"Keep me logged in" option
I really like ProtonMail and use it as my primary mailing service. But one of the most tedious things about it is having to enter the two passwords every time i want to check my e-mail.
ProtonMail keeps logging me out after a few seconds/minutes of closing its tab, so i now have to keep a tab open in order to continuously check my e-mail. Furthermore, i'm using long passwords (in conjunction with Keepass) for more security, so it's not easy to type my passwords every few minutes.
I use ProtonMail on my desktop home computer, so there's no danger from someone having physical access to that PC. There should be a Remember Me/keep me logged in option for cases like this.
I have already communicated this issue to ProtonMail support. They kindly responded that "We applied that feature for security reasons, because many users are using ProtonMail from different devices". I don't really understand what this means, since i'm proposing a system which will keep me logged in on my current desktop computer, the one i,m using right now. Even if it's only for a certain amount of time, px 30 minutes or an hour.
I really hope there's a workaround/solution in the future for this, since ProtonMail is really great and this issue could potentially become a deal-breaker for me.
ben dover commented
I do not wish for the password to keep me logged in or remembered. It automatically remembers the password allowing anyone to enter this compromises the entire purpose of the site. Anyone with any idea on how to detach the password as I have exhausted all options
proton delete all scammers commented
well if you guys think this is simple your are wrong , proton mail know best like not giving you an option to delete all messages from inbox , they are so backwards now its unbelivable they used to be good
KEEP ME LOGE IN....FOR ME IS DIFFICULT YO GO THROW ALL THIS...THANK YOU FOR YOUR UNDERSTANDIN KALLI PATIDES
PLEASE KEEP ME LOGE IN....TODAY AM NOT AT ALL SATISFIED WITH ????
I use my Linux-based computer with full disk encryption, automatic lockscreen after 10 minutes (even though I live alone and no-one else has physical access to it), I use separate browsers for specific purposes with different combinations of private mode and cookie deletion, a VPN and I top this all off with Firejail to sandbox my software and browser extensions. When I go to check my email, I have to enter a username, password, 2FA, then finally a mailbox password and... I find I can't be bothered before I even start. I have my logins in a password manager but since I'm careful to not run extensions due to the sandboxing, I've had to insecurely save them in a text file and copy/paste them from there instead. No, I don't save passwords in any inbuilt browser password manager. At least I have a lockscreen, FDE and Firejail and my computer always stays in my house, right?
Now, compare this with the Android app:
Login once, set a short PIN. Enter PIN to check or send emails. That's it. Now I'm permanently logged in on a tiny portable device that can easily be shoulder surfed for the PIN and stolen. All on this inherently insecure platform rife with keylogging and screenshotting malware downloadable straight from Google's own Play Store. I don't use the Android app for this very reason, thereby removing the one and only quick and easy way to check my emails.
It's actually easier to use Protonmail with lesser security by using a phone app with a short PIN on a known insecure platform than on a, by comparison, reasonably hardened desktop computer. This is definitely not secure. It's almost like you're hoping to see everyone's email address appear on haveibeenpwned.com. Who's to say that Google haven't stepped aside and let their best friends at the NSA develop the hot new game of the moment and hand it out free to everyone.
I would, in my use case, be happy to see:
"I understand the risks..." message and a selection for something like:
"Set a cookie to keep me logged in for 1 Day / 1 Week / 1 Month / Forever"
I'm pretty certain that I'd set mine to "Forever" due to the confidence I have in my personal setup. Then I'd have just the one extension-free browser to pop up and close multiple times a day. Why not even do this but with a (user optional) PIN? Why such a disparity between phone apps and desktop access? Until then, Protonmail might well be a secure email service but with all the (unnecessary for me) hoops to jump through, it's more of a curiosity for now. Protonmail is definitely not something I'd pay for - I'm not a masochist and I'd feel buyer's remorse for sure. If you can't tell, I like security. I also like usability. The disparity beggars belief when phone app users get all the usability but more serious security enthusiasts get all the hassle. I have an account I don't even use because of all of this. I want to like Protonmail, I really do.
Hello Proton team - can we get an update on this issue as it seems to have been under review for a very long time now.
Proton always remembers my user login (user name & password) & the password for "decrypt mailbox". It could be a browser issue if this info is not remembered.
Why don't you propose this feature ? It does not seem to be difficult technically ?
It would be very useful for many people.
This is also a deal breaker for me :(
I'm just trying protonmail for the first time today. It looks great, but this issue is a deal breaker. I check my email way too many times per day to log in every time.
I have to close my browser often, an this necessity to sign in every time is just frustrating. I JUST switched to ProtonMail as my primary email, and already considering moving to Tutanota, just because they have this feature (although there you can not assign preferred language, which is frustrating in turn).
bob gershkoff commented
I am testing proton out now and wanted to sign up to a paid account. But this issue is a deal breaker for me. Hopefully, something is done about this very soon or I will take my business elsewhere.
yes, please add this feature
Please enable this. I consider my private laptop secure and I want to stay logged in.
It would be a very good option, especially when we use two-factor authentication
Bump! Please implement that!
Lalo Martins commented
Having to log in each time I start the browser discourages me from keeping 2fa on and therefore decreases security. Please fix.
(Or, as someone proposed somewhere — keep asking us for the password, but at least let us “trust” a machine wrt 2fa. Then we can just use the password manager.)
I want ProtonMail to remember me
It's a really important option for me too. I have 2 accounts (on purpose) and have to type 4 complex passwords every morning at work and every evening at home ...
I agree its annoying.