At a time when data breaches and cyberattacks are on the rise, protecting your personal and professional information is at the heart of our priorities. That is why we want to inform you that, following the recent publication of the independent audit report on Proton Pass, we use this tool to manage and protect our passwords and sensitive credentials.
An independent audit that confirms an exceptional level of security
On May 12, 2026, Proton published the results of an in-depth security audit of its password manager, Proton Pass, conducted between January and April 2026 by Recurity Labs, an ISO 27001-certified IT security consultancy with nearly two decades of recognized expertise.
The audit, fully independent and with no financial ties to Proton, covered all components used by Proton Pass users: browser extensions, mobile and desktop applications, as well as the command line interface (CLI).
The findings are clear: Proton Pass's overall security posture was rated as "well above par."
Key strengths confirmed by the audit
Two major results stand out from the report:
- No remotely exploitable vulnerabilities were identified. In other words, a user cannot be compromised simply by visiting a malicious website or clicking a link.
- No encryption bypasses were found. Attackers have no shortcuts, backdoors, or weak keys that would allow them to circumvent the encryption layer protecting your data.
The few observations raised by the auditors — particularly regarding how secrets are managed in memory while the app is running — were all addressed by Proton during the retest, including those that fell outside the strict scope of their threat model. This responsiveness reflects a genuine commitment to continuous improvement.
Why this choice matters for you
As clients, you entrust us with your information. Choosing a password manager is not merely a matter of convenience: it is a strategic decision that directly affects the confidentiality of your data.
We selected Proton Pass for several reasons that this audit further reinforces:
- Transparency as a founding principle. Proton is a Swiss company founded by former CERN scientists, whose code is open source and regularly subjected to public independent audits.
- Robust end-to-end encryption. Your credentials, passwords, and secure notes are encrypted on your device before being sent to the servers: no one, not even Proton, can access them.
- A protective jurisdiction. Hosted in Switzerland, Proton benefits from one of the world's strictest legal frameworks for privacy protection.
Our commitment to your security
Using Proton Pass is part of a broader effort to strengthen our cybersecurity. Beyond the tool itself, we apply the related best practices: unique, randomly generated passwords for every service, mandatory two-factor authentication on sensitive accounts, and regular access reviews.
Security is never a permanent achievement, but an ongoing process of improvement. By sharing this choice with you, along with the independent evidence that supports it, we aim to maintain a relationship of trust built on transparency.
To read the full Recurity Labs report and Proton's official announcement, you can refer to the article published on Proton's blog: Proton's password manager passes audit by top security firm.