Accounts & payments
112 results found
-
"Accounts that are inactive for over 3 months may be automatically deleted." Please consider altering that policy.
"Accounts that are inactive for over 3 months may be automatically deleted."
Please consider altering that policy. Three months is way too short a time!Why not 1-2 or more years instead of 3 months?
2,453 votes -
allow us to have whatever spec compliant local-part for custom domain email addresses
when trying to set the local-part for my custom domain email address to "~"
I get this error message:"Only alphanumerics, periods, hyphens, and underscores are allowed in the local part of the email address, and it must begin and end with alphanumerics." all I can say is why?
"it must begin and end with alphanumerics."
this is so arbitrary! it's an email address' local-part not a username..for many years, I have always used ~@myna.me as my email address, before and after I self-hosted my email, I use it for all of my online accounts and and all of…
1,151 votes -
do not use google recaptcha
Seriously ... I HATE GOOGLE RECAPTCHA! Because I actively try to prevent Google tracking me (I've disabled practically every Google domain I can find using my /etc/hosts file), Google is not really aware I exist on the net. As a result, I HAD TO SOLVE TEN--count them--TEN DAMNED CHALLENGES to sign up for this site! (I'm given to understand the following things about ReCAPTCHA: 1) Google does not present as many challenges if it has seen your IP address often, which it won't for me because I actively block them; and 2) the ReCAPCHTA code sometimes presents challenge after challenge…
1,096 votes -
Only allow login with the username/main address, not with every address.
Do not allow that you can log into the account with every address.
If my account name is john.smith then only allow login with john.smith or john.smith@protonmail.com. Not with finance.john.smith@protonmail.com or any other address.
Perfect would be if you would have the choice what address can be used in order to log into your account.
With the current way you have to give away your login username in order to send emails. Hiding the username from the public would be an advantage, since they would have to guess your username and the password. Not only one of them.
741 votes -
Temporarily store 2-step verification
As it’s already (welcome) extra work to enter two passwords, could 2-step verification be implemented so that known devices would only need to be verified again every 30 days or so?
At the moment, with 2-step verification enabled, even a page reload triggers triple authentication, which makes the added security a poor experience.
661 votes -
Integrate with pgp keystore for to addresses
Allow us to provide public keys for our contacts, letting us encrypt emails to people without using protonmail "secure" email with password.
Additionally offer search functionality for one of the well known keystores (MIT, etc) to find public keys for people you're sending emails to.
634 votes -
Shared access to a single email address by multiple users
Non-personal, shared (aka functional) mailboxes are commonplace in businesses - a central mailbox for a particular purpose accessible by multiple users. A similar need is also common for personal use (e.g. each spouse has their own personal mailbox, but also have a shared address for things like bills or school notifications)
1) Best option would be to allow an address to be created and assigned to multiple users within a ProtonMail Organization. That avoids forwarding of emails and also avoids having to log out of one ProtonMail user and then log into another user in order to check the shared…
343 votes -
Duress Password
A password which can be entered in times of coercion to reveal the mailbox password. When used a security mechanism (eg. wiping the mailbox) can be employed
341 votes -
Digi-ID
DifiByte Digi-ID Authentication:
Replaces usernames/passwords by signing you in through the DigiByte blockchain. Phoen scans or copies a unique QR code, and sends the website data to log you in without needing a password/username. httpw://www.digi-id.io. Available for free in DigiByte App on iOS/Android.
276 votes -
Eliminate the .ch domain and leave only the .com
All accounts ProtonMail bring by default the domain .ch and .com
We don't all live in Switzerland
So we don't want to have there the domain .ch
276 votes -
Allow login username to be different from email and aliases
You can effectively make your login username a barrier from even giving hackers a starting point to get into your account. Since with this feature they would need to know your username first. This should squash any determine hacker and allow great protection to long term protonmail accounts for years to come. Thoughts of "working on hacking this account may take time" is diminished wouldnt ya say?
200 votes -
Wrong password limit
I suggest to add incorrect password limits.
a) For IP - eg. 5 incorrect passwords in 20 minuts from one IP will block logging in to ANY account from that IP for eg. 30 minutes.
b) For account (configurable in account settings) - X incorrect passwords in Y minutes/hours will block logging in from ANY IP not added to whitelist (in account settings) for Z minutes/hours and send notification to recovery email.c) After successful login show warning if there were any login attemps (invalid password).
189 votes -
An ideal to stop fishing site
Add a new functionnality where in the settings you can edit a sentence that will be stored encrypted.
It will only be decrypted and shown to you after your enter your login password but BEFORE you enter the mailbox password.
This way if the network is compromised and you end up on a protonmail fishing site, you will only have given the login password and NOT the mailbox password.
This will be especially helpfull when a tor address will be made available.168 votes -
Ability to choose which identity to keep when going back to a free plan.
Please add the feature to allow paid users to decide which identity they get to keep if they return to the free plan.
I signed up with a protonmail.ch address but found myself mostly giving people my protonmail.com address. I want to go back to a free plan now but not being able to change my primary identity to the .com address is a problem.
166 votes -
Add security questions
You can add security questions on resetting password - after clicking link sent to recovery email, before you can enter new password, you should answer two (or three) security questions.
This will be additional security for resetting password.
153 votesAt this point, security questions have been shown to not be an effective way to validate a users identity. At this time the recovery email address is our sole means of identifying users ownership of an account.
-
Dead mans switch / legacy settings / post mortem
set something up where if your account goes inactive (no log in etc) for a settable period of time a preset email will be sent to a preset address.
example i set up something so if i dont log in in 3 or 14 or 30 or 90 days etc (let us choose how long) a message i have already set up for this will be sent..
this would have a few uses and is also a pretty decent fallback to losing your account info if you dont set a 2nd account.. you could even send yourself your own forgotten…
149 votes -
Option to permanently delete (unlink) aliases from ProtonMail account.
To protect ProtonMail user privacy and anonymity, we need an option to permanently unlink (delete) aliases from ProtonMail accounts.
Address counter can stay incremented, but the deleted identity (alias) should not be linked to the main account any more. Unlinked e-mail address should stay permanently disabled to prevent address recycling.
A 7, 14 or 30 day deletion waiting time can be implemented to prevent spammers from abusing ProtonMail aliases.
150 votes -
Disable login from some/all alias addresses
I would like for it to be possible to disable login using some or all the alias names, so that it is only possible to log into protonmail by using my original login name, which I set up when opening my account, and which I keep secret.
139 votes -
Recycle usernames that were barely used/ created and deleted quickly
Recycle usernames that were only used for a short period before being deleted.
On a lot of websites common usernames are used up by people who sign up to try the service out and just delete the account.
Please consider making these usernames available once again.
138 votes -
Tool to import multiple private keys
So we use multiple keys on one account. Eg. to continue using an old key from a previous email account with your new ProtonMail account.
117 votesWe will be adding full key management in the future.
- Don't see your idea?