Only allow login with single/main address/username
Do not allow that you can log into the account with every address.
If my account name is john.smith then only allow login with john.smith or john.smith@protonmail.com. Not with finance.john.smith@protonmail.com or any other address.
Perfect would be if you would have the choice what address can be used in order to log into your account.
With the current way you have to give away your login username in order to send emails. Hiding the username from the public would be an advantage, since they would have to guess your username and the password. Not only one of them.
-
Shreyas Purohit commented
I am not sure how much this helps. You have login password, then 2FA and then another mailbox password if you have it enabled. Its probably more useful to increase your password length by 5 characters than try to hide your email. Security by obscurity does not go a long way. I would rather see a feature that allows you to enter a second set of passwords that will open an virtual inbox with empty or some predefined emails which can be used in coerced situations.
-
ProtonmailComments commented
Agree with the original poster: I'd like to see logins restricted to one's main email address, or to a username
-
spin crisis commented
Agreed.
-
Anonymous commented
Username should not be your email.. Look to what fencemail have done..
-
Anonymous commented
I would like to be able to have a user name that is different then any of my email addresses to be able to log in to the account and have that user name be the only way to log in, keeping my primary email or alias email accounts from being able to log in.
-
Eric Johnson commented
I do something like this on a company account hosted elsewhere. My primary username is a very obscure word. No email ever goes out with that username, but with the alias for the account.
My main reason for doing this is so that if I start getting lots of spam at that address, I can set up and start using a new alias for any new e-mail and set the old alias to only accept e-mail to those specific users I expect to get e-mail from.
-
BoC commented
Agree with Joel Drapper
-
Anonymous commented
Great solution if you want to separate your private and business lives!
-
Anonymous commented
It would be best to separate the login ID from the email address completely. Or allow that option for people who are especially concerned about hackers.
It would be even better if the feature is optional. Just confuse the heck out of anyone trying to hack in!
-
JP commented
I'm with Joel. Usernames are part of your online identity and are not considered private.
-
Joel Drapper commented
This is such a minimal advantage, it would be a waste of time to develop. Adding one more character to your password would do so much more to improve your security.
-
Anonymous commented
f.e.
email: support@protonmail.ch
username: somerandomname
password: somerandompassSo it will be impossibile to login with email address.
-
Anonymous commented
I'm using Protonmail Plus. Really like it so far, but am surprised that I can log in to my account using any of my additional email addresses. The main benefit of having additional email addresses to me is, using different ones for different uses. If I don't want to give out my main email address for whatever reason, I can use a different one which I treat as a throwaway. I still see all emails sent to this address, and don't have to deal with creating a new account. What I'd like to see is that these additional email addresses can't be used to log in to your account. You should only be able to log in to your account using your main email address, which you give out to few, if any, people. This would greatly decrease the likelihood of anyone being able to try and log in to your account; if they don't have the correct email address, how can they? Thanks for all your great work.
-
Anonymous commented
This is feature currently offered by Microsoft and I would love to have in ProtonMail. the idea is to be able to choose which aliases are allowed to sign-in to your account. This way, if one of your aliases is compromised in a data breach, it cannot be used to attempt to hack your email box.
It would be good for ProtonMail too since it will not have to face multiple attempts to carck to its customers' passwords. The very first attempt would be denied.
-
Anonymous commented
The idea to have aliases is submitted many times already. What I would like is that it is not possible to login using an alias and the account password.
Currently, it is possible to login both with the .ch "username" and the .com "username", one of which is an alias. The more combinations of username and login, the higher the chances someone breaks the combination...