I didn't realize login was allowed with aliases until I saw this suggestion. This is scary. I don't see any benefit to the user to be able to login with say 5 different email addresses for the same account. If they are the real account owner, they should have no issue securely storing the credentials for the main/login account (whether this is the original one, or something chosen as others have suggested). Allowing login from any alias just increases the likelihood of an unauthorized party gaining access.

I propose this feature to increase the security of the account.

So, right now, if an account owner connects his domain to Proton and creates several additional email addresses, each of these addresses can be used to log in to the owner's account.

I propose to introduce the ability to prohibit login using certain emails.
For example, when creating an account with Proton, the account looks like this: john.doe@protonmail.com

John connects his "example.com" domain to his account and creates new email addresses: john.doe@example.com, john.deere@example.com

John can use each of the three addresses to log into his account.

A new feature is proposed to make it so that John can deny logging in to his account from e.g. john.deere@example.com. Or all of them, except for any one, so that John won't block himself.

Any email that I have floating out there on the internet, I do not want to be able to have that used to log into my account. I would love to be able to choose which email address supports logging in.

This would be an awsome feature. Would also add a lot of security.

This! Being able to select which username or email address used to log in would be a beneficial security feature. Please implement this!

This is a very important and critical security feature to my setup. It is also a highly requested feature judging by the number of votes. Please review this and plan on adding it. As other have mentioned Outlook already offers this feature so it seems doable.

This is a feature I use wtih my Outlook account. I was brute forced with my email address that was compromised by a 3rd party data breach. Thankfully 2FA stopped them but after the attempt I looking into their security features and was able to disable login capabilities from the account that they were using.

Being able to deselect aliases used for login attempts would enhance security by minimizing attack surfaces. Please prioritize this feature.

A basic privacy and security thing to do would be to not give away any login credential information to anyone...

But of course if everytime we send an email (main address or not) we also send half of our login credential to the recipients, then something have failed in the whole idea to create a private and secure service!

Please implement this feature!

Reading some of the posts below that don't think this is valuable, from experience, it worked for my account. I had an account that was consistently attempted to be logged in from hackers. I disabled that alias from login and the attempts disappeared. so it does work.

For additional security, I would like to have the ability to disable all the alias email address from the ability to sign into the account. I was planning to use the primary email address as the admin address and not send or distribute email from that address. This reduces the risk of hacking accounts. ideally, allow the user to allow login from the username only.

Outlook.com has a similar feature.

I have reported that the most important thing is working

For those who can create multiple addresses... This is being able to select the email address or username with which you want to log in on your protonmail account. Thus, if you cannot log into your protonmail account with the addresses used for account creation on other websites (potentially made public) but you must log in with the "secret" email address that you have chosen or the username, the security of your protonmail account will be greatly improved. If I do not make a mistake and if I did not miss such an option, at this time it will not only be necessary to discover the code but also the email address or the username to access your account .

I was just about to suggest this! +1

Yup, I can even login with my domain address. That's no good. You can say 2FA is there but why even give attackers a chance to begin with. You can take outlook as an example. If you go to account info > sign in preferences > you can uncheck aliases, you don't want to login with.

I was going to suggest this myself. I just discovered, to my dismay, that *any* of my addresses can be used for login! I had designated one additional address to be "public facing" so that I could share that address freely on the web, without revealing the username for *all* my ProtonMail services... Turns out that is not how things work.

Enable/disable would be an excellent addition. Given a choice, I would only use my original username for login - and that's it.

As a 'ProtonMail Plus' user, I have 5 e-mail addresses that are linked to my personal '@domain.com' plus, the '@protonmail.com' one. I'm only using my '@domain.com' addresses so no one really knows my '@protonmail.com' address. I think it might be interesting to be able to activate or deactivate the login with the addresses we want, so that, in my situation, I can only connect to my account with my '@protonmail.com' address.

In order to prevent others from knowing my login username to my protonmail account, , it woul be very helpful if one could disable or enable the use of additional email addresses as user login name. Currently I can login into protonmail with all my email addresses. But I would like to choose which adress I exclusivley use for login into my account. For this it would be very helpful, if I could enable or disable for every email adress the login option. This would enhance account security drastically because "regulary" used email addresses to not reveal the username of the account.

Good point, I am transferring my votes.

kind of duplicate of https://protonmail.uservoice.com/forums/284483-feedback/suggestions/10641012-allow-login-username-to-be-different-from-email-an

I would suggest to people to also vote the one with most votes.