"Keep me logged in" option
I really like ProtonMail and use it as my primary mailing service. But one of the most tedious things about it is having to enter the two passwords every time i want to check my e-mail.
ProtonMail keeps logging me out after a few seconds/minutes of closing its tab, so i now have to keep a tab open in order to continuously check my e-mail. Furthermore, i'm using long passwords (in conjunction with Keepass) for more security, so it's not easy to type my passwords every few minutes.
I use ProtonMail on my desktop home computer, so there's no danger from someone having physical access to that PC. There should be a Remember Me/keep me logged in option for cases like this.
I have already communicated this issue to ProtonMail support. They kindly responded that "We applied that feature for security reasons, because many users are using ProtonMail from different devices". I don't really understand what this means, since i'm proposing a system which will keep me logged in on my current desktop computer, the one i,m using right now. Even if it's only for a certain amount of time, px 30 minutes or an hour.
I really hope there's a workaround/solution in the future for this, since ProtonMail is really great and this issue could potentially become a deal-breaker for me.
-
Anonymous commented
Might be a feature not a bug if you know what Talpiot is.
-
Azat commented
So, how many years will this take??...
-
Andrew commented
At the very least you could allow a 2FA authorization to apply for 30 days (or a week, or even just for one day). Requiring username, password, and 2FA multiple times per day on a secure device within the same browser session is ludicrous! You set cookies, please use them.
-
Azat commented
STARTED!!! HALLELUJAH!!!
Waited only for a couple of years for this, I think:)..
EDIT: Uh, three years actually, it seems:)... -
Anonymous commented
This is needed. I appreciate its a security feature, but it could be kept off by default and only done on a per device basis. In my case someone would have to break into my house & gain access to my encrypted PC in order to open an logged in session. If they did, my protonmail account would be the least of my worries. The negligible security gain is easily outweighed by the total pita of having to log into my password manager every hour or two, plus dig out my 2fa app each time I want to view my emails.
-
Anonymous commented
I need this or else I might stop using...
-
Koen commented
Whitelisting a device could be a great solution! I'd love to see it in a future update
-
Anonymous commented
+1
-
Anonymous commented
+1
-
[Deleted User] commented
Glad I found this feedback page. It is really puzzling that this is still not possible. In Settings->Security, the "Session Management" all these old "ProtonMail for web" sessions. Those sessions were my previous sessions from the same (desktop) computer, with the same web browser. So according to the "Session Management", they are still active because I can "revoke" them. If I restart my browser, I'll have to log back into Proton Mail AGAIN and a new session will be created AGAIN -- and one more "old" active session will appear in "Session Management.
This seems to be a bug to me. Why keep those session as "active" while we can't reuse them?!
-
Patrick Coleman commented
Trying out protonmail as alternative for my junk yahoo account. This might be a non-starter for using it.
-
Dima Nirox commented
I completely agree! This kills the whole point of using this email on your personal computer. If all 3 defenses are enabled, the input becomes flour. Password, OTP code, decryptor password.... guys, we have to make these decisions, not you for us. And Yes, I have a paid account with pre-payment for 3 years!!! Give me the right to decide how to use this service.
-
Anonymous commented
This is the only thing keeping me from upgrading to a paid account. It makes no sense from a security standpoint to allow one to stay logged in on phones, but not computers. Make "stay logged in" non-default, give a big red warning, make us confirm every 2 weeks. Fine. But don't do this. Geez
-
Ness commented
Yes, please. I control my browser security by locking my desktop when I walk away. Stop timing out my session please!
-
crmb commented
Protonmail will alway stay a niche product if features like that are not implemented.
-
Anonymous commented
Annoying af. Please implement it.
-
anonymous commented
yes +1 for sure. I don't consider this a feature. make it an option that you have to select but please add it
-
Anonymous commented
I get the idea of the security. But the iOS app keeps me always logged in (I just need fingerprint to see the e-mails, and even that is not the default option).
What's wrong with having the same feature in web - instead of asking me password, 2fa and mail decrypt password, you could simply ask me just the decrypt password after closing my browser. That should still keep the security, but have more convenience.Another option would be to just ask me the 2fa OTP (this is how wargaming.net works), instead of full login every time I close my tab.
-
Anonymous commented
Pls add The feature
-
Anonymous commented
I found this thread, while looking for a way to keep me logged. I hate when a company thinks they know more about how I should be working than I do.
what makes this more rediculous, is that I checked the 'remember me' box, When i click on the protonmail pinned tab the login window opens with my un/pw filled in, but i still have to click the login button to complete the login.. Really? How dumb is that?
since this request has been "Under review" since 2016 its clear that they aren't spending time on user requests. So, if this is something you really want, best look elsewhere.