How do I upload my backup private keys?

ProtonMail uses PGP for end-to-end encryption. All users have at least one keypair, which consists of two keys: a public key and a private key. The public key can be shared with anyone and is used by your contacts to encrypt their messages to you. The private key is secret (you should never share it) and is used to decrypt incoming messages.

Key import allows you to add existing PGP keys to one of your ProtonMail addresses. If you were using PGP on a migrated domain before you came to ProtonMail, you can import your old PGP key to seamlessly migrate your PGP setup to ProtonMail without having to redistribute your keys to your recipients.

In the case of password loss, you can also import a backup key to restore access to that key and its associated mail. Key import is not supported for contact keys.

There is a limit of 20 keys per address, so if you already have 20 keys, you will need to delete one of the keys in your list to import another one.

See How do I download my public and private keys? for instructions on how to download your PGP keys for your ProtonMail account.

How to upload a private key

1. Log in to the web app at, go to Settings Go to settingsEncryption and keys, scroll down to Email encryption keys and select Reactivate keys.

Button to reactivate you email private encryption keys

2. Click on the File tab and upload a backup private encryption key.

Box to upload your recovery file

3. Click Recover data and enter your password when prompted.

You should now have access to the emails associated with the encryption key(s) you imported.

Note: Make sure that no one except you has access to the key you are trying to import. Never import a key generated by a third party.

The new key is not used by default for encrypting new emails sent to you. To make the new key your default private key, you must set it as the primary key. 

Choose Make primary from the Actions menu to set a new primary key.

Option to make a private email encryption key your primary key