The Steps
Securing Proton Pass with two-factor authentication.
Proton Pass allows you to enhance your account security by enabling 2FA for the password manager itself. Imagine a scenario where you have Proton Pass running on your computer and you leave it unattended. Or you drop your phone while it is logged in and it’s picked up by someone with bad intent. By using 2FA on the Proton App itself, you add another layer of security. Below are step-by-step instructions on how to set it up.
Prerequisites
- Ensure you have the latest version of Proton Pass installed on your device.
- Have an authentication app available (e.g. Google Authenticator, or Authy).
Steps to Enable 2FA for logging into Proton Pass
Step 1: Access Your Proton Account Settings
Log In: Visit the [Proton Account](https://account.proton.me/) page and log in using your credentials.
Navigate to Settings: Click on your username or the settings icon, usually located in the upper-right corner.
Go to Security Settings: Select the Security tab from the settings menu.
Step 2: Enable Two-Factor Authentication
Find 2FA Section: Scroll down to the **Two-Factor Authentication** section.
Begin Setup: Click on **Enable Two-Factor Authentication**.
Step 3: Choose Your 2FA Method
Proton supports Time-Based One-Time Passwords (TOTP) via authenticator apps.
Use an Authenticator App: You can use any TOTP-compatible app such as the Google authenticator that is available on your smartphone.
Scan QR Code: A QR code will appear on the screen.
- Open your authenticator app.
- Select the option to add a new account.
- Scan the QR code displayed on the Proton website.
3. Enter Verification Code: The app will generate a 6-digit code.
- Enter this code back on the Proton website to verify.
Step 4: Save Recovery Codes
1. Backup Codes: Proton will provide a set of recovery codes.
2. Secure Storage: Save these codes in a secure location (e.g., printout in your home desk, usb drive kept in a safe place).
- These codes are crucial if you lose access to your authenticator app.
Step 5: Confirm and Test 2FA
1. Log Out: Sign out of your Proton account.
2. Log In Again: Enter your username and password.
3. Enter 2FA Code: When prompted, open your authenticator app and enter the current 6-digit code.
Using Proton Pass as a 2FA Authenticator for Other Services
Proton Pass can also generate 2FA codes for your other online accounts, streamlining your security management.
Steps to Add 2FA Tokens in Proton Pass
Step 1: Access the Service You Want to Secure
1. Navigate to Security Settings: In the account settings of the service (e.g., Gmail, Facebook), find the 2FA or security section.
2. Choose TOTP Authentication: Select the option to enable authenticator app-based 2FA.
Step 2: Add 2FA Token to Proton Pass
1. Scan QR Code or Enter Key:
- In Proton Pass, create a new entry or edit an existing one.
- Look for the option to add a **2FA Field**.
- Scan QR Code: If on a desktop, you may need to enter the secret key manually.
- Enter Secret Key: Copy the key provided by the service and paste it into Proton Pass.
2. Save the Entry: Ensure all details are correct and save the entry.
Step 3: Verify the Setup
1. Enter Verification Code: Back on the service's website, you may be asked to enter a verification code.
2. Get Code from Proton Pass: Proton Pass will now generate a 6-digit code for this service.
3. Complete Verification: Enter the code to finalize the 2FA setup.
Tips for Managing 2FA
- Keep Backup Codes Safe: Always store recovery codes securely.
- Update Devices: If you change or reset your device, ensure you have access to your 2FA codes.
- Regular Backups: Consider exporting your Proton Pass data periodically as an encrypted backup.
Conclusion
Enabling Two-Factor Authentication in Proton Pass strengthens the security of your online accounts by requiring an additional verification step. By following the steps above, you can confidently secure your Proton account and use Proton Pass to manage 2FA codes for your other services, all within a single, secure application.