What is One-password mode?

When ProtonMail was originally released, it was created with a login password and a mailbox password known as the Two-password mode. This was to ensure end-to-end encryption. However, over time, our research team developed a way to provide the same level of privacy and security with just a single password. 

Because this improves ProtonMail’s usability, the One-password mode is now the default for all newly created accounts. For Legacy accounts (those created before December 2016), we also provide the option to switch to One-password mode. However, we will continue to support Two-password mode. More information can be found at the end of this article.

One-password mode

One-password mode removes the need to remember two passwords, making it easier to use ProtonMail. Instead of two passwords, just a single password is required for login.

If your account was created after November 2016, you are already in Single-Password mode. 

1. If you have an older account, you can still activate One-password mode. Click on Settings located at the top right and navigate to Account in the left sidebar. Under the Login password section, select switch to one-password mode.

2. Enter your current login password. You will be taken to a screen where you can set your new single password. Click Save and your account will be switched to One-password mode.  This will be the only password you need to access your ProtonMail account. 

Keep in mind that if you forget your password, you can only reset it if you have a recovery email linked to your account. You will lose the ability to read your old emails after resetting your password. This is due to the end-to-end encryption that we employ, making it impossible for us to read or recover your emails.

Two-password mode

If your account is in One-password mode, it is also possible to switch to Two-password mode. Having two unique passwords boosts your account’s security. However, we still recommend One-password mode for most users.

In Two-password mode, you will be asked to set a login and mailbox password separately. The Two-password mode uses a segregated authentication and decryption system, which means logging into a ProtonMail encrypted email account requires two passwords. 

The first login password is used to verify the identity of the user. The second password is a decryption (mailbox) password that ProtonMail does not have access to. It is used to decrypt data on your device; we do not have access to the decrypted data or your decryption (mailbox) password. This also means we cannot hand over your data to third parties or perform a mailbox password recovery. If you forget your mailbox password, we will not be able to recover your data.

To set up Two-password mode, follow these steps:

1. Go to Settings at the top right and click on Go to settings.

Go to settings

2. Select Password & recovery in the sidebar and activate Two-password mode.

3. You will be asked to enter your old password and a new password. Click Save once you have entered both passwords.