Agree!

All other providers make this distinction by default between main address (= account login) and alias addresses. It is a security feature (more precisely, not making this distinction is a security flaw).

Username should not be an email address.

This added security could be a paid account feature.

I agree on the part of this assuming we were to be able to change which email was the main address after we purchase the package.

That's a good idea, I asked last year Proton Mail if they have planned to implement this option but so far, no news :/

I'd love to have this. I give out my aliased email to people I know, but I'd like the ability to keep that one from being able to login to the account. That also makes it so if there's a data breach, on say Equifax, where it exposes my email and password, then the hackers can't then try using that on Proton to gain access to my email and some 2FA options.

I have a lot of different emails, some under my domain and others just under pm.me.

It would be beneficial to allow login to a specific email address, for instance if I use one for work, I can simply login to this email on my work device and have all the email only associated with that account at my fingertips. I realize you can filter out emails based on who they're sent to, however this is just a tedious step in my opinion.

If this is too difficult to implement, I would also suggest perhaps a dropdown or option when logging into a protonmail account to select a specific address to view mail for. Right now, viewing all my email in one box is a bit overwhelming.

@ProtonmailTeam someone should care a bit about curating the feature request lists. This idea has several duplicates:

https://protonmail.uservoice.com/forums/284483-feedback/suggestions/9285396-aliases-without-login-option

https://protonmail.uservoice.com/forums/284483-feedback/suggestions/17676253-disable-login-from-some-all-alias-addresses

https://protonmail.uservoice.com/forums/284483-feedback/suggestions/34398775-with-an-email-alias-users-should-not-be-able-to-lo

Having login credentials that are private and not the same as our email address removes an entire attack face from play and should be a top priority.

I agree with the original poster too!

Having a different login instead of the email you are using (who is public) is not obscurity but it's another 2FA much more convenient and simple to use than the one protonmail provides now.

I'm considering more than publishing your login in the public domain is a security issue!
It potentially exposes you to a bot attack.
Having 5 email aliases means potentially having 5 public logins published for the same account.

And having this feature + the 2FA from protonmail will be 3FA!

This feature is definitely missing for me!

security by obscurity
nah

This is a great idea. A user could use their primary id for logging in ONLY, and use aliases to communicate. This prevents the login id from being exposed.

Rafficer u need to chill and quit trying to hook up with my wife you know Cindy is married, and why are you two sharing ideas just how well do you know my wife mother fucker

I am not sure how much this helps. You have login password, then 2FA and then another mailbox password if you have it enabled. Its probably more useful to increase your password length by 5 characters than try to hide your email. Security by obscurity does not go a long way. I would rather see a feature that allows you to enter a second set of passwords that will open an virtual inbox with empty or some predefined emails which can be used in coerced situations.

Agree with the original poster: I'd like to see logins restricted to one's main email address, or to a username

Agreed.

Username should not be your email.. Look to what fencemail have done..

I would like to be able to have a user name that is different then any of my email addresses to be able to log in to the account and have that user name be the only way to log in, keeping my primary email or alias email accounts from being able to log in.

I do something like this on a company account hosted elsewhere. My primary username is a very obscure word. No email ever goes out with that username, but with the alias for the account.

My main reason for doing this is so that if I start getting lots of spam at that address, I can set up and start using a new alias for any new e-mail and set the old alias to only accept e-mail to those specific users I expect to get e-mail from.

Agree with Joel Drapper

Great solution if you want to separate your private and business lives!