How to activate FaceID, TouchID, and PIN code lock on the ProtonMail iOS app

When logging in to the iOS application for the first time, your login password will be securely saved on your device to allow you to easily access and send encrypted email.

To add an additional layer of protection, the iOS application can be locked with FaceID, TouchID, and/or a PIN code.  These can be set to lock your account after a certain duration or every time the app is closed.

You can activate either FaceID, TouchID, or PIN protection — or you can choose to activate both FaceID or TouchID and PIN protection. If both biometric and PIN protection are turned on, the biometry will be the default access method; however, if for some reason you do not have access to FaceID or TouchID, you can cancel this prompt and enter a PIN to unlock the device. If no PIN lock is set and the FaceID or TouchID prompt is cancelled, your account will require the login password to log back in.

Why you should activate FaceID, TouchID, or PIN protection

Typically, smartphone apps rely on your device’s built-in security system to keep your local data safe. However, ProtonMail operates on a heightened threat model. For that reason we have included in the ProtonMail iOS app a powerful security feature called the AppKey Protection System, which is a layer of encryption on top of the built-in iOS security system.

To enable AppKey, all you have to do is turn on FaceID, TouchID, and/or PIN protection to automatically take advantage of this feature. When enabled, your sensitive Proton data can still be secure even if your device is compromised. Visit our iOS security recommendation article to learn more about AppKey.

Activating FaceID or TouchID

  1. Ensure your Passcode is activated in the system Settings of your device.
  2. Within the ProtonMail app, visit the Settings in the side Menu.
  3. Scroll down and select the FaceID or TouchID toggle so it turns green (TouchID version shown below).
  4. Mobile Settings - Protection - Enable TouchID
  5. Once you have activated FaceID or TouchID you can set the “Auto lock time”, which is the amount of time before you will be required to re-authenticate.

Activating PIN lock

  1. Within the ProtonMail app, visit the Settings in the side Menu.
  2. Scroll down and select the Enable Pin Protection toggle so it turns green.
  3. Mobile Settings Pin lock menu
  4. Enter a 4 digit pin and select Create
  5. Enter the same 4 digit pin again and select Confirm

Set Auto Lock Time

Auto Lock Time is the default time that will lock your account and require your FaceID, TouchID, or PIN to be entered.

  1. Within the ProtonMail app, visit the Settings in the side Menu
  2. Select Auto Lock Time and choose the desired time elapsed. This time is calculated based on the last time the app was entered.
  3. Setting Auto lock time