Accounts & payments
125 results found
-
Only allow login with single/main address/username
Do not allow that you can log into the account with every address.
If my account name is john.smith then only allow login with john.smith or john.smith@protonmail.com. Not with finance.john.smith@protonmail.com or any other address.
Perfect would be if you would have the choice what address can be used in order to log into your account.
With the current way you have to give away your login username in order to send emails. Hiding the username from the public would be an advantage, since they would have to guess your username and the password. Not only one of them.
900 votes -
Integrate with PGP keystore for 'to' addresses
Allow us to provide public keys for our contacts, letting us encrypt emails to people without using protonmail "secure" email with password.
Additionally offer search functionality for one of the well known keystores (MIT, etc) to find public keys for people you're sending emails to.
392 votes -
Duress Password that wipes emails
A password which can be entered in times of coercion to reveal the mailbox password. When used a security mechanism (eg. wiping the mailbox) can be employed
390 votes -
Log in to Proton Account with FIDO2 / WebAuthn ( Passkeys / Passwordless )
With the rise in account takeover, password breaches, and the complexity of managing hundreds if not thousands of account credentials and their MFA, a better solution is needed that simplifies and offer bullet-proof protection against phishing and account takeover attacks.
Many services like 1Password, Yubico/Yubikey, and Apple offer the ability to generate and securely store passkeys that can then be used to authenticate to services that support WebAuthn/FIDO2. I strongly recommend that ProtonMail, ProtonVPN, ProtonDrive, ProtonCalendar, etc. to support passwordless/passkeys in the near future to stay on top of security and ensure that its customers are properly protecting their accounts.
…
364 votes -
Allow security key 2FA without setting up OTP 2FA
I would greatly appreciate if you could allow users to set up 2-factor authentication using a U2F/FIDO2 security key, without also having to set up OTP-based 2FA.
352 votes -
Temporarily store 2-step verification
As it’s already (welcome) extra work to enter two passwords, could 2-step verification be implemented so that known devices would only need to be verified again every 30 days or so?
At the moment, with 2-step verification enabled, even a page reload triggers triple authentication, which makes the added security a poor experience.
274 votes -
Paid plans should provide option to hide promotional ads
Option to hide promotions / ads for proton. Would probably need to be a paid feature. For me the main appeal of protonmail is the lack of ads based on by my emails, lack of calendar events auto created based on my emails, and lack of ads in the interface. I consider the button that says "Get Proton Family" to be an ad.
263 votes -
Allow login username to be different from email and aliases
You can effectively make your login username a barrier from even giving hackers a starting point to get into your account. Since with this feature they would need to know your username first. This should squash any determine hacker and allow great protection to long term protonmail accounts for years to come. Thoughts of "working on hacking this account may take time" is diminished wouldnt ya say?
257 votes -
Stop Advertising Upgrades to Paying Customers
Stop advertising to paying customers to upgrade their Proton Pass. These UI elements are intrusive and disrupt users who have learned how to navigate the Proton Pass experience.
The UPGRADE button is bigger than the button for me to create a new entry, why do I see this when I already have a subscription?
245 votes -
Picture for your account
For Your Proton Account you should have a custom profile picture and you can keep it blank if you want
198 votes -
Unusual login notifications
If somebody attempts to login to my account from an unusual location, I'd like to receive an email to a couple of email addresses: 1 my proton email; 2 an alternate email (e.g, gmail). Another alternative is receiving an SMS.
191 votes -
Different passwords for mail, vpn, and drive
If I am to use ProtonMail, ProtonVPN, and ProtonDrive on a number of devices, it seems to me that having all of these secured by a single passphrase is an unacceptable risk. Having the option to secure each of these with a different password would be a significant improvement. Indeed, without this, I think I will be very reluctant to use all of these and rely upon them.
176 votes -
Show the Proton account creation date in the settings
To mark the 10 years anniversary of Proton, many look back at when their accounts were created. Showing a simple "Account created on ...." on the Dashboard or Account section of the settings would be nice to keep the date in mind. Also that helps knowing when anniversary storage drops will fall! :D
157 votes -
I would very much like to have My preferred icon rather than mere initials on My account.
All other places I have been allowed Me to personalize the icon, but I see no way to upload an image to use, and would like very much for that to be an option.
155 votes -
Wrong password limit
I suggest to add incorrect password limits.
a) For IP - eg. 5 incorrect passwords in 20 minuts from one IP will block logging in to ANY account from that IP for eg. 30 minutes.
b) For account (configurable in account settings) - X incorrect passwords in Y minutes/hours will block logging in from ANY IP not added to whitelist (in account settings) for Z minutes/hours and send notification to recovery email.c) After successful login show warning if there were any login attemps (invalid password).
130 votes -
Remove the .ch domain
All accounts ProtonMail bring by default the domain .ch and .com
We don't all live in Switzerland
So we don't want to have there the domain .ch
130 votes -
Put a country flag in security log entries
The security log fails to give the user a clear idea of who logged in. Just by the time and some ip adress it's difficult to distinguish me from a hacker.
Therefore, I propose there is a country flag in the security log entries. This way I can just take a quick look at the logs and if somehow someone in say cuba, china, russia whatever logged in, I know for sure that wasn't me.
Now obviously a hacker would use Tor or some other form of proxy but that proxy would still most likely be located in some other…117 votes -
Send an email notification when a new device accesses my Proton account
For more security, it would be fundamental for me to have an email notification every time a new device and/or ip address connects to my Proton account.
Without an email notification that tells you that a new device and/or ip address accessed your Proton account, you have to go and check manually, and on a daily basis, if all the accesses are yours or not.
And it's impossible remember whether it was you by simply seeing "from iPhone/Mac" or by the IP address (especially if you use a vpn and it changes!).
An email notification will let you know immediately…
114 votes -
Delete (unlink) aliases from ProtonMail account
To protect ProtonMail user privacy and anonymity, we need an option to permanently unlink (delete) aliases from ProtonMail accounts.
Address counter can stay incremented, but the deleted identity (alias) should not be linked to the main account any more. Unlinked e-mail address should stay permanently disabled to prevent address recycling.
A 7, 14 or 30 day deletion waiting time can be implemented to prevent spammers from abusing ProtonMail aliases.
111 votes -
Create your own plan. Select your services
Why not be able to create a selected plan like those who really want unlimited but have no need for the wallet?; or the calendar many average users have no need for a calendar. Lots of people do not use crypto or even know how to use crypto it would make the primary services more available and in turn give you more subscriptions???
103 votes
- Don't see your idea?