Yup, I can even login with my domain address. That's no good. You can say 2FA is there but why even give attackers a chance to begin with. You can take outlook as an example. If you go to account info > sign in preferences > you can uncheck aliases, you don't want to login with.

I was going to suggest this myself. I just discovered, to my dismay, that *any* of my addresses can be used for login! I had designated one additional address to be "public facing" so that I could share that address freely on the web, without revealing the username for *all* my ProtonMail services... Turns out that is not how things work.

Enable/disable would be an excellent addition. Given a choice, I would only use my original username for login - and that's it.

As a 'ProtonMail Plus' user, I have 5 e-mail addresses that are linked to my personal '@domain.com' plus, the '@protonmail.com' one. I'm only using my '@domain.com' addresses so no one really knows my '@protonmail.com' address. I think it might be interesting to be able to activate or deactivate the login with the addresses we want, so that, in my situation, I can only connect to my account with my '@protonmail.com' address.

In order to prevent others from knowing my login username to my protonmail account, , it woul be very helpful if one could disable or enable the use of additional email addresses as user login name. Currently I can login into protonmail with all my email addresses. But I would like to choose which adress I exclusivley use for login into my account. For this it would be very helpful, if I could enable or disable for every email adress the login option. This would enhance account security drastically because "regulary" used email addresses to not reveal the username of the account.

Good point, I am transferring my votes.

kind of duplicate of https://protonmail.uservoice.com/forums/284483-feedback/suggestions/10641012-allow-login-username-to-be-different-from-email-an

I would suggest to people to also vote the one with most votes.

Agree!

All other providers make this distinction by default between main address (= account login) and alias addresses. It is a security feature (more precisely, not making this distinction is a security flaw).

Username should not be an email address.

This added security could be a paid account feature.

I agree on the part of this assuming we were to be able to change which email was the main address after we purchase the package.

That's a good idea, I asked last year Proton Mail if they have planned to implement this option but so far, no news :/

I'd love to have this. I give out my aliased email to people I know, but I'd like the ability to keep that one from being able to login to the account. That also makes it so if there's a data breach, on say Equifax, where it exposes my email and password, then the hackers can't then try using that on Proton to gain access to my email and some 2FA options.

I have a lot of different emails, some under my domain and others just under pm.me.

It would be beneficial to allow login to a specific email address, for instance if I use one for work, I can simply login to this email on my work device and have all the email only associated with that account at my fingertips. I realize you can filter out emails based on who they're sent to, however this is just a tedious step in my opinion.

If this is too difficult to implement, I would also suggest perhaps a dropdown or option when logging into a protonmail account to select a specific address to view mail for. Right now, viewing all my email in one box is a bit overwhelming.

@ProtonmailTeam someone should care a bit about curating the feature request lists. This idea has several duplicates:

https://protonmail.uservoice.com/forums/284483-feedback/suggestions/9285396-aliases-without-login-option

https://protonmail.uservoice.com/forums/284483-feedback/suggestions/17676253-disable-login-from-some-all-alias-addresses

https://protonmail.uservoice.com/forums/284483-feedback/suggestions/34398775-with-an-email-alias-users-should-not-be-able-to-lo

Having login credentials that are private and not the same as our email address removes an entire attack face from play and should be a top priority.

I agree with the original poster too!

Having a different login instead of the email you are using (who is public) is not obscurity but it's another 2FA much more convenient and simple to use than the one protonmail provides now.

I'm considering more than publishing your login in the public domain is a security issue!
It potentially exposes you to a bot attack.
Having 5 email aliases means potentially having 5 public logins published for the same account.

And having this feature + the 2FA from protonmail will be 3FA!

This feature is definitely missing for me!

security by obscurity
nah

This is a great idea. A user could use their primary id for logging in ONLY, and use aliases to communicate. This prevents the login id from being exposed.

Rafficer u need to chill and quit trying to hook up with my wife you know Cindy is married, and why are you two sharing ideas just how well do you know my wife mother fucker

I am not sure how much this helps. You have login password, then 2FA and then another mailbox password if you have it enabled. Its probably more useful to increase your password length by 5 characters than try to hide your email. Security by obscurity does not go a long way. I would rather see a feature that allows you to enter a second set of passwords that will open an virtual inbox with empty or some predefined emails which can be used in coerced situations.

Agree with the original poster: I'd like to see logins restricted to one's main email address, or to a username