Accounts & payments
137 results found
-
easier access to my account management
I'm getting confused how difficult it is to access the management of my account, to see for instance my subscription plan.
I have received an e-mail tell me my plan has been renewed and there is a link to go to a dashboard to be able to cancel or adjust my plan.
Until here everything is fine but when I click on the link I'm redirected to a web page with all the apps and no where I can access my account...
Tried a random app to see if I can access my account, selected calendar but it was the…6 votes -
OAuth flow for external applications to use to access Proton services
Allow developers to implement their own apps integrated to the Proton enviroment and, through an auth flow, get the required permissions to use users accounts
Examples of implementation
Proton Drive SDK (Existing Proton Drive SDK implementation of authentication and app indentification is easily forjable and apps wth bad intentions will store user credentials)
A future Proton Mail SDK (which would allow open email clients like Thunderbird to implement Proton Mail without the need of Proton Mail Bridge)
Proton VPN SDK (An SDK where apps can tunnel requests via a Proton VPN server)
Proton Docs & Calendar SDK (SDK to develop…5 votes -
2 votes
-
Allow security key 2FA without setting up OTP 2FA
I would greatly appreciate if you could allow users to set up 2-factor authentication using a U2F/FIDO2 security key, without also having to set up OTP-based 2FA.
366 votes -
Allow usage of Proton account for posting here
I'm not able to post ideas here using my proton.me or protonmail.com
If I log in with Google it works.2 votes -
Automatically re-enable other email addresses when premium account is reinstated
Just had a very frustrating experience not receiving emails because I had a small lapse in membership and many of my email addressees remained disabled.
9 votes -
Picture for your account
For Your Proton Account you should have a custom profile picture and you can keep it blank if you want
204 votes -
Auditing/logs: Generate a log entry or increment counter for any sent or received emails.
This would be a powerful tool to monitor for covertly diverted or transmitted emails. The log entry would not have to include any information about the email, just that an email was sent or received. It can be left up to the user to correlate it with their messages.
4 votes -
Stop Spam and Bad Actors by Separating Username from Email and Aliases
As Proton user,
I want my username to be completely separate from my email address and aliases
So that bad actors and others that attempt to email any proton domain containing my username will automatically get a 500 5.1.1 Address does not exist and that bad actors who use a list of email addresses to get into my proton account won't be able to because the email addresses they have have nothing to do with my usernameThis will solve two problems. So in future when you sign up for proton you first create a username, thereafter you can register…
2 votes -
Dedicated Account Management Link and/or App
Dedicated Account Management Link and/or App
As a proton user,
I want navigate directly to the account management section from the https://account.proton.me/apps landing page or via a dedicated mobile application
So that I can quickly manage my account settings without the intermediate step of loading a specific service (like pass or mail) first.*this will save a lot of time when needing to make security and other related changes.
2 votes -
Account Recovery Option Obfuscation (Decoy Interface)
Account Recovery Option Obfuscation (Decoy Interface)
As a Proton user with hardened recovery settings,
I want the "Forgot Password" flow to always display all possible recovery methods (Email, SMS, Phrase) regardless of which ones I actually have active,
So that a malicious actor trying to brute-force my account cannot deduce my exact security configuration based on what the UI shows.Acceptance Criteria (AC)
AC 1: Standardized Interface Response
When a user clicks "Forgot Password" and enters their username, the following screen must display the generic tabs/buttons for Email, SMS, and Recovery Phrase.AC 2: Blind Failure for Fake Options
If…2 votes -
Safeguard Preferred Email on Downgrade
Safeguard Preferred Email on Downgrade
As a Paid Proton User,
I want to change my primary account username to any other active Proton alias I own,
So that my preferred email address remains the permanent, primary identifier for my account even if I downgrade to the free tier in the future.2 votes -
Allow to verify and recover from multiple email addresses and/or multiples phone numbers
Currently, you can verify and recover from one email address and/or one phone number.
I wish to be able to verify and recover by multiples of both.To clarify, I'm not looking for a 2 of 2 multisign solution like Phone 1 AND Phone 2, but from Phone 1 OR Phone 2. The same for external email addresses, while we are here.
Why this? Because I live between two continents with 2 relative phone numbers. One almost doesn't work in one continent; the other almost doesn't work in the other one.
2 votes -
Very Expensive for disabled UK pensioner
Offer incentive of discount for loyal customers. Product is great but regretably far too expensive!
When you are a disabled pensioner in the UK, we cannot afford the high "usual" price.
You should be encouraging folk to renew, not leave.
Great product and customer service. Poor unaffordable pricing!
Why increase the "churn rate" when you already have a captive audience?8 votes -
Grace period for deliquent accounts
My credit card company got swallowed up by a larger company and as a result my credit card number was changed. As a result auto-renew failed. Instead of deleting delinquent accounts perhaps put them in stasis for a month or two?
2 votes -
Delayed monitor log deletion with Optional password
Feature request:
Optional separate password protection for wiping security monitor logs.
The password is paired with allowing a user to set a configurable delayed deletion with options of 1, 2 or 3 months. On confirming the logs are to be wiped you must wait for the delay to elapse.
If a user wants to remove the password or change it along with the log protections a predetermined set delay will need to elapse before anything can be altered. A small window of 24 hours or more can be allowed incase the user changes their mind about the password they have…
3 votes -
critical need of PASSKEY & 2FA (BOTH) TO SIGN IN ASAP ASAP its easy for you proton dont wait for votes
my friend saw my both passwords (2 password mode) from behind while i was signing in to proton account, i didnt knew this until he told me and now teasing me but that's not the issue.
the critical issue is that it is possible and successful.
i need to SIGN IN by using PASSKEY & 2FA BOTH so that my passwords remain confidential even if someone see everything while i am signing in.
7 votes -
Recovery phrases shouldn't be instant access – A safer alternative: recovery phrase + delayed access
First of all, I don’t see the real value of the current recovery phrase. If someone securely stores their master password and TOTP seed, those already provide full access to the account – just like a recovery phrase does. So what’s the actual benefit of having a separate recovery phrase in this setup?
Sure, I understand that a recovery phrase that bypasses 2FA is more convenient, but from a security standpoint, it's essentially the same as handing over full access – there's no meaningful distinction.
In practical terms, both a recovery phrase and a written-down master password + TOTP seed…
10 votes -
2FA Authenticator App algorithm upgrade beyond SHA-1
Appreciate 2FA authenticator app support in the solution.
Would like to see support for not just SHA-1 (known insecure) hashing algorithms for code generation but also SHA-256 or SHA-512.
Bitwarden supports SHA-256 in their solution.
17 votes -
Have a sales team that actually answers your requests
On 2 occasions I reached out about our interest for migrating to Proton for business, both times I got an answer telling me how excited you were to help us and asking for more information. I answered twice and never got any answer. Is it because we are too small of a company?
This is very disappointing, we were very interested by your solutions, but I guess we will have to find a different approach to better secure our information...4 votes
- Don't see your idea?