Enhance your cybersecurity with Proton

Share this page

We’re sharing tips on how you can make sure you’ve secured your personal information using Proton. 

When you choose Proton, you’re entrusting us with your personal information. We take this responsibility seriously, which is why we protect your data with end-to-end encryption and zero-access encryption. This prevents us from decrypting and accessing your data, so we cannot use it or share it with a third party.

However, as we mentioned in another cybersecurity article, your cybersecurity relies on your behavior as much as it does on the tools you choose. If you secure your emails, calendars, and files with Proton’s encrypted services but then use “Password” as your password, your information is at risk.

This article explains the steps you can take to keep your account safe and your information private.

Turn on two-factor authentication

As the name suggests, two-factor authentication (2FA) requires a second form of identification besides your password, typically your smartphone or a token that is physically with you. This way, even if an attacker gets a hold of your password, they still cannot access your account without possessing this second factor.

Proton allows you to secure your account with two different forms of 2FA:

  • An authenticator app on your smartphone that generates time-based, one-time passwords (for example, Authy or Duo)
  • A U2F or FIDO2 hardware security key (for example, YubiKey)

Security keys make 2FA even faster and more secure. With a security key, all you need to do is tap the key to your device or plug it into your device’s USB port.

By turning on 2FA, you make it much more difficult for anyone to take over your account.

Learn how to secure your Proton Account with 2FA

Set up a recovery method

Our use of end-to-end encryption and zero-access encryption means no one but you can access your information — not even us. This also means that if you forget your password, we cannot help you retrieve your information. It will be irreversibly encrypted. 

However, if you set up a recovery method in advance, you will be able to recover all your existing emails, calendars, files, and other data, even if you need to reset your password. Setting up a recovery method only takes a few minutes and ensures you can always get your data back if the worst happens. 

Learn how to set up a recovery method for your Proton Account

Protect your email address with SimpleLogin aliases

Phishing is the most common cyberattack on the internet today, and some messages can be quite convincing. One simple way to avoid phishing attacks is to use email aliases when you give out your email or sign up for services. 

An email alias is an email address that does not store emails, it simply forwards emails to your inbox. However, by using an alias, you can segment who has access to your information. For example, if you receive an email that claims to be from your bank but was sent to the alias you used to sign up for online gaming, you know right away that message is likely a scam. Similarly, if you use a different alias to sign up for each online service, you can shut down a compromised alias in the event of a data breach without affecting your true email address or other aliases.

SimpleLogin joined Proton’s encrypted ecosystem in April 2022. If you have a Proton Unlimited, Proton Visionary, or Proton Business plan, you can use SimpleLogin(new window) to easily create and manage an unlimited number of aliases, allowing you to keep your email address safe.

Learn how to create a SimpleLogin account using your Proton Account

Learn how to connect an existing SimpleLogin account to your Proton Account

Learn how to create aliases in SimpleLogin(new window)

Use Password-protected Emails to send encrypted emails to anyone

Every email you send to anyone using Proton Mail is automatically end-to-end encrypted. But you can still send end-to-end encrypted emails to people that use Gmail, Outlook, and other email services with our Password-protect Emails feature.

This feature lets you extend Proton’s security and privacy to everyone, no matter what email they use. All you need to do is share the password with your recipient (ideally via another end-to-end encrypted messaging service, like Signal) so they can access your email. 

Learn how to send Password-protected Emails

Add advanced protection to your Proton Mail contacts and inbox

Proton Mail’s encryption makes it so that even if our servers are compromised, your emails will remain securely encrypted. Our goal is to minimize the amount of data we have access to, with the reasoning that if we cannot access something, then neither can attackers. This is what led us to develop Address Verification

With Address Verification, you can tell Proton Mail which PGP key it should use to encrypt messages for a specific contact. This eliminates the risk of an attacker fooling Proton Mail with a spoofed PGP key. 

You can also protect your inbox by requiring a PIN or biometric verification (such as facial recognition or fingerprint verification) before you can open our iPhone or Android apps.

Learn how to use Address Verification

Learn how to set FaceID verification on our iPhone app

Learn how to set fingerprint verification on our Android app 

Block ads, malware, and trackers with Proton VPN

A VPN will hide your device’s IP address from your internet provider and the websites you visit, allowing you to keep your online activity private. Proton VPN(new window) takes this level of protection a step further. Our NetShield Ad-blocker(new window) feature protects your device by blocking ads, malware, and online trackers before your browser can load them. Not only does this keep your device secure, it also speeds up your browsing. NetShield is available with Proton VPN Plus and Proton Unlimited plans. 

Learn how to get started with Proton VPN(new window)

Protect your schedule with Proton Calendar

Your emails contain a great deal of personal information, but so does your schedule. It shows who you met with, where you went, and what you did. Stay in control of this personal information with Proton Calendar

Proton Calendar uses the same end-to-end encryption as Proton Mail, meaning no one — not even Proton — can access your schedule’s details. And now you can import your existing calendars to Proton Calendar in only a couple of clicks. 

Learn how to get started with Proton Calendar

Stay in control of your files with Proton Drive

We all have files and photos we want to keep secure but always accessible. Proton Drive makes this possible. It uses the same end-to-end encryption to protect your files and their corresponding metadata. Only you can access your files.

Proton Drive also makes sure you stay in control of the files you share. You can set an expiration date and a password for Proton Drive’s secure file-sharing links, ensuring no one gets unauthorized access to your files. And if you’re concerned, you can turn off any file-sharing link with a single click. 

Learn how to get started with Proton Drive

Thank you for joining us, we hope we were able to help you protect yourselves. 

Proton is working to build a better internet where everyone’s information is protected, and privacy is the default. If that’s a future you support, join us!

Get Proton for free today

Protect your privacy with Proton
Create a free account

Share this page

Richie Koch

Prior to joining Proton, Richie spent several years working on tech solutions in the developing world. He joined the Proton team to advance the rights of online privacy and freedom.

Related articles

With over 33 million registered users and more than 100,000 business customers, LastPass is one of the world’s most popular password managers. After an escalating series of highly-damaging disclosures over the last few months, LastPass has now admitt
Email headers are the hidden part of emails containing vital information to identify and authenticate messages. Learn how to read them to spot spam and stay secure. Have you received an unexpected email from a strange address? Is it actually from so
The United States is notoriously weak on privacy laws. With its secret surveillance courts and all-powerful spy agencies, the US has many tools to collect data on people within its jurisdiction and beyond. Recently, that power has been used to prose
When you encrypt files on your computer, it’s like storing them in a vault: Only someone with the correct key can access them. That’s useful if you’re concerned about hackers stealing your most sensitive documents or companies scanning your data for
Two-factor authentication (2FA) is an extra layer of protection for online accounts that requires you to use more than just your username and password to log in.  With 2FA enabled, you can protect access to your online accounts even if your password
Internet users of a certain age might recall earlier days of personal computing, with stacks of labeled floppy disks or CDs lying around the office. Those have all but disappeared thanks to the widespread availability of cloud storage, which took off