“Don’t trust anyone, question everything”
I use Proton Pass and Ente Authentication (2FA).
I can’t access my Proton Mail without my 2FA, additionally I can’t even access my 2FA without my email address (verification code is sent to my mail to unlock my 2FA codes + I need the master password). If i lose one of them I am screwed you would say, but it’s not the case.
What I did is to write down my Proton Mail Password and its secret code for 2FA + My Ente Authentication credentials (mail + master password). This way I will always be able to access my Proton Mail, even if i lose access to my 2FA app.
This is the worst case scenario, i also have a second phone where i keep Proton Pass and 2FA logged in, so if I lose my main phone, I am not completely locked out.
I am not sure about that particular leak and the kind of data that was leaked, but I am pretty confident about their zerolog policy as today. NordVPN has undertaken not one, but three independent audits, which is more than other known VPNs.
Many websites confirm their clams, like those ones:
https://www.vpnmentor.com/blog/nordvpn-no-logs-policy/ https://www.tomsguide.com/features/nordvpn-logs-is-nordvpn-secure-does-it-keep-logs-and-can-you-trust-it https://www.tomsguide.com/news/independent-audit-confirms-nordvpns-no-log-policy-for-the-second-time
But in the end it is up to you if trust it or not. For me it is pretty good.
I forgot to mention it, i use Aliases for everything, even my 2FA has one. This is basically hack proof, because they will never know the true email address (if they get the hand on my alias) where i receive the verification code. 👍
The only way they could steal your data is if they hack in your smartphone, or if you connect to shady Wi-Fi. Stay Safe Boys!