Skip to content

Accounts & payments

93 results found

  1. Wrong password limit

    I suggest to add incorrect password limits.

    a) For IP - eg. 5 incorrect passwords in 20 minuts from one IP will block logging in to ANY account from that IP for eg. 30 minutes.
    b) For account (configurable in account settings) - X incorrect passwords in Y minutes/hours will block logging in from ANY IP not added to whitelist (in account settings) for Z minutes/hours and send notification to recovery email.

    c) After successful login show warning if there were any login attemps (invalid password).

    112 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Change Username

    Right now if I sign up as username@protonmail.com, there's no way to change it, for instance to user.name@protonmail.com. Even though u.serna.me@protonmail.com and use.rname+change@protonmail.com already goes to username@protonmail.com.

    Seems like we should be able to change this if we like!

    16 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. SSO support

    Allow employees to login using central user repository such as AD or OneLogin, typically using SAML.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Add security questions

    You can add security questions on resetting password - after clicking link sent to recovery email, before you can enter new password, you should answer two (or three) security questions.

    This will be additional security for resetting password.

    72 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    At this point, security questions have been shown to not be an effective way to validate a users identity. At this time the recovery email address is our sole means of identifying users ownership of an account.

  5. Allow login username to be different from email and aliases

    You can effectively make your login username a barrier from even giving hackers a starting point to get into your account. Since with this feature they would need to know your username first. This should squash any determine hacker and allow great protection to long term protonmail accounts for years to come. Thoughts of "working on hacking this account may take time" is diminished wouldnt ya say?

    166 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    37 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Put a country flag in security log entries

    The security log fails to give the user a clear idea of who logged in. Just by the time and some ip adress it's difficult to distinguish me from a hacker.
    Therefore, I propose there is a country flag in the security log entries. This way I can just take a quick look at the logs and if somehow someone in say cuba, china, russia whatever logged in, I know for sure that wasn't me.
    Now obviously a hacker would use Tor or some other form of proxy but that proxy would still most likely be located in some other…

    65 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under review  ·  9 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Remove the .ch domain

    All accounts ProtonMail bring by default the domain .ch and .com

    We don't all live in Switzerland

    So we don't want to have there the domain .ch

    115 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under review  ·  67 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Import private keys

    So we use multiple keys on one account. Eg. to continue using an old key from a previous email account with your new ProtonMail account.

    59 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Duress Password that wipes emails

    A password which can be entered in times of coercion to reveal the mailbox password. When used a security mechanism (eg. wiping the mailbox) can be employed

    292 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under review  ·  33 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Dead mans switch / legacy settings / post mortem / data inheritance

    set something up where if your account goes inactive (no log in etc) for a settable period of time a preset email will be sent to a preset address.

    example i set up something so if i dont log in in 3 or 14 or 30 or 90 days etc (let us choose how long) a message i have already set up for this will be sent..

    this would have a few uses and is also a pretty decent fallback to losing your account info if you dont set a 2nd account.. you could even send yourself your own forgotten…

    187 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    37 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Buy additional aliases

    Make it possible, to create new aliases for just <1€ per alias (lifetime price)

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  7 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Fingerprint/ Image Login Password

    Fingerprint/ Image Login Password

    42 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under review  ·  5 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Separate Notification Email and Recovery Email Addresses

    Please separate the notification email and recovery email fields, so that it is possible to set each one individually. For example, a user may wish to set up a notification email address that cannot initiate account recovery. Another user may also wish to set up a recovery email address that does not receive notifications for incoming emails.

    That would be useful to use with a less-trustworthy email provider or a less-secure account, so that users can receive notifications without worrying about a malicious actor resetting the user's ProtonMail password from the notification email account. Thanks.

    19 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
1 2 3 5 Next →
  • Don't see your idea?

Accounts & payments

Categories

Feedback and Knowledge Base