EDIT: Just thanking everyone for the thoughtful responses. Really enjoyed reading everyone’s takes here and will definitely think on things moving forward and try various configurations out!
Hi all, interested in your thoughts here. Recently signed up for Proton Unlimited via Black Friday sale mainly for email/VPN/drive. For passwords I’ve been happy with Bitwarden and DDG for email forwarding (plus you get a duck.com address which is just fun).
If you were me would you move over to ProtonPass to streamline, or keep these things broken up? On one hand I don’t want all my eggs in one basket, on the other hand I feel like it means I am trusting my info to one Swiss-based org vs Proton + DDG/Bitwarden which are US based. Plus if I am paying for a service I feel a little less like the product in the long term.
Feel pretty ok with both options as my main objective is de-Googling, but interested to hear what has worked well for others. Appreciate any input!
I’m a fan of separating services when possible.
And emails are a huge pain to change, so it might be worth considering an email service with your own domain name.
Proton with a domain you control and use their Simplelogin which you can self host down the line should there be a rug-pull event. I think you need to manually export this so make it a habit as you add them!
You can put your eggs in one basket, just make sure you have a plan B if the basket catches on fire, using their domain in my eyes you’re going down with the ship, if you control it you’re just repointing records to a new host and getting simplelogin going.
This is part of the reason I like to keep ALL of my emails on disk still as well, if you can’t decrypt your mailbox for some reason they’re about as good as gone.
While I also use a custom domain with simple login, I feel like it does take away from the anonymity a bit. So sometimes I use my custom domain, others I use theirs.
I was in your exact same boat a year ago, and decided to try both solutions. I ended going with the streamlined one. As you said, you are already paying for the service and Proton Pass is imo a pleasantly nice password manager to use. It is a lot easier to create and delete aliases there than through Bitwarden/DDG, at least that was my experience. Proton pass is now my most used day to day app list and I’m very happy with it.
While all eggs in one basket isn’t great from a security stand point, I am pretty happy with this solution. I do however keep 2fa in separate app, Ente Auth.
I just wanna say email aliasing is an email related thing so why is it unlimited aliases included in proton pass plus and not proton mail plus???
A custom domain is $12/yr, and SimpleLogin lets you do automatic regex emails, so I can just make a quick [email protected] email for each website. Would recommend.
I took advantage of the lifetime protonpass offer for black Friday, since I already had 5 simplelogin emails for that purpose. Very happy now with the unlimited aliases.
I think both solutions are probably reasonable secure. Personally I use the proton solution, because I like that my data is in Europe and I prefer to pay for services. I like the more transparent and honest business where I pay and get something in return.
I’m using Proton Pass aliases and they work like a charm. With the browser plugin, it’s easily feasible to generate one for every single thing you sign up for. I would argue that there are some advantages over DDG (although I haven’t used their service in for quite a while):
- Proton applies E2EE to incoming mails
- If the mails go to your Proton account anyway, removing DDG means removing a proxy that could read your mails or be an attack vector to do so
- Afaik you can secure your proton account way beyond what DDG offers (password + 2FA + Sentinel + extra password for Mail + extra password for Pass) if you want to
- Convenience: You can manage everything in Pass and it tells you right away what you created an alias for, allows to create accounts from it etc.
Is it a total game changer? Probably not.
What’s Sentinel?
Proton service that tracks data breaches for your passwords & info. I believe it also provides extra protection in case somehow your Proton account is compromised.
I got started with aliases on anonaddy (now just Addy). After using a while I jumped into using my own domain, this is the real game changer.
Aliases are great and do their thing, but owning your own domain let’s you move everything all at once if you need to.
For instance, when proton added aliases I tried it out. I just redirected my MX records and was done. I didn’t like how they handled the header data because it broke a majority of my filters, so I switched back. Again, a simple setting adjustment and done.
For the record, I’ll probably switch everything over to proton eventually, but at the time didn’t want to recreate my filters. It makes sense to have all email controls under your email provider.
I use SimpleLogin emails but route them through DDG and works great
No. Proton’s sketchy business aside, I wouldn’t put everything into one basket. Bitwarden also supports a few email aliasing services natively using an API token.
As for ProtonPass, I’ve thought about it too, but so far I’m happy with my current setup, including Bitwarden for passwords and StartMail for email. I appreciate Proton’s focus on privacy, but for me, using different providers (like StartMail + Bitwarden) adds an extra layer of security in case something goes wrong with one of them. StartMail, for example, is a strong alternative to Gmail with its focus on privacy, while Bitwarden is excellent for password management due to its open-source nature and transparency.