{"id":12897,"date":"2025-08-01T11:18:37","date_gmt":"2025-08-01T18:18:37","guid":{"rendered":"https:\/\/jasonsblog.ddns.net\/?p=12897"},"modified":"2025-08-01T11:18:37","modified_gmt":"2025-08-01T18:18:37","slug":"proton-launches-free-standalone-cross-platform-authenticator-app","status":"publish","type":"post","link":"https:\/\/jasonsblog.ddns.net\/index.php\/2025\/08\/01\/proton-launches-free-standalone-cross-platform-authenticator-app\/","title":{"rendered":"Proton Launches Free Standalone Cross-Platform Authenticator App"},"content":{"rendered":"\n<p>A good alternative to the platforms that are spying on you without bounds. And you&#8217;d have to assume if you&#8217;re Google Authenticator, they have access to the codes which could be given on to the government when requested. Personally, I&#8217;ve been using Yubikeys for years for 2FA where supported, but it&#8217;s probably time to update. I seem to remember a <a href=\"https:\/\/jasonsblog.ddns.net\/index.php\/2024\/09\/04\/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel\/\" target=\"_blank\" rel=\"noreferrer noopener\">vulnerability<\/a> if people can gain physical access to your keys allowing them to be cloned.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/proton-launches-free-standalone-cross-platform-authenticator-app\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.bleepingcomputer.com\/news\/security\/proton-launches-free-standalone-cross-platform-authenticator-app\/<\/a><\/p>\n\n\n<div class=\"wp-block-ub-divider ub_divider ub-divider-orientation-horizontal\" id=\"ub_divider_a66f39c5-22a1-4371-8276-a2d6bfe51547\"><div class=\"ub_divider_wrapper\" style=\"position: relative; margin-bottom: 2px; width: 100%; height: 2px; \" data-divider-alignment=\"center\"><div class=\"ub_divider_line\" style=\"border-top: 2px solid #ccc; margin-top: 2px; \"><\/div><\/div><\/div>\n\n\n<p>By Bill Toulas<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/www.bleepstatic.com\/content\/hl-images\/2025\/07\/29\/headpic.jpg\" alt=\"Proton\"\/><\/figure>\n\n\n\n<p>Proton&nbsp;has launched Proton Authenticator, a free standalone two-factor authentication (2FA) application for Windows, macOS, Linux, Android, and iOS.<\/p>\n\n\n\n<p>2FA authenticator apps are offline tools that generate time-based one-time passwords (TOTPs) that expire every 30 seconds, and which can be used alongside passwords when logging into online accounts, providing the second factor authentication.<\/p>\n\n\n\n<p>Proton is a Swiss technology company known for privacy-focused end-to-end encrypted services like <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/protonmail-introduces-a-new-email-tracker-blocking-system\/\" target=\"_blank\" rel=\"noreferrer noopener\">Proton Mail<\/a> (email), <a href=\"https:\/\/www.bleepingcomputer.com\/vpn\/reviews\/proton-vpn-review\/\" target=\"_blank\" rel=\"noreferrer noopener\">Proton VPN<\/a>, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/software\/proton-launches-free-privacy-focused-google-docs-alternative\/\" target=\"_blank\" rel=\"noreferrer noopener\">Proton Drive<\/a> (cloud storage), and <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/proton-launches-open-source-password-manager-with-some-limitations\/\" target=\"_blank\" rel=\"noreferrer noopener\">Proton Pass<\/a> (password manager).<\/p>\n\n\n\n<p>The introduction of an Authenticator app complements the company&#8217;s product portfolio and introduces a privacy-focused tool that stands out against competition that is largely closed-source, ad-supported, and locks users into proprietary ecosystems.<\/p>\n\n\n\n<p>Instead, Proton Authenticator uses no ads, trackers, or vendor lock-in, and requires no Proton account.<\/p>\n\n\n\n<p>&#8220;Proton Authenticator is built with the same values that power everything Proton does: privacy, transparency, and user-first security,&#8221; <a href=\"https:\/\/proton.me\/blog\/authenticator-app\" target=\"_blank\" rel=\"noreferrer noopener\">reads the product launch announcement<\/a>.<\/p>\n\n\n\n<p>&#8220;The company is now bringing these standards to the 2FA space \u2013 offering a secure, easy-to-use, and encrypted alternative to apps like Google Authenticator that further lock users into Big Tech&#8217;s surveillance ecosystems.&#8221;<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/www.bleepstatic.com\/images\/news\/u\/1220909\/2025\/July\/trable.jpg\" alt=\"Comparison table\"\/><figcaption class=\"wp-element-caption\"><strong>Comparison table<\/strong><br><em>Source: Proton<\/em><\/figcaption><\/figure>\n\n\n\n<p>The team stated that the app is also open-source, but it typically takes Proton a couple of weeks to release the source code of newly launched tools on GitHub, so we cannot confirm that yet.<\/p>\n\n\n\n<p>Proton Authenticator is built with end-to-end encryption, supporting secure cross-device syncing and migration to or from other platforms through easy-to-use import and export functions.<\/p>\n\n\n\n<p>The ability to export your TOTP seeds is a feature sorely missing from other popular auth apps like Microsoft Authenticator and Authy.<\/p>\n\n\n\n<p>The new tool also offers automatic encrypted backups and app locking with biometrics or a PIN, adding an extra layer of security.<\/p>\n\n\n\n<p>Authenticator apps are significantly more secure than SMS or email-based 2FA because they generate codes locally on the users&#8217; devices. At the same time, the time-based tokens expire quickly, making them useless after a while, even if stolen.<\/p>\n\n\n\n<p>They are nearly immune to phishing, SIM swapping, and man-in-the-middle attacks, as there&#8217;s no intermediary that can be intercepted or impersonated.<\/p>\n\n\n\n<p>Hence, if you&#8217;re not already using one, it is recommended that you set one up for all accounts that support 2FA protection.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A good alternative to the platforms that are spying on you without bounds. And you&#8217;d have to assume if you&#8217;re Google Authenticator, they have access to the codes which could be given on to the government when requested. Personally, I&#8217;ve been using Yubikeys for years for 2FA where supported, but it&#8217;s probably time to update. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-12897","post","type-post","status-publish","format-standard","hentry","category-tech"],"blocksy_meta":[],"featured_image_src":null,"author_info":{"display_name":"Jason","author_link":"https:\/\/jasonsblog.ddns.net\/index.php\/author\/jturning\/"},"_links":{"self":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/12897","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/comments?post=12897"}],"version-history":[{"count":1,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/12897\/revisions"}],"predecessor-version":[{"id":12898,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/12897\/revisions\/12898"}],"wp:attachment":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/media?parent=12897"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/categories?post=12897"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/tags?post=12897"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}