Let Me Change My Username
My feedback
14 results found
-
30 votes
An error occurred while saving the comment Let Me Change My Username
supported this idea
·
-
205 votesLet Me Change My Username
supported this idea
·
-
684 votesLet Me Change My Username
supported this idea
·
-
23 votesLet Me Change My Username
supported this idea
·
-
128 votesLet Me Change My Username
supported this idea
·
-
371 votesLet Me Change My Username
supported this idea
·
-
71 votesLet Me Change My Username
supported this idea
·
-
55 votesLet Me Change My Username
supported this idea
·
-
34 votesLet Me Change My Username
supported this idea
·
-
1,623 votesLet Me Change My Username
supported this idea
·
-
1,171 votesLet Me Change My Username
supported this idea
·
-
51 votesLet Me Change My Username
supported this idea
·
-
39 votesLet Me Change My Username
supported this idea
·
-
598 votesLet Me Change My Username
supported this idea
·
It isn't very clear to me if this is the correct request or if https://protonmail.uservoice.com/forums/945460-general-ideas/suggestions/45849907-change-username is more appropriate, but here it is.
According to:
https://proton.me/support/change-username
(archived) https://web.archive.org/web/20250803180251/https://proton.me/support/change-username
"When you created your account, you also created a key that was matched to your username. This key allows you to send and receive emails using Proton Mail’s encryption. Changing your username would change the key that was used to send and receive all the emails in your inbox."
Presumably, this is not referring to the PGP key, but a different key. Regardless, however, this explanation does not make sense. Why does that prevent anyone from changing their username?
Think of it like this. Let the following variables exist:
O - the original username
N - the new username
o - the key derived from the original username, "O"
n - the key derived from the new username, "N"
D - the data that is encrypted/decrypted with the username-derived key, in plaintext form
X - the aforementioned data "D", as encrypted by the key derived from the original username, "o"
Y - the aforementioned data "D", as encrypted by the key derived from the new username, "n"
Because the data "D" is encrypted with the key "o", there must exist a function "e_o", where e_o(D) = X.
Similarly, because the encrypted data "X" is decrypted with the key "o", there must exist a function "d_o", where d_o(X) = D.
Given that I could create a new account using the new username "N", it must be possible to achieve similar functions with the key "n".
This means that there must exist a function "e_n", where e_n(D) = Y. There must also exist a function "d_n", where d_n(Y) = D.
Now, in order to change my username from "O" to "N", starting with the data "X" (which is encrypted using the key derived from the original username), all that must be done is the following:
1. d_o(X) = D
2. e_n(D) = Y
That's it. We're no longer reliant on the old key and can switch to the new key.
Given that Proton's services are End-to-End-Encrypted (E2EE), most if not all of the processing of this data should be happening on the user's device anyway, so the load on Proton's side should be minimal.
This doesn't require some insane technical feat of cryptography - all the tools already exist. They MUST exist by the fact that Proton's services work at all to begin with.
More importantly, however, is the fact that I contacted support about this already, requesting more details on why exactly it cannot be done. Despite reiterating that I understand the CLAIMED reason, "we derive a key from your username", I was told TWICE that the main reason was that "we derive a key from your username", completely ignoring the explanation as to why this "reason" doesn't seem to hold water in the slightest.
It could be a paid feature. It could have a 3 year cooldown. It could require typing out confirmation that loss of power could result in permanent data loss. There could be as many roadblocks as you want, but fundamentally, there's no clear reason why it isn't possible.
Most frustrating about all this is the lack of transparency. If there's a genuine technical reason, I'd love to be enlightened on how such a thing could even be possible. I feel quite confident it isn't possible for such a thing to exist, given how simple the idea of "just decrypt and encrypt" is.
If there's a different reason, just say so. Don't lie. Don't hide. If there's no reason other than "we don't feel like it", say so.
I pay for Unlimited because I expect better from Proton.