this post was submitted on 23 Apr 2025
8 points (90.0% liked)

Proton

6587 readers
1 users here now

Empowering you to choose a better internet where privacy is the default. Protect yourself online with Proton Mail, Proton VPN, Proton Calendar, Proton Drive. Proton Pass and SimpleLogin.

Proton Mail is the world's largest secure email provider. Swiss, end-to-end encrypted, private, and free.

Proton VPN is the world’s only open-source, publicly audited, unlimited and free VPN. Swiss-based, no-ads, and no-logs.

Proton Calendar is the world's first end-to-end encrypted calendar that allows you to keep your life private.

Proton Drive is a free end-to-end encrypted cloud storage that allows you to securely backup and share your files. It's open source, publicly audited, and Swiss-based.

Proton Pass Proton Pass is a free and open-source password manager which brings a higher level of security with rigorous end-to-end encryption of all data (including usernames, URLs, notes, and more) and email alias support.

SimpleLogin lets you send and receive emails anonymously via easily-generated unique email aliases.

founded 2 years ago
MODERATORS
ProtonPrivacy@lemmy.world
alex_herrero@lemmy.world
Nelizea@lemmy.world
8
Proton Pass as a storage for a very sensitive data in readable format? (self.protonprivacy)
submitted 1 week ago* (last edited 1 week ago) by hetzlemmingsworld to c/protonprivacy@lemmy.world
4 comments fedilink hide all child comments
 

For example cryptocurrency wallet seed phrase. One can add it to the notes field (password field is occupied by my wallet password).

I can also add new field of type "hidden" to the login entry, where i need to click eye icon in order to reveal the content.

Beside login items, there are also Notes items, which does not seems to feature hidden field.

I assume that in terms of security all field types (password, note) and all entries (login, note) are equally secured.

But the field which is not password or a hidden note of the login item, are more vulnerable due to someone look behind your back or due to a computer client-side scanning (spyware third party or built in OS made to screenshot ones screen)?

What is your suggestion on storage of a super-sensitive data like crypto. wallet seeds?

top 4 comments
sorted by: hot top controversial new old
[–] Ulrich@feddit.org 1 points 1 week ago (1 children)

Yeah I mean that's a great usecase.

[–] hetzlemmingsworld 1 points 1 week ago (1 children)

Please explain in more detail and why, if possible.

[–] Ulrich@feddit.org 1 points 1 week ago

I can't think of a safer place to keep it, other than cold storage. It's encrypted and backed up in a tried and true vault. The company has an excellent and longstanding reputation in the privacy industry.

[–] jjpamsterdam@feddit.org 1 points 1 week ago

For me it boils down to trust in the service provider (in this case Proton) and the risk of anyone accessing your information. While your proposed solution is elegant and super accessible, it's not without risk.

Relevant risks could include your device being screen- or keylogged or even the TSA randomly selecting you and forcing you to open up your phone under the implied threat of a free vacation to El Salvador.

For super sensitive data that can be memorised, I recommend memorisation. You can keep a backup hard copy in a safe place, even if that's not immediately accessible. This should also be accessible for your relatives in case of death. Such a safe place can be a safety deposit box or even just a trusty old envelope stashed away behind a specific drawer.

For sensitive but not super sensitive data that you need on the go I recommend using an encrypted hard copy, which you can keep in your purse or wallet. Use any publicly available (long enough) document as your cypher, such as the Magna Charta or the Declaration of Independence (although I recommend more obscure texts, obviously). You can even use the cypher method for digital sensitive data if you prefer that. As long as you don't tell anyone about your cypher you should be fine. It can still be brute forced, but should be really difficult if you use the right cypher.