Accounts & payments
112 results found
-
App-based MFA
I like the way that Discord, Steam, Github, Apple, etc do their logins, which is by a phone app that prompts you with a notification and you have to enter the code that it says on the computer. This would be a really convenient way to log into Proton rather than having to use your phone for 2FA. Some of the apps I mentioned also do a qr code thing to log in which is super convenient as well.
1 vote -
Account recovery (Android App)
Add Password Reset Option Using Active Proton Mail Session
Description
Currently, Proton users who are locked out of Proton Pass but still have an active authenticated Proton Mail session can become permanently stuck in a recovery deadlock.
In my case, I am locked out of Proton Pass and unable to access my stored passwords or recovery codes. Proton Mail is the only session I still have access to. However, when attempting to change or reset my account password from Proton Mail, the system requires entering the current (old) password.
This requirement defeats the purpose of account recovery. If the user…
2 votes -
Being able to change/replace the EXTERNAL default mail adress.
Right now it's basically impossible to properly change / replace the primary external (non-Proton) recovery/login email address — please make it feasible.
As of early 2026, changing the primary external email (the non-Proton address used for account recovery + alternative login) it's impossible. You have to create a new account with a new "external adress" and transfer the data from the old account. Attempt a risky manual deletion → potential lockout stress if anything goes wrong during the transition.
Actually, the core issue isn't the technical difficulty of changing the primary external (non-Proton) recovery/login email — it's the fact that…
6 votes -
Advanced Protection (phishing-resistant MFA)
Implement something similar to Google Advanced Protection or Apple iCloud (phishing-resistant MFA) - e.g. disable all non-phishing resistant (weak) factors when at least two of FIDO2/U2F keys or passkeys are added.
Russian and Belarusian APT groups have been conducting targeted phishing operations to compromise Proton accounts for years. Through sophisticated social engineering tactics, these threat actors trick victims into revealing SMS and TOTP codes enabling unauthorized access to their accounts or accounts takeover. Example:
https://citizenlab.ca/2024/08/sophisticated-phishing-targets-russias-perceived-enemies-around-the-globe/For high-risk individuals such as journalists, activists, and politicians, an account takeover can have extreme consequences, including imprisonment or torture. Training and awareness do reduce…
17 votes -
Setup for catch-all and wildcard aliases with SL & PP
I would like to request support for Fastmail/Migadu-style catch-all aliases in Proton/SimpleLogin, where any email sent to
*@*.example.com—including all subdomains of a custom domain—is automatically delivered to my main mailbox (e.g., example@example.com). This would allow users to receive emails sent to any subdomain without manually creating aliases, simplifying email management while keeping full control over a custom domain.4 votes -
Feature Request: FIDO2 only authentication on new devices
Summary
Add an account security option that enforces FIDO2 security keys as the only allowed 2FA method when a user signs in from a new or untrusted device.Problem / Current Behavior
In the current login flow, when a user has a FIDO2 key enabled the user can fallback to OTP-based 2FA rolling codes. This creates a downgrade path.Desired Behavior (What should change)
Provide a ON/OFF setting such as: “Require FIDO2 security key for new/untrusted devices.”When enabled
• FIDO2 is required when signing in from a new/untrusted device.
• OTP fallback is not offered in that same new/untrusted…7 votes -
Add support of hadware based recovery
Add support of using hardware tokens (such as yubico) as account recovery method.
It is far more secure than sms or recovery email and far more convenient that recovery phrase
15 votes -
Domain Registration
Offer a domain registration service (a la "Google Domains") so we don't have to keep renewing our custom domains elsewhere and Proton can get a buck or 2 for each registration or renewal.
9 votes -
Automatically re-enable other email addresses when premium account is reinstated
Just had a very frustrating experience not receiving emails because I had a small lapse in membership and many of my email addressees remained disabled.
6 votes -
critical need of PASSKEY & 2FA (BOTH) TO SIGN IN ASAP ASAP its easy for you proton dont wait for votes
my friend saw my both passwords (2 password mode) from behind while i was signing in to proton account, i didnt knew this until he told me and now teasing me but that's not the issue.
the critical issue is that it is possible and successful.
i need to SIGN IN by using PASSKEY & 2FA BOTH so that my passwords remain confidential even if someone see everything while i am signing in.
6 votes -
4 votes
-
Add allowing a second email for account recovery, or possibly add multiple email accounts for recovery.
Add allowing a second email for account recovery, or possibly add multiple email accounts for recovery.
This would assure that users can do a recovery, even if the 1st/primary email is not available at any particular time.9 votes -
Very Expensive for disabled UK pensioner
Offer incentive of discount for loyal customers. Product is great but regretably far too expensive!
When you are a disabled pensioner in the UK, we cannot afford the high "usual" price.
You should be encouraging folk to renew, not leave.
Great product and customer service. Poor unaffordable pricing!
Why increase the "churn rate" when you already have a captive audience?5 votes -
Add Recovery Phrase Verification Tool (Without Resetting 2FA)
Description
Currently, ProtonMail users cannot verify whether their stored recovery phrase is correct without initiating an actual 2FA reset process. This creates uncertainty about whether users have properly saved their recovery credentials and could lead to account lockouts if the saved phrase is incorrect.
Feature Request:
Implement a dedicated "Verify Recovery Phrase" option in the security settings that allows users to:
- Input their recovery phrase to confirm it matches the one on file
- Receive immediate confirmation of whether the phrase is correct
- Do this without triggering any actual account recovery or 2FA resetBenefits:
- Peace of…36 votes -
Let users change their Proton account profile picture
Users being able to add a pfp image of their own or whatever pfp they want wether it's 2D or 3D.
19 votes -
Greater Clarity
I have been a bit disappointed with Proton. It seemed to be perfect for me, and I thought the lowest paid subscription would cover all that I needed. I read carefully what was offered, but I soon discovered, one at a time, that I had to up the ante, so I ended up having to pay double what I had expected. That was reluctantly accepted, only for me to discover,which is not clearly stated as far as I can tell, that there is no app for Linux on Proton Drive. That is nearly a deal-breaker for me, and it seems…
6 votes -
Single-page sign-in
I use an Onlykey for password management, 2fa, and passkeys. It'd be nice if there were the option to switch to a single-page sign-in form across platforms and services so that I could save my UN, PW, and TOTP to a single slot.
As it stands, I have to open a text document, use the Onlykey to paste my credentials, and then copy/paste them into the sign-in form. The only alternative right now is to assign the password to one slot, and the TOTP to another. I've only got 24 slots, and I resent having to use more than one…
4 votes -
Multiple Account Registration
Currently, we are unable to register multiple accounts or change payment accounts. Please implement a specification change.
4 votes -
Add a Confirmation Prompt for System-Wide Password Changes
Changing a password on a single Proton service (e.g., Proton VPN) can unexpectedly change the password for all connected Proton services, including Proton Mail and Proton Pass. This can lead to users being locked out of their accounts, especially if they have not set up a recovery method.
This is particularly confusing when using an alias. A user might assume the password change only affects the specific service tied to that alias, not the entire Proton account. I experienced this firsthand; I was lucky enough to get all my data back after a reset.
4 votes -
Easier Management of Multiple Proton Accounts (with Admin/Billing Role)
As a small business owner, I often manage multiple Proton accounts – for example, one for personal use and others for different projects or clients. While Proton is already a great tool, handling multiple accounts could be made a lot more convenient.
What would help:
The ability to link and switch between multiple Proton accounts within the same interface, without constantly logging in and out.
An option to set different billing addresses and email contacts per account. This would be especially useful when managing subscriptions for multiple businesses or teams.
A centralized view where I can see all active subscriptions…
7 votes
- Don't see your idea?