Dear Proton,

Please implement this feature.

I work in IT for large supercomputing infrastructures, no doubt as your origins are from CERN, you are aware of how easy it should be to implement access rights management feature like this.

Perhaps it could be sufficient to just add 'Access Rights Management' and then a dropdown or checkbox for each e-mailaddress where you can choose the Permissions.

E.g. below

Username 1 or Proton E-mail alias 1 |
Allow login to Proton account?: Checkbox: Yes |
E-mail can be sent from this addres?: Checkbox: No |
Can access services other than Protonmail? Checkbox: Yes |

E-mail alias 2 |
Can login to Proton account? Checkbox: No |
E--mail can be sent from this addres? Checkbox: Yes |
Can access services other than Protonmail? Checkbox: No |

E-mail alias 3 |
Can login to Proton account?: Checkbox: No |
E--mail can be sent from this addres?: Checkbox: Yes |
Can access services other than Protonmail?: Checkbox: No |

In the above manner the primary username is used to login only, and never exposed sending an e-mail.

Furthermore, other e-mail aliases cannot login or access a different Proton service, but just send e-mail, as is their purpose. These aliases can be selected from the already existing dropdown function Protonmail has.

What does this accomplish?

- The benefit of never exposing your username externally, annihilating the first coordinate of the attack surface. If you don't even have a username to begin with, you'd have to guess/bruteforce that too.

- A neat segregation of access rights, it's not necessary to be able to login with all e-mail aliases. Some are only used to send e-mail with.

- We already trust in Proton's sturdy security practices. You don't just get an ISO 27001.
But this approach also eliminates cybersecurity mistakes that might occur from the user end, accidentally exposing an e-mail address that can login, which helps a hacker who now only has to focus on a password and 2FA vector.

What if the hacker obtained our exposed e-mail and sends phishing e-mails (we all know there are sophisticated AI spellchecked & grammatically correct phishing e-mails these days) and we accidentally click on a bad link?

If this hacker obtained our password, but not the username (because we never exposed it) he will try to login with the Proton e-mail alias we use for e-mail only, which he will never be able to login with, because of access management.

Then it all comes down to robustness of security practices in Proton's platform itself, which I trust are already top notch.

Please provide us with this feature and make the picture complete.

I find it really absurd that you can log in with aliases!! Please implement this feature asap!!!
Aliases must be handled like "hide-my-email" aliases.
Thank you very much.

If this is not fixed, I'm leaving protonmail.

related issue: https://protonmail.uservoice.com/forums/284483-proton-mail/suggestions/47611028-choose-which-alias-can-log-in-to-proton

What about those of us who use an alias to login to a different device?

For example: I have an alias for my laptop as my main login is used on my phone, and using rules to keep the email in their own folders.
In this case, by restricting access to aliase logins, it would mean that I'd have to either login using the same credentials on each device, or have a second account for my laptop.

Unless there's another option I'm not aware of?

This is the second most popular Accounts & payments feature (excluding various crypto payment option requests) and it has been requested for over 7 years. Proton, please look into this!

I purchased Proton thinking that I could get the security I need to protect my accounts and email. I intentionally paid for additional addresses so I could manage some for banking and other logins that if there is a data breach someone doesn't start attempting to access my email. Right now I am daily getting attacks against my outlook email. The +alias option is useless because it exposes your real email. the passmail option may not be allowed by some institutions. The way that would have made sense is to block logging into your proton account with anything other than a unique user name that you keep to just proton while using email addresses for your account log ins. Not sure I will continue forward with proton if this option is not created in the near future.

Why isn't it already implemented ?

Its unbelievable that this is still not a feature. I have been reading around the internet and the biggest answer I get is "Proton is a supporter of the idea that security through obscurity isn’t security."

As a paid user? I dont care. I am and I expect my money to going to every bit of security possible, especially if its something that doesnt increase overhead for you and its simple to implement.

For me, my login name is something in no way associated with me and I wish it to be so. I simply dont like the idea of making information like that public. A freakin OUTLOOK can do that. But with proton, as a paid user, I am forced to make my login name public simply by sending an email. I made a switch to proton last year because I wanted to maximise my security. I just learned this is the case and I am starting to regret my decision.

Get yourself together proton. This isnt a feature difficult to implement. Costs you next to nothing.

For people not interested in feature like this, simply make it a toggle in the settings. Not an issue.

+1

Extremely important feature, please implement it. it shouldn't be that difficult to do that. Obscurity is not security but would prefer that the hackers have 0 of the 3 needed info than 1 of the 3 needed info.

I think this is similar: https://protonmail.uservoice.com/forums/284483-proton-mail/suggestions/47611028-choose-which-alias-can-log-in-to-proton

wow, open since 2017 and not fixed?

You are currently able to log in to a Proton service using any of your email aliases. A user should have the option to disable account logins for anything other than their original account username.

I was going to create a similar request in this direction: select the Email Alias/Identities allowed to log in.
This is a feature included in outlook.com
The security benefit is obvious. You can have 1 clean email/alias/identity not shared or used anywhere for login. While the others, even if leaked are useless for login.
In my view, this is a critical one to have.

I think "additional addresses" that I have paid for I should be given the option where I can enable or disable the ability to login using that email address. Because you will not find out about a leak until after the leak or breach happens... There is a lag... Gives time for hackers to try to break into your account. If the additional address is not enabled to be logged in, then there is no way for them to get in. I have 2FA enabled which uses some authenticator app on my phone. But i have heard about phones being taken over. So, much harder to break in an account if they can never get into it in the first place unless they know the account email address. Besides, I do not have faith in some A.I. sential because it has been proven that a lot of A.I. out there has delusions.

Adding my support and real-world use case... Due to my info being exposed in many data breaches I have abandoned several email addresses. On my MS Outlook account I am able to disable logging in with all but one email address. This email address is dedicated to the purpose of login and is never used for sending emails. This limits the risk of the login email being exposed in data breaches. My login email address does not contain my name or any other PII. As stated already, it would be ideal if logging in could be limited to the "user name" only and or 1 email address. Another way to say this is, I want the ability to disable use of any of my Proton email addresses for the purpose of logging into my Proton account. Hope this helps. Kind Regards, M.

I suggest that if we have multiple addresses/aliases on our account, we should be able to choose which ones we can log in with. That would greatly improve our security and privacy. This is possible on other sites like Outlook, where you can have multiple aliases but choose only one to log in with.

Then we could have one address/alias only for login and it would never be shared with anyone or any website.

Or again, if we have aliases to register on sites that are not trusted, they could never use that address to try to log in to our account.

I think this is something very necessary and useful.

It would be as easy as in the ‘Identity and addresses’ section, where our aliases/addresses are listed, to be able to select which ones we can log in with and which ones we cannot.

I hope my suggestion will be useful for many and can be implemented.

Best regards and thank you very much.

Wow, you are absolutely right. They really said exactly what you mentioned in my Reddit post. I don’t really understand their perspective. Maybe they have sophisticated algorithms to prevent it, but I don’t think so. I believe their sentinel is just a logging mechanism with system and human monitoring—nothing more. It seems more like they are being overconfident to me. To me, it’s the same as 15 accounts using the same password. I regret becoming a paid user.

Please Proton Team, this should be an easy security feature to add. I hate that any of my email addresses can be used to log into my entire proton account, I should have the ability to use an email that hasnt been exposed externally as my login, thus preventing any brute force attacks on a compromised address.