Temporarily store 2-step verification
As it’s already (welcome) extra work to enter two passwords, could 2-step verification be implemented so that known devices would only need to be verified again every 30 days or so?
At the moment, with 2-step verification enabled, even a page reload triggers triple authentication, which makes the added security a poor experience.
-
Antonio Sánchez commented
This is a duplicate of this one: https://protonmail.uservoice.com/forums/284483-feedback/suggestions/17308039-temporarily-store-2-step-verification Please vote there
-
Antonio Sánchez commented
This is a duplicate of this one: https://protonmail.uservoice.com/forums/284483-feedback/suggestions/17308039-temporarily-store-2-step-verification Please vote there
-
Antonio Sánchez commented
It is very annoying having to introduce the code every single time. This should be implemented asap.
-
Antonio Sánchez commented
This feature should be a must. It is really annoying to introduce the code every single time I want to login..
-
Anonymous commented
Can you allow me to "trust" a device - like other websites do - so that I only need my credentials, but not need my 2FA code everytime I log on on my own laptop?
-
Chris commented
Whelp still missing feature and thread is dead since 2016... but here goes. I'm going to have to disable 2fa because I cant feasibly grab my google authenticator every single time i switch PCs. I use 2 laptops and 2 phones. I need this feature for them!!!
-
Sailor commented
This is a very important need. Please respond Protonmail.
-
Anonymous commented
''trust this device '' option is essential
-
T commented
Agreed. I'm trying to create better security habits, but 2FA for every single login is too inconvenient for me to stick with it. I leave 2FA off for now, which is obviously far from ideal.
-
Jonas N commented
Please, please, please. This is literally the ONLY thing that I don't like about ProtonMail. I don't want to disable 2FA for the most important service I use, but this is so, so inconvenient :(
-
Anonymous commented
+1 for this please
-
Anonymous commented
When I restart my browser, I have to re-enter all credentials to the Protonmail website, including 2FA. I understand the security implications of requiring a login: otherwise some data needs to be stored in a cookie that can unlock my mailbox. However, it would be good to have a feature to remember 2FA on a device, so that if I log in from the same browser the next time, I would not need to enter 2FA, only the regular login.
-
Anonymous commented
This is a show-stopper feature for me - ended up turning it off, because it was such a pain. Then switched to another email provider
-
PM commented
I would like a similar experience in the browser that we have with the mobile app. Set an expiration where the user can still unlock quickly with PIN.
A trusted computer browser stores the main logon cookie with no expiration. But this cookie only has an encrypted blog that cannot access the mailbox alone. The 2nd cookie set to expire in X minutes/hours must be combined with a user supplied PIN, and that will decrypt the non-expiring main cookie, which logs the user back into the mailbox.
-
Ryan commented
Any more info on this planned feature? This is the one lacking feature right now.
-
James commented
This is essential, especially with the only method for performing 2FA being TOTP.
This would be slightly more tolerable if FIDO U2F keys were supported, but only slightly.
Honestly, reaching for the phone to get a TOTP code __EVERY_TIME__ I open a new tab is really counter productive to a daily workflow involving ProtonMail.
I have many services that use TOTP codes... and this is the _only_ one that doesn't provide the "Trust this device" mechanism.
-
[Deleted User] commented
Today I disabled 2FA because the annoyance of entering the TOTP every time I close the browser. Please implement a "Trust this device for the next 30 days" option.
-
Julian Benner commented
Having to enter the 2FA code every time is especially annoying on Linux where there is no ProtonMail bridge yet. Please add this asap!
-
FakeCake commented
Last improvement for me before fully switching to ProtonMail :)
-
Aslanex commented
I'm afraid this excessive security makes ProtonMail too difficult to use and therefore 2FA is not widely used. Login remembering or at least 2FA remember is a need for good user experience.