What are your sources here? Aside from Proton VPN being no-logs already being proved in court, Proton has third-party audits to back up their no logs claims: https://protonvpn.com/blog/no-logs-audit
- is opt-in. You must actively choose to use this feature
- is open-source
- uses an open-source model
- does not use your data to train the model
- doesn't break existing zero-access-encryption
- runs locally on supported devices
- can be run on a Proton-provided no-log server if you choose to
From my understanding Scribe doesn't do anything unless you enter a prompt. And before that you have still have to choose between local or server side before you can even use it.
They only have to comply with Swiss courts, but they're pretty up front about what they can and can't do, including suggesting Tor for anonymity, and the difference between Mail and VPN in Switzerland (VPN is no logs).
"the identity and location of the activist was already known to the French authorities. The fact that Proton Mail was not able to hand over any messages even under legal order proves that our encryption works, and very likely of great assistance to the activist in this case. Had they been using any other email provider, the outcome would have been very different.
"we also provide an onion site for anonymous access (we are one of the only email providers that supports this)."
They also updated the blog:
"Update: In October 2021, Proton won a Swiss court ruling that email services are not telecommunications providers. Consequently, email services are not subject to the data retention requirements imposed on telecommunications providers and are exempted from handing over certain user data in response to Swiss legal orders."
But didn't this prove the opposite? An optional email recovery.. I think other companies would have been obligated to provide far more information, including emails etc..
You can store passkeys directly in Proton Pass and access them via mobile or desktop (which doesn't require additional hardware).
You can also keep a backup on a Yubikey as a webauthn passkey, protected with a pin which will self destruct after enough failed attempts.
A passkey is a cryptographic key pair that stores a private key pair (encrypted) in password manager/server or on a Yubikey etc..) and a public key that is stored on the originating service.