ProtonMail temporarily locked my account for security reasons

ProtonMail’s security system automatically detects and flags any suspicious behavior that looks like an attacker trying to access your account. 

In certain high-risk instances, ProtonMail may also try to block the attacker by temporarily locking your account. While your account will continue receiving emails, this measure protects you by revoking certain privileges, such as reading and sending emails. 

If this happens, you will be asked to change your password to unlock your account. You may also receive an email notification in advance from abuse@protonmail.com with the subject line: ProtonMail Security – change your password immediately. You will know this email is from us because it will arrive in your inbox starred by default.

You will regain full access to your account only by changing your password. This will sign you out of all the other sessions and the attacker won’t be able to access your account anymore.

You should take this action as soon as you receive a notification from ProtonMail or you risk allowing your attacker to change the password and completely lock you out of your account. Please get in touch with our Customer Support team in case this happens. 

How was my account compromised?

An attacker may get your password through one of these methods:

  • Leaked shared password: if you used your ProtonMail password with a different service, your password may have been leaked or sold if the other account was breached. Your password can’t be leaked from ProtonMail because ProtonMail never stores your password.
  • Phishing: you entered your password on a website designed to look like ProtonMail 
  • Keylogger: your computer or your mobile phone was compromised by malware

How can I unlock my account?

To unlock your account, change your password by following these steps:

  • Go to your ProtonMail account Settings
  • Select Account from the sidebar menu and scroll down to Passwords

If you’re using ProtonMail V4 in beta, follow these steps:

  • Click on your display name in the top right corner and go to Manage account. 
  • Select Account from the sidebar menu and scroll down to Passwords

Change your password to a strong password that you haven’t used before with ProtonMail or any other accounts. Do not re-use your ProtonMail password with other services and be careful of phishing attacks

To strengthen your account security, we recommend that you also enable 2-factor authentication. To maximize your account security, use ProtonMail’s security checklist for new account owners.