Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Proton Releases Free Two-Factor Authentication App
- Thread starter MacRumors
- Start date
- Sort by reaction score
I feel one of the advantages of a 2FA app is that if, for whatever reason, your password manager is compromised, the passwords still can't be used to log in to sites requiring 2FA.
In my case, if somehow Bitwarden was compromised (maybe someone saw me type in the password) then they'd still need my phone and to unlock it to use Authy.
It's for this reason I don't like the idea of both passwords and 2FA codes being in the same app, such as Apple's.
In my case, if somehow Bitwarden was compromised (maybe someone saw me type in the password) then they'd still need my phone and to unlock it to use Authy.
It's for this reason I don't like the idea of both passwords and 2FA codes being in the same app, such as Apple's.
Glad to see that it is a free app. Will give it a try. Also nice that an account is not needed.
It is called two factor authentication for a reason! That's exactly the reason our administrators insisted of using a secondary device for 2FA. It is less secure if both are on the same device - even more if they are even in the same app! It may be more convenient, but it is less secure.
I am using Duo with Bitwarden. It's free for single user, at least it was free when I signed up. I like it, simple yes or no notification on my Apple Watch.
Exactly. Also, if I decided to compromise my security and use Bitwarden to store my 2FA codes, how would I log into Bitwarden which requires a 2FA code? 🤔 😁
So I'd still need a separate app anyway.
Exactly! It is like having the door lock de-icer in the glove compartment... 🤣
SMS 2FA is better than no 2FA, but it's still not very secure. SIM jacking attacks, and the general lack of security with SMS means it's not great for protecting accounts. Time-based One Time Passwords (TOTP) based 2FA is much better, which is what this Proton app - and others like OTP Auth (what I use), Authy, MS Authenticator, Google Authenticator, and the 2FA built into password managers - do.
While it's convenient to have TOTP 2FA in your password manager app, it reduces security since if the password app is compromised, they then also have your 2FA as well. If it's in a separate app, it will likely give you time to get things fixed before someone gains access to your important accounts.
Security aside, I'm thinking about the recovery hassle if I permanently lost access to my Apple account. Yep, it's convenient to have one Apple ID for email and saving passwords, but yikes, losing the ability to receive 2FA codes would make recovery even more difficult, so I'll definitely keep them separate.
Some people need estate planners, I feel like I need a technology recovery planner.
I think this looks like a great authentication app. I have been paying for and using 1Password for a while simply because it had great support for the Apple Watch which this doesn't. It's such a game changer to be able to login without having to hunt down your phone start an app and find the code you need. Just put it into a complication on the watch face and it's always there when you need it. I hope Proton add this feature, I'm ready to switch once they do.
Yep, the more secure something is, and the more you take on in the service of keeping your own security, the more you need to have your own backup plans.
For me, I keep a paper folder of the original shared secret or QR code used to setup the TOTP app. I also keep backups on an encrypted veracrypt drive of the export of my OTP Auth app. This reminds me, I need to get around to documenting all this so if something happens to me, my wife would have a chance at understanding how it all works.
Proton offers a basic level of all their services for free. It's financed by users like me who have a subscription for additional options of all those free services. They aren't advertising/data harvesting driven and put users first. They are advocates for an open web and privacy first. I'm a happy customer since almost a decade.
Does this have an Apple Watch app? Glad there is another open program 2FAS has been great and recently made a password manager too haven’t looked yet. Bitwarden/2FAS have been solid.
Yup, I've been switching all of my 2FA setups to Apple Passwords, as it offers auto-fill across iPhone and Mac seamlessly.
The only downside is some websites require manual entry, which involves several taps and some typing to search for the stored Password entry.
If you have all Apple devices, it will sync across them via iCloud without any account from Proton. Just set this up for my iPhone, iPad and MacBookPro. Works perfectly.
I also use 1Pasword 7. It seems to work under the beta of iOS 26 and MacOS Tahoe. Now that there is an authenticator application I don't have much of a need for 1Password 7. I'm also looking at bitwarden authenticator as well.
Since 1Password 7 is not supported anymore, I would look at other options such as Bitwarden or Proton Pass for example.
Last edited:
It's a matter of consumer choice and platform availability. MS Authenticator isn't available on Linux, for example - this Proton app is.
Last edited:
When an entity has its own 2FA, it may disallow using 3rd-part 2FA. Case in point: Microsoft requiring Microsoft 2FA.
When an entity or company has no built-in 2FA, it implements or supports some list of 3rd-part 2FA. You can use any app in the list. You may prefer some providers, or check if the last version isn't too old. Also, the option of syncing 2FA between devices (proposed by Proton to account holders) is a bit strange since the purpose of 2FA is to prove you're currently holding the device that generated the 2FA token. If several devices at several locations have the ability to provide the same token, it lessens security (vs each token having its own 2FA instance). Maybe there's a use case for that?
Last edited:
The desktop app is very nice to have, and I like Proton's iOS interface better than Google Authenticator. One thing this app doesn't do though is local exports/backups, so the only way to save your code accounts is to use the iCloud feature.
I may be paranoid but I feel safer having my TOTP codes connected to nothing, only accessible on my devices which are protected by physical proximity and Face ID. So unfortunately Proton won't work for me.
I may be paranoid but I feel safer having my TOTP codes connected to nothing, only accessible on my devices which are protected by physical proximity and Face ID. So unfortunately Proton won't work for me.
Yep, and they know it and this why they conveniently did not include 2FAS in the table they created to compare the Proton service to others.