"Keep me logged in" option
I really like ProtonMail and use it as my primary mailing service. But one of the most tedious things about it is having to enter the two passwords every time i want to check my e-mail.
ProtonMail keeps logging me out after a few seconds/minutes of closing its tab, so i now have to keep a tab open in order to continuously check my e-mail. Furthermore, i'm using long passwords (in conjunction with Keepass) for more security, so it's not easy to type my passwords every few minutes.
I use ProtonMail on my desktop home computer, so there's no danger from someone having physical access to that PC. There should be a Remember Me/keep me logged in option for cases like this.
I have already communicated this issue to ProtonMail support. They kindly responded that "We applied that feature for security reasons, because many users are using ProtonMail from different devices". I don't really understand what this means, since i'm proposing a system which will keep me logged in on my current desktop computer, the one i,m using right now. Even if it's only for a certain amount of time, px 30 minutes or an hour.
I really hope there's a workaround/solution in the future for this, since ProtonMail is really great and this issue could potentially become a deal-breaker for me.
Alan McMahon commented
I get offered to 'remember me' but if I close my browser, it's start again with 2FA. Very tedious.
Mark Sholund commented
It seems that ProtonMail keeps me logged in now when accessed in my browser - please make this optional - having to log in each time I access Protonmail in my browser is a valuable security option.
Dr. D commented
I see this has been implemented in the new version, but without the ability to disable it.
As other users have noted here, this needs to be an option that is disabled by default, so that users who value security over convenience can stay safe, and users who want the convenience can enable it.
noooooooo please this function is so dangerous because dns can leak your package can be found on untrusted connections and obviously you are seriously wrong if this function is active you are already hacked by yourself and protonmail will have a common weakness platform failiure come on dudes on proton how can be started this rquest are you guys crazy.
End this atrocity Protonmail!
It sucks not to have this feature, but for now you can try the beta site - it keeps you logged in.
This is very frustrating; I am a paying customer. I don't like to keep my browser open while I'm working, but I have resorted to this for the sole reason of staying logged into my email program!
I also do not keep my computer on at night.
I use very long passwords, and it is tedious to have to retype this one constantly all day long. Right now, I am 'suspended' because I misspelled my password three times. I prefer not to use a password manager; copy/paste seems the only solution?
Like many here, my phone keeps me logged in. Even if I turn off my phone, I am still logged into Proton when it's turned on again!
I don't understand why after such a long time, this has not become a feature. I switched to Proton for my business/customer communication. It's an essential feature to me!
I also don't understand why no one from Proton has replied (a real explanation) to this thread? All I can find is one Admin response from -2016- stating this is under review. 2016 is an awfully long time ago - surely I missed one of these admin responses. I hope.
Same here, this really pisses me off. I'm not a paying customer yet, thinking about transition from GMail, but I think I'll wait until this is fixed (probably never, since it's already STARTED for 6 months...).
Don Wills commented
I use email primarily from my desktop which is at my house. Having to login each time I check my email is completely unacceptable. Like other users have commented, I will probably not renew my service unless a permanent login feature on the desktop is available. Maybe the solution is a replacement for Mac OS Mail (my desktop mail program) instead of a browser based solution. If so, make one for Linux too.
I really need this feature. This should be standard any any email service in 2021
It is absolutely ludicrous that we can remained logged in on a mobile device that is far more likely to be compromised than a home PC with disk encryption. I simply do not understand any argument against this.
Man... this is sad. They should at least give us a option!
If this feature isn't implemented by the time my current subscription ends, I probably won't renew.
I'm trying to use Protonmail as my primary, everyday email; not exclusively for being an international spy, etc.
Horațiu Mlendea commented
I tried switching to Proton from GMail but this is unnacceptable. I was going to try it for a week but I will probably won't last through it.
I understand that it's more secure that way, but you have to balance security with comfort and ease of use. Also, making that decision on behalf of all users without giving them an option to change it is very much not ok.
Also, judging from how many people are complaining about this, it seems obvious that eventually you will have to implement it anyway (if you care about your users' wishes, that is). So, why delay it? It's just driving people away needlessly.
All sessions opened on the browser are visible and "active" in Settings/Security section. It says:
Unless you explicitly logout or change your password, sessions can last for up to 6 months. Sessions expire after 2 weeks of inactivity.
But still, if I open a new tab while logged in in one, it will asks to log in again.
I use complicated password + 2FA. I start to procrastinate on the tasks "checking my emails" because of this.
Hey! I may have sussed it! On android at least, if you have your account open then go to compose. Leave the unposted new post open, don't delete or hide it. Seems to work most of the time. Good luck!
It's a feature not a big. Unit 8200 Talpiot Brendan O'connell
Might be a feature not a bug if you know what Talpiot is.
So, how many years will this take??...
At the very least you could allow a 2FA authorization to apply for 30 days (or a week, or even just for one day). Requiring username, password, and 2FA multiple times per day on a secure device within the same browser session is ludicrous! You set cookies, please use them.