Choose which alias can log in to Proton
Hello Outlook.com now is accepting to choose what alias can be used to login on account to improve security.
Why Proton mail dont do the same thing? with this we are protected from botnets(credential stuffing or brute force), because we can create a alias and dont share the username with anyone.
Thanks
-
unlimited user commented
Been a paid user for years and was surprised to find this security issue doing a personal audit on attack vectors. This is a critical issue so much so that I'm in the process of deleting all aliases so I'm left with a single email address. I will be transitioning to creating hide-my-email alias in proton pass.
This is unfortunate because there is a use case for "permanent" Proton Mail aliases and "temporary" Proton Pass emails. Increasing my attack surface at login is not an option so, again, I will be burning all aliases even though I depend on some of them.
I believe the lowest lift to develop this feature would be to give the user the option to login by username ONLY (no email address derivatives). The ability to select which email alias is designated for the username could be next iteration.
-
Jetsky commented
In line with this would be the ability to set a default email address other than the primary address to avoid accidentally exposing your primary email when writing a new email. It’s all too easy to forget to select an alias address when in the midst of dealing with something pressing.
-
Banja commented
The simplest way to have a 'second password' for our accounts: a not public username for login and , in case it's found out, change it easily. It allows to reduce the surface attack for our accounts.
-
d1mia commented
the ability to use an alias that doesn't give access to the account is an essential security point (and has been proposed by Microsoft for a long time).
This evolution is essential for good security -
Tanner commented
This is really important to me, specifically allowing us to change our underlying username. I assume changing the sign-in email is changing the username.
-
JD commented
If someone knows your password and has access to your second factor (TOTP and/or security keys) you are already so compromised that they probably know what you had for breakfast and can watch you when you go to the toilet. They will know all your aliases, and then some.
This suggestion is naive and misguided. Saying that you want a secret username because you fear you won't be able to keep secret two authentication factors is very silly not to mention contradictory.
-
Garance_D commented
I think this would be a valuable addition to security on my proton-mail accounts, with no downside. I realize the login-account name would use up one of my allotted email addresses, which is fine.
Or maybe add a setting to each email address created, which lets the user specify that that specific email address cannot be used to login to proton's mail servers. That way I could have multiple addresses which *could* login, but I would set the most-visible addresses so that those can never be used for login. I would set that option on any email address that I use on busy mailing lists, for instance.
Disclaimer: I'm still figuring out my way around Proton's features, so I might not have the right idea of the difference between a "proton account" and an "email address"...
-
Forged commented
Fully support this as I can currently log in to my entire proton account (admittedly needing 2FA) with any of 10 different email addresses (some of which are openly available on my website and already get hit with spam so are clearly not secure!).
At least an option to choose a single login username for the account (and sacrifice one custom email address solely for login) would be a compromise. -
mih commented
This is critical
-
K commented
I'm pretty sure this one is also talking about the same feature: https://protonmail.uservoice.com/forums/284483-proton-mail/suggestions/41299552-default-login-address-options
-
K commented
My Outlook.com logs showed that bots / bad actors are regularly trying to sign in using my public addresses. What I did I created a new alias and disabled an option to sign in for everything except this new alias. It's clean now. I'm not going to share / use this alias anywhere. I hope PM will add something similar too. I want a single "private" alias / email address for sign in. Any other address in this account should reject any sign in attempt.
While having a good password is still the most important thing it's nice to have a username no one knows about. -
voyager2bird commented
My preference would be to never use my primary proton account to login to Proton apps. I would prefer to use an alias to do that so my primary is never exposed.
I like the idea of a check box to enable/disable the alias as Login option.
-
anon12333 commented
this has been here since 2020 and still not been implemented. hope they add this in soon so I can actually start using my other emails. commenting here to show people r still interested in this feature
-
CW commented
I absolutely support this request for the stated reasons.
I want my default mail address for outgoing mail NOT to be a login option.My login should preferably be secret. I want to chose my default address for outgoing mail in a way that I can discard it if needed (in case I hit "send" too early "send" or make a similar mistake...).
Currently, I am using a custom domain for my default address. I was completely surprised that I was able to log into Proton with that as my login. It felt like this should not be possible. -
Paul commented
There is a similar idea here https://protonmail.uservoice.com/forums/945460-general-ideas/suggestions/46755520-alias-does-not-enter-the-main-account.
Perhaps they should be merged and votes added together?
-
Paul commented
This is a critical security feature. We should be able to prevent aliases from being used as a login. A simple checkbox next to each alias to prevent it being used as a login would work.
-
Anon303 commented
comment to show that i still care for this to be an option.
Please more people look into this!
And comment your thoughts. -
Daniel Travassos commented
it would be very good to put an alias option, in which it only serves to receive and send emails, without the possibility of logging in with the alias. If any service registered with the protonmail account is leaked, there is no risk of a login attempt, more increasing security and privacy.
-
Anon303 commented
i would love to have the option to change my login like poster, ive come to notice that my inintal login been hacked from gemini crypto page and now my adress is on haveibeenpwned and pastebins, and i get phising mails nonstop.
i wanna be able to change login default mail and have the option to disable the original mail.
Using SimpleLogin like crazy now for all pages and heylogin to get unique passwords for each alias. -
John Dozius commented
Dear Awesome Protonmail people,
I really like the Protonmail function to be able to create multiple e-mail addresses.
This means I can share an e-mail address with a website and they do not necessarily have my main e-mail address.
The benefit of this approach is that should they get hacked or compromised (which is quite likely as webshops are often targets of these types of attacks), the attacker does not have my main e-mail address in their 'loot' so to speak.
In the current situation however, they can still attempt to login with that gained e-mail address and start brute forcing etc.What I would like is to eliminate the possibility for them to login entirely.
I would like to have the option to assign usage rights / privileges to the specific e-mail adresses individually.My intention is to have one master e-mail address, the only e-mail address that can be used to open the Protonmail interface.
I would like all the secondary e-mail addresses to not be able to login to Protonmail, but just be able to send and receive e-mail (while logged in with the master e-mail).
This means, should they be compromised, an attacker isn't able to do anything with the Proton e-mail address / user account information they stole.
(I know of course payment information stored in the webshop database itself is still a risk, but that's a concern I have to take up with the webshop and a different step in the process to create a secure environment.)I am referring to the section 'Addresses and identities'.
Here is what that could look like:
Adresses and identities:
1. E-mail address 1: Master E-mail Rights: All rights, can log into (all) Protonmail (apps, can manage account, subscription etc.
2. E-mail address 2 (shopping): Send and receive Rights: Limited rights, can send and receive e-mail with itself as sender, cannot login to Protonmail or Protonmail apps.
3. E-mail address 3 (old deactivated): Deactivated, archive Rights: No rights, inbox still visible as archived e-mail, cannot login to Protonmail or Protonmail apps.That's just a quick sketch, feel free to change it to your own version. I have more ideas about that if you want.
Anyway, the characteristic of this approach is that some e-mail addresses created should not have all usage rights to Protonmail / apps.
The benefit of this approach would be that if our e-mail address is compromised because a webshop or streaming service has poor security (which is likely at some stores)
our main Protonmail is not at risk of login by a malicious person.Worst case scenario they could send a spam e-mail to you with my approach. Then you could simply deactivate that e-mail address / identity and create a new one for that webshop or streaming service.
In the end our security as Proton users is most important and perhaps this is a good idea to help improve security further.
I hope you all agree and make this idea happen.
Thanks for reading and have a great day all!
John Dozius