This week, Apple released in the latest update of iOS and MacOS an application that is simply called “Passwords”.
In my opinion, Apple could be a serious competitor to Pass: both provide temporary emails, both manage Passkeys, but what I think sets Apple apart from Proton is the “Connect with Apple” feature. Passwords are also encrypted (for Apple via the default iCloud Keychain).
Of course, Proton does not have the same financial income as Apple, which pushes them, for example, to ask to pay for two-factor authentication. But I stay with Proton because I simply love the values of the company but also because I have my emails, my calendar, my drive that are on Proton.
Now I think it would be interesting for Proton to work on an alternative to “Connect with Google” or “Connect with Apple”. What do you think?
Consider the fact that every single password you have will be in this system. Consider the fact that if access is compromised, access to virtually everything you have access to will be compromised. I mean it would be a HUGE problem.
Now consider that no one except Apple has any idea how secure this is because none of it is open source. It’s never been audited by a third party either.
What does connect with Apple do?
I won’t ever use Apple services because of the lock-in. I haven’t checked but I doubt there’s an Android app, Windows App, or Firefox extension for Apple Passwords.
It’s exactly like the “Connect with Google” feature but also “private” according to them. I don’t know if it’s a marketing argument or what but unlike Google they generate an alias email that is similar to what Proton does but for free. There is a Windows App.
I don’t know what connect with Google is either so that explanation is not helpful
Basically you go on Reddit (It is French on the image because I’m French), you click on “log in” and look at the connection options.
Oh, I get it. Like a single sign on (sso). Facebook and amazon and github do this too, but it depends on the site.
That’s called an SSO (single sign on). And not really an advantage. Proton has this feature already. You can find it on the Simple login page.
I don’t use these regardless, as it connects your activity across the web, which is the opposite of private. Any login page like this gets an email alias login.
You can’t send out emails using Apple’s temporary email service whereas you can with Proton’s.
I’m not sure why I’d store passwords with any external provider. I keep a local database synchronized between my computers and mobile phones, with a backup elsewhere.
Does Apple encryption encrypt it from Apple? I legitimately don’t know the answer to this, but I doubt it. Proton can’t see your data even if they wanted to.
