What is One Password Mode?

When ProtonMail was originally released, two passwords were necessary to enter your account, a Login password and Mailbox password. This was done for security reasons to ensure end-to-end encryption. However, after extensive and careful study, our research team developed a way to provide the same level of privacy and security with just a single password. Technical details can be found here.

Because this improves the usability of ProtonMail, this is now the default for all newly created accounts. For Legacy accounts (those created before December 2016), we also provide the option to switch to One Password Mode. Two Password Mode will continue to be supported, and more information about Two Password Mode is provided at the bottom of this article.

One Password Mode

singlepasswordmode

One Password Mode removes the need to remember two passwords (Login and Mailbox), making it even easier to use ProtonMail. Instead of two passwords, just a single password is required to enter your account.

If your account was created after November 2016, you are already in One Password Mode. If you have an older account, you can activate One Password Mode within the Account tab of the Settings within your account.

When you click on Switch To One-Password Mode, you will be prompted to enter your current Login Password. Afterwards, you will be taken to a screen where you can set your new single password. This will be the only password you need to access your ProtonMail account in the future. Click SAVE and you will be switched to One Password Mode.

Warning: If you forget your Password, you can only reset your password if you have a recovery email linked to your account. While it is possible to change your Password, if you forget it and reset it, you will lose the ability to read your old emails. This is due to the end-to-end encryption that we employ which makes it impossible for us to read or recover your emails.

Two Password Mode

It is also possible to switch to Two Password Mode from the Settings –> Account page. There is a minor security benefit from using Two Password Mode, since if two complex passwords are selected, the entropy is higher than a single password. However, for most users, we still recommend Single Password Mode.

In two password mode, you will be asked to separately set a Login and Mailbox password. Two Password Mode uses a segregated authentication and decryption system, which means logging into a ProtonMail encrypted email account requires two passwords. The first password is used to verify the identity of the user. After that, encrypted data can be retrieved. The second password is a decryption (mailbox) password which is never sent to us. It is used to decrypt data on your device so we do not have access to the decrypted data, or the decryption (mailbox) password. This means we cannot hand over your data to third parties. For this reason, we are also unable to do mailbox password recovery. If you forget your mailbox password, we cannot recover your data.