We’re sharing tips on how you can make sure you’ve secured your personal information using Proton.
When you choose Proton, you’re entrusting us with your personal information. We take this responsibility seriously, which is why we protect your data with end-to-end encryption and zero-access encryption. This prevents us from decrypting and accessing your data, so we cannot use it or share it with a third party.
However, as we mentioned in another cybersecurity article, your cybersecurity relies on your behavior as much as it does on the tools you choose. If you secure your emails, calendars, and files with Proton’s encrypted services but then use “Password” as your password, your information is at risk.
This article explains the steps you can take to keep your account safe and your information private.
Turn on two-factor authentication
As the name suggests, two-factor authentication (2FA) requires a second form of identification besides your password, typically your smartphone or a token that is physically with you. This way, even if an attacker gets a hold of your password, they still cannot access your account without possessing this second factor.
Proton allows you to secure your account with two different forms of 2FA:
- An authenticator app on your smartphone that generates time-based, one-time passwords (for example, Authy or Duo)
- A U2F or FIDO2 hardware security key (for example, YubiKey)
Security keys make 2FA even faster and more secure. With a security key, all you need to do is tap the key to your device or plug it into your device’s USB port.
By turning on 2FA, you make it much more difficult for anyone to take over your account.
Learn how to secure your Proton Account with 2FA
Set up a recovery method
Our use of end-to-end encryption and zero-access encryption means no one but you can access your information — not even us. This also means that if you forget your password, we cannot help you retrieve your information. It will be irreversibly encrypted.
However, if you set up a recovery method in advance, you will be able to recover all your existing emails, calendars, files, and other data, even if you need to reset your password. Setting up a recovery method only takes a few minutes and ensures you can always get your data back if the worst happens.
Learn how to set up a recovery method for your Proton Account
Protect your email address with SimpleLogin aliases
Phishing is the most common cyberattack on the internet today, and some messages can be quite convincing. One simple way to avoid phishing attacks is to use email aliases when you give out your email or sign up for services.
An email alias is an email address that does not store emails, it simply forwards emails to your inbox. However, by using an alias, you can segment who has access to your information. For example, if you receive an email that claims to be from your bank but was sent to the alias you used to sign up for online gaming, you know right away that message is likely a scam. Similarly, if you use a different alias to sign up for each online service, you can shut down a compromised alias in the event of a data breach without affecting your true email address or other aliases.
SimpleLogin joined Proton’s encrypted ecosystem in April 2022. If you have a Proton Unlimited, Proton Visionary, or Proton Business plan, you can use SimpleLogin(new window) to easily create and manage an unlimited number of aliases, allowing you to keep your email address safe.
Learn how to create a SimpleLogin account using your Proton Account
Learn how to connect an existing SimpleLogin account to your Proton Account
Learn how to create aliases in SimpleLogin(new window)
Use Password-protected Emails to send encrypted emails to anyone
Every email you send to anyone using Proton Mail is automatically end-to-end encrypted. But you can still send end-to-end encrypted emails to people that use Gmail, Outlook, and other email services with our Password-protect Emails feature.
This feature lets you extend Proton’s security and privacy to everyone, no matter what email they use. All you need to do is share the password with your recipient (ideally via another end-to-end encrypted messaging service, like Signal) so they can access your email.
Learn how to send Password-protected Emails
Add advanced protection to your Proton Mail contacts and inbox
Proton Mail’s encryption makes it so that even if our servers are compromised, your emails will remain securely encrypted. Our goal is to minimize the amount of data we have access to, with the reasoning that if we cannot access something, then neither can attackers. This is what led us to develop Address Verification.
With Address Verification, you can tell Proton Mail which PGP key it should use to encrypt messages for a specific contact. This eliminates the risk of an attacker fooling Proton Mail with a spoofed PGP key.
You can also protect your inbox by requiring a PIN or biometric verification (such as facial recognition or fingerprint verification) before you can open our iPhone or Android apps.
Learn how to use Address Verification
Learn how to set FaceID verification on our iPhone app
Learn how to set fingerprint verification on our Android app
Block ads, malware, and trackers with Proton VPN
A VPN will hide your device’s IP address from your internet provider and the websites you visit, allowing you to keep your online activity private. Proton VPN(new window) takes this level of protection a step further. Our NetShield Ad-blocker(new window) feature protects your device by blocking ads, malware, and online trackers before your browser can load them. Not only does this keep your device secure, it also speeds up your browsing. NetShield is available with Proton VPN Plus and Proton Unlimited plans.
Learn how to get started with Proton VPN(new window)
Protect your schedule with Proton Calendar
Your emails contain a great deal of personal information, but so does your schedule. It shows who you met with, where you went, and what you did. Stay in control of this personal information with Proton Calendar.
Proton Calendar uses the same end-to-end encryption as Proton Mail, meaning no one — not even Proton — can access your schedule’s details. And now you can import your existing calendars to Proton Calendar in only a couple of clicks.
Learn how to get started with Proton Calendar
Stay in control of your files with Proton Drive
We all have files and photos we want to keep secure but always accessible. Proton Drive makes this possible. It uses the same end-to-end encryption to protect your files and their corresponding metadata. Only you can access your files.
Proton Drive also makes sure you stay in control of the files you share. You can set an expiration date and a password for Proton Drive’s secure file-sharing links, ensuring no one gets unauthorized access to your files. And if you’re concerned, you can turn off any file-sharing link with a single click.
Learn how to get started with Proton Drive
Thank you for joining us, we hope we were able to help you protect yourselves.
Proton is working to build a better internet where everyone’s information is protected, and privacy is the default. If that’s a future you support, join us!