🟢 Trust Rating: High
Start with what is wrong. Proton Pass is the youngest of the serious password managers, launched in 2023 while Bitwarden has been refined since about 2016. Its server-side code is closed and proprietary, so there is no self-hosting option the way Bitwarden offers. Lean hard on its email aliases and you quietly lock yourself into the Proton ecosystem. Now the case for trust: the client apps are open source under GPLv3, the encryption is end-to-end at the level of every individual item and not just the password field, and two independent firms have audited it (Cure53 in 2023, Recurity Labs in early 2026, which rated the security posture "well above par"). Add Swiss jurisdiction, a genuine free tier that is not a bait-and-switch, and a non-profit foundation as primary shareholder, and you get a password manager that has earned a high rating despite its age. It just has not earned "top of the class" over Bitwarden yet.
💰 Affiliate Disclosure
We participate in Proton's affiliate program. Using our link supports this site at no extra cost to you. Our review always remains independent and unbiased: the trust rating above, the privacy concerns, and the caveats below are exactly what we would write without the program.
Try Proton Pass →What is Proton Pass?
Proton Pass is the password manager arm of Proton AG, the same Swiss company behind Proton Mail, Proton Drive, and Proton VPN. The beta shipped to Lifetime and Visionary subscribers on April 20, 2023, and the full freemium product launched globally on June 28, 2023, across browser extensions (Chrome, Firefox, Edge, Brave) and iOS and Android. It stores logins, notes, cards, passkeys, and identities in encrypted vaults, and it bakes in email aliases through SimpleLogin, the alias service Proton acquired in April 2022.
Proton itself launched in the summer of 2014 after a crowdfunding campaign that raised over $500,000 from more than 10,000 people, run by scientists who met at CERN. It is headquartered in Plan-les-Ouates, Geneva. In June 2024, on the tenth anniversary of that campaign, Proton put the company under the Proton Foundation, a Swiss non-profit that founders Andy Yen and Jason Stockman and first employee Dingchao Lu endowed with enough shares to make it Proton AG's primary shareholder. Swiss foundations have no shareholders, which is the point: Proton says it "will no longer be dependent upon the goodwill of any particular person or group of persons." The foundation board includes Tim Berners-Lee and Oxford ethics professor Carissa Véliz. That governance structure is a real trust signal, and this site weighs it.
Critical Privacy Concerns
⚠️ What You Are Actually Trusting
- It is the youngest of the majors. Proton Pass launched in 2023. Bitwarden has been maturing since around 2016 and 1Password far longer. Reviewers consistently call Pass "still maturing," with less documentation and a smaller community than Bitwarden has built since 2016. Expect the occasional rough edge: no folders, tags, or categories (only item pinning), no select-all for bulk actions (multi-select exists but you pick items one at a time), duplicate entries when an alias and its login are handled separately, and autofill that fails on some sites where Bitwarden succeeds.
- The browser extension is attack surface. A password manager that autofills in your browser is a target. At DEF CON 33 on August 9, 2025, researcher Marek Tóth disclosed a DOM-based clickjacking technique that hit 11 password-manager extensions in their default configuration, including Proton Pass, 1Password, Bitwarden, Dashlane, LastPass, and NordPass. Proton patched it in extension version 1.31.6. Separately, in September 2023 a penetration tester found Pass had reintroduced a memory-retention bug (unencrypted credentials sitting in memory after lock); Proton shipped a fix across platforms in about two days.
- No self-hosting. The client apps are open source, but the server-side code is closed and proprietary. Unlike Bitwarden, you cannot run your own Proton Pass server. You are trusting Proton's cloud, full stop.
- Ecosystem lock-in through aliases. The hide-my-email aliases are tied to Proton. Build up a pile of them and migrating to another manager later means untangling forwarding you cannot easily repoint. One reviewer specifically wished Proton let you change an alias's forwarding target to ease an eventual switch. It is privacy-friendly lock-in, but it is still lock-in.
- The Swiss jurisdiction is under political pressure. Switzerland floated a revision to its VÜPF surveillance ordinance that would have forced providers with as few as 5,000 users to log IPs for six months and be able to strip encryption they provide; CEO Andy Yen said in a May 2025 RTS interview that Proton "would have no choice but to leave Switzerland" and "would be less confidential as a company in Switzerland than Google." After the public pushback the revision was sent back for an external review, and it remains unresolved as of mid-2026, so treat the jurisdiction advantage as real today rather than guaranteed tomorrow.
One more honesty note on the people running it. In December 2024, Andy Yen posted from his personal account praising a Trump antitrust appointee, and an official Proton account echoed the sentiment in a comment that was deleted within hours. Proton said the official comment "was not actually an official statement," called the episode an internal miscommunication, and said its policy going forward is to share no opinions of a political nature. The Intercept covered it in January 2025. It does not touch the cryptography, but if a founder's public politics matter to your threat model, it is on the record.
Security Architecture and Audits
The encryption model is the strongest part of the product, and it is documented in public. Proton Pass encrypts every field of an item, not just the password: usernames, web addresses, and everything in encrypted notes. That means Proton itself cannot see which online services you hold accounts with. Each vault gets its own random 32-byte key (256-bit AES-GCM) signed with your key, and each item inside a vault gets its own random 32-byte key encrypted with the vault key, so the granularity is per-item, not just per-vault. Your user key is encrypted with a bcrypt hash of your account password (or of your key password if you use two-password mode) and an account salt; Proton argues bcrypt is more secure than PBKDF2 here. Authentication uses a hardened Secure Remote Password (SRP) exchange, and secure sharing runs on OpenPGP with Curve25519 elliptic-curve keys.
Proton released the Pass client source code on July 19, 2023 under GPLv3: the browser extensions live in the ProtonMail WebClients repo, with separate iOS and Android repositories. Again, the server is not open. So "open source" here means the software on your device is inspectable, not the whole stack.
On the audit front, Cure53 ran a white-box audit across all the mobile apps, browser extensions, and the API through May and June 2023 with full source and engineer access, publishing results on July 19, 2023. It reported a moderate number of findings, most limited in severity, and concluded the overall state of security across Proton's apps and platforms was "commendable." Every issue was resolved except one medium-severity item that could not be fully fixed because of an Android platform limitation around subdomain-spoofing protection. In early 2026, Recurity Labs (ISO 27001 certified, no financial ties to Proton) audited the extensions, mobile and desktop apps, and the CLI from January through April. It found no remote exploits and no encryption bypasses, rated the posture "well above par," and flagged mostly low-impact issues in its first phase (several in the CLI, one iOS Keychain data-protection observation, and a lack of strict fully-qualified-domain-name matching in the extension that could allow autofill across subdomains). Desktop issues were resolved on retest, and the full report was published.
Company-wide, Proton earned ISO 27001 certification on May 2, 2024 and completed its first SOC 2 Type II attestation (audited by Schellman) in July 2025. Read those honestly: Proton describes their scope in general terms covering its infrastructure and "all Proton products," and does not itemize Proton Pass by name as separately in scope. They are real, but they are not Pass-specific no-logs-style attestations.
For the record on scare headlines: a January 2025 report from Venak Security claimed Pass stores card data unencrypted in memory and that Proton VPN uses static keys, framed by some outlets as putting "500 million" users at risk. Proton disputed it point by point, saying decrypted data appearing in memory while you use it "is how every password manager works and is not a bug," that VPN keys are per-device and per-session, and that the report was rejected from its bug-bounty program. And CVE-2024-37391, which sometimes surfaces in "Proton Pass CVE" searches, is actually a Proton VPN and Proton Drive Windows-installer issue, not a Pass vulnerability. We found no CVE naming Proton Pass specifically.
Features That Matter
Be precise about what the free tier gives you versus what you pay for, because Proton's own marketing blurs it. Pass Monitor, launched May 6, 2024, is split: Password Health checks and Inactive 2FA detection are free, but Dark Web Monitoring and Proton Sentinel (AI-driven account-takeover protection with human analyst support) require a paid plan. Dark web monitoring covers your Proton addresses, your aliases, and up to 10 custom email addresses.
- Passkeys: supported on free and paid plans across all platforms, added March 21, 2024.
- Hide-my-email aliases: Proton Free and Mail Plus get up to 10 (via the built-in SimpleLogin integration); paid Pass plans get unlimited aliases, and Pass Plus now bundles SimpleLogin Premium features such as custom-domain aliases.
- Built-in 2FA authenticator: Proton Free stores up to three 2FA items; Pass Plus adds an integrated authenticator with unlimited 2FA codes.
- Identities: save name, address, and passport-style details for form-filling, available to everyone including free users since August 8, 2024, alongside desktop biometric unlock for paid plans.
- File attachments: paid plans only (launched April 2025), multiple files per item up to a 100 MB total, across web, mobile, desktop, and extension.
- Sharing: end-to-end encrypted vault and item sharing with other Proton Pass users (October 2023) plus Secure Links for sharing with non-Proton users (July 2024).
- Local protection: PIN lock (you are logged out after three failed attempts) and a separate "extra password" distinct from your account password.
- Apps: browser extensions (including Safari), iOS, Android, and desktop apps for Windows (February 2024, with offline mode), macOS, and Linux (June 2024), plus a CLI for paid plans (launched November 2025).
Pricing Structure
The honest framing first. Proton's pricing page renders prices with JavaScript and can show region-specific currency, so confirm the exact number at checkout. Proton has also moved Pass Plus pricing around more than once: it cut the annual rate from $3.99 to $1.99 a month in January 2024 for new and existing customers, and some 2026 third-party reviews still cite a $1.99 two-year rate that we could not reproduce on Proton's own page. The "40% off" style discounts are measured against the month-to-month rate, and annual billing means paying the full year up front. The figures below are what proton.me/pass/pricing showed in USD in July 2026; verify the live number before you commit.
| Plan | Price | What you get |
|---|---|---|
| Free | $0 | Unlimited logins, notes, and cards on unlimited devices; 2 vaults; share a vault with 2 people; 10 hide-my-email aliases; up to 3 2FA items; passkeys. No integrated 2FA authenticator, no dark web monitoring, no file attachments. |
| Pass Plus (monthly) | $4.99/month | Unlimited aliases, integrated 2FA authenticator, dark web monitoring, file attachments, SimpleLogin Premium features. |
| Pass Plus (annual) | $2.99/month ($35.88 billed yearly, marked 40% off) | Same as monthly Pass Plus, at the lower annual rate. |
| Pass Family (annual) | $4.99/month ($59.88 billed yearly, marked 29% off) | Pass Plus for up to 6 people with an admin panel (monthly billing is $6.99/month). |
Proton Pass is also bundled into the wider Proton subscriptions (Proton Unlimited, Duo, Family, and Visionary), which raise the vault ceiling and include unlimited aliases. If you already pay for Proton Mail or Drive, check whether Pass is already covered before buying it separately.
Proton Pass vs. Alternatives
Proton Pass vs. Bitwarden
- Proton Pass: open-source clients, closed server, cloud-only, built-in aliases, younger product.
- Bitwarden: open source on both client and server, the only major manager you can fully self-host, with a longer public track record and more mature import and export tooling. This is the default pick on this site when self-hosting or open-source verifiability of the whole stack is the priority. See our Bitwarden review.
Proton Pass vs. NordPass
- Proton Pass: open-source clients plus two independent audits, and a more generous free tier.
- NordPass: proprietary and often cheaper on the annual plan, with a data-breach scanner, but the free tier is limited to one device at a time and the code is not open to outside review. See our NordPass review.
Proton Pass and the rest of Proton
Pass shares your account, your billing, and your foundation-backed provider with Proton Mail. That is convenient and it is also concentration risk: one account compromise reaches more of your life. If you are weighing the email side of the ecosystem, read our Proton Mail review.
When to Use Proton Pass
Reasonable Use Cases
✅ You want open-source clients plus real audits without running your own server.
✅ You already live in Proton for mail or VPN and want one account and built-in aliases.
✅ You want a genuinely usable free tier with unlimited logins on unlimited devices, not a one-device trial.
Not Recommended For
❌ You want to self-host your vault. The server is closed. Use Bitwarden or KeePassXC.
❌ You want the most mature, most documented manager. Bitwarden and 1Password have years on it.
❌ You want zero account linkage across email, storage, and passwords. A standalone manager keeps those separate.
The Bottom Line
Consider Proton Pass if:- You value open-source clients backed by two independent audits and a non-profit governance structure
- Built-in email aliases and Swiss jurisdiction fit what you are trying to do
- The free tier's unlimited logins across devices covers most of your needs
- Self-hosting or full-stack open source is a requirement (use Bitwarden)
- You want the longest track record and deepest documentation
- Alias lock-in or single-account concentration risk is a dealbreaker
⚠️ Final Assessment
Proton Pass is a young product that punches above its age. The encryption is item-level end-to-end and well documented, the clients are open source under GPLv3, and two independent firms have audited it, with Recurity Labs rating it "well above par" in 2026. The honest limits are the closed server, the lack of self-hosting, the alias lock-in, and the ordinary growing pains of a 2023 launch. None of those undercut the core security claims, which is why it earns a high rating. If you need to self-host, Bitwarden is still the pick. If you want audited, open-source clients inside a privacy-first ecosystem, Proton Pass is a genuinely strong choice.