As part of our commitment to open source, we maintain the OpenPGPjs encryption library. After some recent code enhancements, OpenPGPjs underwent an independent security audit, the results of which are discussed below. At ProtonMail, our goal is to make encryption as widespread and accessible as possible. We believe a key step toward that is having …

Address Verification allows you to be sure you are securely communicating with the right person, while PGP support adds encrypted email interoperability. Starting with the latest release of ProtonMail on web (v3.14), iOS and Android (v1.9), and the latest versions of the ProtonMail IMAP/SMTP Bridge, ProtonMail now supports Address Verification, along with full PGP interoperability …

With ProtonMail version 3.14 we introduce PGP support, which includes import of PGP keys into ProtonMail contacts for encrypted communication with external PGP users, address verification with trusted keys, and several other improvements. PGP Sending All ProtonMail users can now associate public keys with individual addresses in their contacts to enable encrypted communication with addresses …

As few weeks back, we sent a notice to the ProtonMail community regarding the DDoS attacks that we have been facing. Today we would like to provide a brief update of the situation. Starting on June 27th, ProtonMail started to be hit by sustained DDoS attacks. The attack campaign continues to this day, but there …

Gmail faced a storm of criticism this week over its practice of sharing users’ emails with third-party developers. But Gmail’s failures run much deeper than that: The entire business model is incompatible with a free society. The Wall Street Journal recently published an article highlighting privacy concerns related to Gmail’s use of third-party apps. When users …

With appeals to “national security,” governments around the world are pushing for encryption backdoors that would allow them to break into the secure data of suspected criminals. Simply put, this is a terrible idea.   For decades, law enforcement agencies have lobbied to force technology companies to weaken their own security protocols by adding an …

We’ve always valued our community’s feedback and thrived thanks to your input—whether through our annual survey or your comments on social media. Now we want to go a step further and involve the ProtonMail community in the testing of early stage prototypes. June 21st Update – We have now received enough applications for testers (over 2000 people)! We …

Encrypted email can help you comply with privacy laws, limit the risk of hacks and data breaches, and improve your company’s overall online security strategy. New regulations always create compliance-induced headaches for companies. But in this case, the European Union’s General Data Protection Regulation (the GDPR) presents an enormous opportunity for businesses to improve their …

Recent news reports regarding “eFail” have contained significant errors regarding the security of PGP email encryption. It is necessary to correct the record. Edited May 25th, 2018 to remove the GPGTools recommendation due to the fact that Apple still has not patched certain Apple Mail vulnerabilities. We are the developers of Enigmail, Mailvelope, ProtonMail, and …

Some of your most sensitive data sit on the cloud, on the servers of Internet service providers. Zero-access encryption gives you control over your data online. Most of us would not give our private, personal information to strangers and then trust them not to leak it. But that’s essentially what we do every time we …

Recently, news broke about potential vulnerabilities in PGP, dubbed Efail. However, despite reports to the contrary, PGP is not actually broken, as we will explain in this post. The vulnerability report, which came with its own website, efail.de, has attracted a lot of headlines such as the one below, along with recommendations to disable the …

Donald Trump signed SESTA-FOSTA into law, a policy ostensibly meant to prevent sexual trafficking. In reality, the law undermines free expression online and may even jeopardize the safety of sex workers.   On Thursday, US President Donald Trump signed into law a controversial bill known as SESTA-FOSTA (short for Stop Enabling Sex Traffickers Act and …