Proton's aliases were the main draw for me. I'm ten hours into organising and updating email addresses for all my accounts, and now I find out that you can just log in with any alias... so my login is public-facing all of a sudden.

Protecting an account username is a big part of the picture. Sites will be breached and my aliases (and therefore Proton login) will be out in the world in... I dunno. A few days or weeks. Just let me choose a username.

Please fix this! This was a big reason I moved to proton as I was under the impression that there would only one user name/email address to login which I’d avoid giving out to anyone, there by making my account secure.

This is crucial! It's been 9 years since this suggestion was posted, what is the status?....

What's the point of allowing me to have 15 email addresses if any of them could be used to login to the entire account? I thought I had one truly private one for logging in, drive, pass, and calendars I will not share, another using my nickname for personal contacts and calendar invites, another using firstname.lastname for professional contacts and calendar invites and then one each for other primary accounts, banking, doctors, shopping, forums, and social media. Yeah its not quite as secure as having a hide-my-email alias for every individual account but there's enough of a buffer to only have to disable and create one new address and change a few accounts at a time.

Now I'm sitting here realizing that doesn't work. All 8 of these email addresses are out there in the world and I need to alter everything to hide-my-email addresses, then disable the proton ones because I don't even want the aliases to filter to them because they're known, so I need to create new email addresses for the aliases to forward to. I'm basically redoing everything I did a year ago when I migrated from gmail. And I'm going to have to get on the phone to change at least 25 of these accounts.My doctor's office is going to look at me like I've lost my mind.

And that still won't correct the problem that inviting people to a calendar event will reveal the email address associated with that calendar and thus a proton login option. It's not that I don't trust my personal and professional contacts, it's that people are stupid and give out your email because they're so used to only using one or two for the last 15-20 years. And the second one is usually a work/school one. I was fine with that risk when I thought those two email addresses, which are variations of my real name anyway, couldn't be used to login to my account.

Disregard my last comment:

“Tuta has the exact same problem. Tuta allows login using a Tuta alias, which defeats the value of having the alias. Despite this being a known issue since 2019, it doesn’t appear to be a priority for them to fix. So switching to Tuta doesn’t solve your core grievance. Both services currently share this vulnerability. Keep that front of mind as you read the rest.”

Essential feature. Our business requires an address specifically for logging in; one that is never used to send/receive email.

Look into Tuta Mail.

Are there any decent alternatives to ProtonMail in case they don't sort this out? I've heard AtomicMail are quite good?

Does anybody at ProtonMail actually read these?

I notice a couple of people on page 2 saying "this is finally under review". Where did you find that? Do you have a link, please?

Does anybody at ProtonMail actually read these?

This really is a critical feature for security. Please please consider this.

Proton, why do you have to tease us? This (and others like it) have been frequently requested for 9 years, and in January of this year you merged several similar threads into one and said it was "under review" but now it's back to no longer being under review (aka being ignored). This is such an important security feature... It's almost like 3-factor authentication instead of 2 if bad actors don't even know your user name to log in. Please at least consider implementing this or something like it! Please!?!?

I've been a paid user for more than a year. I noticed this missing critical feature when I subscribed to the premium plan. I had mailed the Proton support back then, got no answer whatsoever. If they are this privacy-focused company as they claim to be, having this feature is mandatory. I hope they implement it soon.

I only realised that any alias can be used to login to any part of the Proton suite when I started using it more. I've kept my initial proton address completely safe, but to what end, I'm not sure now.
Even with 2 step authentication this seems odd.

It's kind of silly this still hasn't been addressed by a potential Google/Outlook alternative. Serious users don't want to have to use a silly SimpleLogin alias for their business emails. I want to be jsmith @ proton.me or johnsmith @ proton.me in my correspondence with clients, not jsmith.420bananastand @ aleeas.com

For those who support this feature, you can also support : https://protonmail.uservoice.com/forums/284483-proton-mail-calendar/suggestions/47611028-choose-which-alias-can-log-in-to-proton

With yet another data breach, this is becoming more and more critical

Critical feature as pointed out already, which currently prevents me from using protonmail the way that was intended

Presently, I can login with all my Proton aliases.
This potentially expands the attack surface for unauthorized logins.
When login to Proton account only with primary Proton email, this will be reduced.

This is such a glaring security issue and it's the only reason I haven't gone for a paid account. I love how smooth and integrated everything is in Proton and would love more features-- but the key one I want is security and I don't want to pay to increase the ease with which my entire account can be compromised if one of my potential alases gets leaked through a hack.