A new Proton Pass feature allows users to securely share credentials with AI agents via “AI access tokens,” aiming to reduce the security risks posed by autonomous AI tools accessing private accounts.
The feature lets users grant AI agents limited, read-only access to selected credentials stored in Proton Pass vaults while maintaining visibility into how those credentials are used.
The launch addresses a growing problem for companies and individuals adopting AI agents for automated workflows. Many AI systems require access to accounts, APIs, or services to perform tasks, but credentials are often shared insecurely through plaintext prompts or broad account permissions.
Proton says its new system allows users to isolate credentials inside dedicated vaults and generate access tokens tied only to those vaults. AI agents can retrieve credentials as needed, but cannot edit or create items inside Proton Pass.
The company also added auditing and expiration controls. Every credential request made by an AI agent is logged and must include a reason for access, giving users a record of what the AI accessed and why. Tokens can also be configured to expire after periods ranging from one hour to one year and can be revoked at any time.
Founded in 2014, Proton is best known for its encrypted email platform, Proton Mail, and has since expanded into VPN, cloud storage, calendar, and password management services. Proton Pass uses end-to-end encryption to protect stored passwords, API keys, payment cards, and other sensitive data.
According to Proton, the feature is intended for both enterprise and personal AI workflows. Example use cases include allowing AI agents to summarize CRM interactions, analyze banking transactions, generate fitness reports, or automate tasks in platforms such as Jira.
The company said the tokens also work with the Proton Pass CLI, allowing developers to integrate them into scripts and automation tools without requiring a standalone AI agent.
AI access tokens are now available at no additional cost for Proton Pass Plus, Proton Unlimited, Pass Family, Pass Professional, and Proton Workspace subscribers.
The launch comes as organizations increasingly deploy AI agents while struggling to secure access to sensitive systems and credentials. Proton’s approach focuses on limiting access scope, enforcing expiration controls, and maintaining audit logs to reduce the risks associated with AI-driven automation.
Leave a Reply