from the team:


Hi everyone,

Thanks to your ongoing feedback, we’re pleased to introduce Secure Link Sharing in Proton Pass for all Proton Pass paid plans.

You asked for a simpler way to share a single item, like streaming passwords, family notes, and credit cards, and now you can! Complete with a configurable expiry.

With Secure Link Sharing, you can share with anyone, even if the recipient doesn’t have a Proton account, http://proton.me/blog/pass-secure-link-sharing

Here’s how it works:

  • Easy as copy and paste: Easily generate, update, or delete secure links with just a few clicks in any app.
  • You’re in control: Set an expiration date for the link (from one hour to 30 days) or limit the number of accesses.
  • Encrypted at all times: Secure links are end-to-end encrypted, ensuring only you and the people you share with can access your data.

This feature is rolling out progressively to all users on paid plans, starting first with Lifetime, Visionary, and Unlimited users. It will be available to everyone in the coming days.

Haven’t signed up yet? Upgrade now and get your first year for $1/month (limited-time offer eligible for new users only).

Let us know what you think! You can also share, vote and discuss ideas on User Voice.

Proton Team

    • KaynA
      link
      English
      164 months ago

      Did you read the linked blog post?

      Unfortunately, in most cases people share these sensitive items using methods that are inconvenient and not secure, such as text message or email. This makes it difficult to restrict access in the future, and whenever you update your password or other item details, you have to resend the information.

        • @LesserAbe@lemmy.world
          link
          fedilink
          English
          254 months ago

          Imagine I send my friend a password for something. If I put the password in a text message, it will probably still be sitting in their text messages for the next several years. A copy of the password will be on their phone, their text provider’s servers, and maybe various middlemen servers, I don’t know. That information could be accessed by a hacker, rogue employee, or third person who is using the friends device (or a court!) not just when it’s sent, but years in the future.

          If I send a link like this proton one, the link itself will have the same problems as a plaintext password would. The difference is that I, the user, retain control over whether that link leads to anything. I can turn off the link so even though some adversary has it, it’s useless to them.

          What this does not protect against is if the intended recipient misuses the sensitive information, but that’s a different problem.