Your ProtonMail private key is generated in your browser. Before sending the private key to the server for storage, we encrypt it with your password (or mailbox password if you use two-password mode). This ensures that you and only you can use your private key.
To protect your private key we first use bcrypt to create a hash of your password, using a randomly generated salt that differs for each user. The result is then used to encrypt your private key with AES-256. By hashing it with bcrypt first, we make it much slower for anyone who tries to guess your password to decrypt your private key. We use a different salt for each user, which means that an attacker trying to obtain passwords by brute force will only be able to target one user at a time, further slowing them down.
In general, to protect your private key from being leaked the best approach is to choose a strong password.
In theory someone else who breaks in to my laptop and uses the browser could access this private key. Where is this private key stored in the brower’s local files, and is it recommended to delete this key manually after a Protonmail web mail session?
0
Logging out will delete it.
0
If logging-out deletes a private key, why is this factoid not included in the ‘LOG OUT’ button ?? Eg:
” LOG OUT (Deletes session’s priv key for your safety) ?
My guess is that less than 1% of users might understand that this is done…
0
Closing your browser without logging out will also delete your key.
0
What if I just “X” out of the window without using the Logoff method, will the will still be deleted?
0
Yes, closing the window using “X” will also delete the key.
0
I have a recovery code to reset my password and it is not working.
0
Please contact our support team at contact@protonmail.com or using the support form at https://protonmail.com/support-form.
0
I had a phone crash and cannot access my account. I had two factor authentication installed and can’t seem to use the authentication programs to receive an authentication code. My alternative email is (hidden).
0
Please contact our support team at contact@protonmail.com or using the support form at https://protonmail.com/support-form.
0
Are my password and encrypted private key stored on ProtonMail servers?
If so, is my password encrypted as well?
Would it be possible for a hacker to get my password so he/she could access to my private key?
0
Had to reinstall win7, now I cannot log in.
0
Please contact our support team at contact@protonmail.ch, via the report bug button or using the support form at https://protonmail.com/support-form.
0
Can a private key be downloaded for addition to another key chain?
0
No, for now only public keys can be downloaded.
0
Does my recipient need either key to open emails I send them from proton mail. Someday I am going to understand all this.
0
If sending to another ProtonMail user, the message is automatically encrypted with the recipient’s key and there is no need for any further action.
If sending to a non-ProtonMail user, you can either send an unencrypted message (not end-to-end encrypted, but encrypted with TLS) or you can use the “Encrypt for outside” option: https://protonmail.com/support/knowledge-base/encrypt-for-outside-users/.
0
What prevents private key being stored by the key creator elsewhere? Can I regenerate the key or upload my own where only I know the password (aside from NSA’s RSA backdoor)?
0
The ability to upload your own private keys will be available once full PGP support is added to ProtonMail.
0
My mailbox password is rendered invalid (error message drop-down box) each time it gets used. This happened to the real recipient and to my other address within another email provider. The password works once, then it’s deleted(?), even when proton mail has not been shut down/interrupted.
0
Can you please contact our support team using the support form: https://protonmail.com/support-form, at contact@protonmail.ch or support@protonmail.ch with more details?
0
How was the proper UID added to my pub key(s) i recently downloaded? If i remember correctly, at the beginning of ProtonMail when the service came alive, the one pub key had only a UID like user@protonmail.ch, now i have two pub keys with my surname.name@protonmail.ch or surname.name@protonmail.com
0
The public keys are meant for sharing, and this is why the email address is included in the filename. You can always rename the file after you download it.
0
When I change the password to my ProtonMail account – that means that my private key changes too, right? Does my public key remain the same or change too?
If yes and my keys are changed, does it mean that I won’t be able to read my old emails encrypted with the previous keys?
0
This only applies when you reset the password. If you simply change it, your existing keys remain active.
https://protonmail.com/support/knowledge-base/reset-password/
If you have reset the password and you know the old one, you can reactivate the inactive keys.
https://protonmail.com/support/knowledge-base/restoring-encrypted-mailbox/
0
I M NOT ABLE TO LOGIN EVEN IF I KNOW THE ID & PASSWORD .
I HAVE KEPT IT SAVED IN MY PASSWORD MANAGER . STILL I M NOT ABLE TO LOGIN.
SINCE I HAVE NOT ADDED ANY RECOVERY MAIL I M NOT ABLE TO RECOVER . PLS HELP
0
Please contact our support team: https://protonmail.com/support-form.
0
So resetting the password does indeed generate a new key?
0
Yes, a new key is generated when resetting the password.
0