft Authenticator. I’m switching.

 

[CharlesShaw]

Amazon doesn’t “deliver” your codes. With 2FA you’re either using passkeys or TOTP codes, likely via iCloud Passwords/Keychain. You always need a browser extension/integration or a separate authenticator app. There’s a private key stored on your device that is used to generate the codes that are sent to Amazon to authenticate yourself.

I am just now logging into my Amazon account using Safari, entering a password and it is asking me to enter the code it just texted me.

 

[krspkbl]

Downloaded it and imported my codes. Quick and easy. Works perfectly. This is awesome

 

[Joe Bogger]

Nice! I’m currently using the Microsoft Authenticator. I’m switching.

Depends on what apps you need the 2FA for. Microsoft Teams won't allow any other Authenticator app but Microsoft Authenticator.

 

[krspkbl]

It even shows the NEXT code. I've been wanting this forever. This is going to make logging in at work so much easier. Lmao this has actually made my day. My works computer system is awful and often requires having to input 4 codes and not knowing the next one is a real pain.

 

[ELman]

"to give users peace of mind that their 2FA codes are available wherever they need them, without relying on Google or Microsoft."

Is this an issue for anyone? I use MS Authenticator and never once have I regretting "relying on Microsoft"...it works "whenever I need them" and to be honest, I trust a giant company like MS more than Proton.

What is the real advantage of the Proton app over Microsoft's?

My only grip about MS Authenticator is the way it backs up your information. You were required to have a personal Microsoft account. This is a pain in a business environment. Although, I believe this maybe changing soon.

 

[broodj3ham]

Awesome. I love Proton. I already use Proton Pass to store my 2FA codes. It would be cool to be able to export all my codes to this app and run it offline. They updated Proton Pass the other day and it logged me out so I couldn't do anything until I got home. I did use to have my Proton 2FA code in Google Authenticator and I have a printed copy of my code at home in a safe.

This could be super useful. Going to look into it now.


Yeah but who actually uses Apple Passwords lol. It's so barebones and behind every other password manager.

I do. It stores my passwords, fills them when I need them and wow it can even generate 2FA codes. What more do you need? (genuine question)