Skip to content

Mick

← The Voice of the Proton Community

My feedback

3 results found

  1. Being able to change/replace the EXTERNAL default mail adress.

    6 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  Accounts & payments » Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Mick commented  · 

    Hold on, are you saying you can't even change the recovery address, now? Christ on a pogo stick.

    An error occurred while saving the comment
    Mick commented  · 

    Absolutely critical, as with all the other threads talking about the alternative emails being usable as logins thing. I've got an ancient email address I used from the mid-90s, and in any breach report, it is rare if it's anything other than that one which turns up. If I stayed with Proton for long enough, this would become the same situation ultimately with my "primary" email here. There were a lot of recent and scarily current credentials in this latest one, which was unusual, and I had to inform my friend who writes music FX software, that somehow, someone has got hold of the account details for his shop which I have never written down except quite recently in my PW manager and now that's on the darkweb too, with all the rest of it. Unless he's had a breach he didn't know about, I haven't the slightest clue how that ended up in a report from NordVPN, and yet that's just some of the nonsense I've been dealing with this weekend.

    I concur with everything the original poster says.

    Mick supported this idea  · 

  2. Choose which alias can log in to Proton

    527 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    61 comments  ·  Proton Mail & Calendar » New feature  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Mick commented  · 

    I've just been for a walk and had a think about this, and I actually had to take a day off work today due to the stress of a possible system intrusion over the weekend.

    The way I see it, there needs to be, at an absolute minimum a CLEAR WARNING before creating them that these will be effectively used as additional log-ins, using the same password. That way, if that's what the user wants, then fair enough. I think it's clear from the fact that there are 4 separate threads about this precise matter with over a thousand upvotes on them then it's clearly a significant community issue, and if it hasn't been fixed by the time my subscription ends, then I'll have to find somewhere else, especially with the inability to delete said emails. I think that's such a glaring omission for a company which markets itself on world-leading security and privacy, that I simply can't beleive it's been left standing for a decade. I can't subject myself to the likes of LastPass or anything similar yet again. It will break me. That's what I have to say about that. Which is a pity because you saved me from the **** of what gmail put me through.

    An error occurred while saving the comment
    Mick commented  · 

    I also notice that you can only delete one email address a year.

    I've just gone in and ticked the "disable" button next to all but two of them and received this message. If, despite rendering it unusable, it can STILL be used to log in, then that's even more preposterous than I thought.

    "By disabling this address you will no longer be able to send or receive emails using this address and all the linked Proton products will be disabled.

    Are you sure you want to disable this address?

    Mick supported this idea  · 

  3. Only allow login with single/main address/username

    869 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    150 comments  ·  Accounts & payments » Accounts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Mick commented  · 

    I've just come here to point out how absolutely ludicrous a security hole this is, especially as I've spent over 5 hours this weekend contacting nearly 200 people about yet another data breach, one of which has recent credentials in it.

    If I had the slightest idea when I signed up that all the additional emails could also be used to log in using the same password, then there was no way I would have done it in the first place. And no I didn't know about aliases or SimpleLogin or whatever because I had just signed up and it was 4 years ago.

    Yes, obviously you need a strong password and 2FA, but as many other people have pointed out, how is it possibly not LESS safe having 15x as many attack vectors.

    As everyone else has said, you should be able to use your default to log in and not give it out to anybody, thus considerably increasing the effort required to break in. As someone who signed up here off the back of three genuinely life-altering cybersecurity incidents, I am astonished that this hole is still there. It really is as bad as WordPress being able to be brute forced out of the box. Though I am heartened that they seem to have finally fixed that.

    Mick supported this idea  · 

Feedback and Knowledge Base

(thinking…)