Enhance your cybersecurity with Proton

Share this page

We’re sharing tips on how you can make sure you’ve secured your personal information using Proton. 

When you choose Proton, you’re entrusting us with your personal information. We take this responsibility seriously, which is why we protect your data with end-to-end encryption and zero-access encryption. This prevents us from decrypting and accessing your data, so we cannot use it or share it with a third party.

However, as we mentioned in another cybersecurity article, your cybersecurity relies on your behavior as much as it does on the tools you choose. If you secure your emails, calendars, and files with Proton’s encrypted services but then use “Password” as your password, your information is at risk.

This article explains the steps you can take to keep your account safe and your information private.

Turn on two-factor authentication

As the name suggests, two-factor authentication (2FA) requires a second form of identification besides your password, typically your smartphone or a token that is physically with you. This way, even if an attacker gets a hold of your password, they still cannot access your account without possessing this second factor. 

Proton allows you to secure your account with two different forms of 2FA:

  • An authenticator app on your smartphone that generates time-based, one-time passwords (for example, Authy or Duo)
  • A U2F or FIDO2 hardware security key (for example, YubiKey)

Security keys make 2FA even faster and more secure. With a security key, all you need to do is tap the key to your device or plug it into your device’s USB port.

By turning on 2FA, you make it much more difficult for anyone to take over your account.

Learn how to secure your Proton Account with 2FA

Set up a recovery method

Our use of end-to-end encryption and zero-access encryption means no one but you can access your information — not even us. This also means that if you forget your password, we cannot help you retrieve your information. It will be irreversibly encrypted. 

However, if you set up a recovery method in advance, you will be able to recover all your existing emails, calendars, files, and other data, even if you need to reset your password. Setting up a recovery method only takes a few minutes and ensures you can always get your data back if the worst happens. 

Learn how to set up a recovery method for your Proton Account

Protect your email address with SimpleLogin aliases

Phishing is the most common cyberattack on the internet today, and some messages can be quite convincing. One simple way to avoid phishing attacks is to use email aliases when you give out your email or sign up for services. 

An email alias is an email address that does not store emails, it simply forwards emails to your inbox. However, by using an alias, you can segment who has access to your information. For example, if you receive an email that claims to be from your bank but was sent to the alias you used to sign up for online gaming, you know right away that message is likely a scam. Similarly, if you use a different alias to sign up for each online service, you can shut down a compromised alias in the event of a data breach without affecting your true email address or other aliases.

SimpleLogin joined Proton’s encrypted ecosystem in April 2022. If you have a Proton Unlimited, Proton Visionary, or Proton Business plan, you can use SimpleLogin(new window) to easily create and manage an unlimited number of aliases, allowing you to keep your email address safe.

Learn how to create a SimpleLogin account using your Proton Account

Learn how to connect an existing SimpleLogin account to your Proton Account

Learn how to create aliases in SimpleLogin(new window)

Use Password-protected Emails to send encrypted emails to anyone

Every email you send to anyone using Proton Mail is automatically end-to-end encrypted. But you can still send end-to-end encrypted emails to people that use Gmail, Outlook, and other email services with our Password-protect Emails feature.

This feature lets you extend Proton’s security and privacy to everyone, no matter what email they use. All you need to do is share the password with your recipient (ideally via another end-to-end encrypted messaging service, like Signal) so they can access your email. 

Learn how to send Password-protected Emails

Add advanced protection to your Proton Mail contacts and inbox

Proton Mail’s encryption makes it so that even if our servers are compromised, your emails will remain securely encrypted. Our goal is to minimize the amount of data we have access to, with the reasoning that if we cannot access something, then neither can attackers. This is what led us to develop Address Verification

With Address Verification, you can tell Proton Mail which PGP key it should use to encrypt messages for a specific contact. This eliminates the risk of an attacker fooling Proton Mail with a spoofed PGP key. 

You can also protect your inbox by requiring a PIN or biometric verification (such as facial recognition or fingerprint verification) before you can open our iPhone or Android apps.

Learn how to use Address Verification

Learn how to set FaceID verification on our iPhone app

Learn how to set fingerprint verification on our Android app 

Block ads, malware, and trackers with Proton VPN

A VPN will hide your device’s IP address from your internet provider and the websites you visit, allowing you to keep your online activity private. Proton VPN(new window) takes this level of protection a step further. Our NetShield Ad-blocker(new window) feature protects your device by blocking ads, malware, and online trackers before your browser can load them. Not only does this keep your device secure, it also speeds up your browsing. NetShield is available with Proton VPN Plus and Proton Unlimited plans. 

Learn how to get started with Proton VPN(new window)

Protect your schedule with Proton Calendar

Your emails contain a great deal of personal information, but so does your schedule. It shows who you met with, where you went, and what you did. Stay in control of this personal information with Proton Calendar

Proton Calendar uses the same end-to-end encryption as Proton Mail, meaning no one — not even Proton — can access your schedule’s details. And now you can import your existing calendars to Proton Calendar in only a couple of clicks. 

Learn how to get started with Proton Calendar

Stay in control of your files with Proton Drive

We all have files and photos we want to keep secure but always accessible. Proton Drive makes this possible. It uses the same end-to-end encryption to protect your files and their corresponding metadata. Only you can access your files.

Proton Drive also makes sure you stay in control of the files you share. You can set an expiration date and a password for Proton Drive’s secure file-sharing links, ensuring no one gets unauthorized access to your files. And if you’re concerned, you can turn off any file-sharing link with a single click. 

Learn how to get started with Proton Drive

Thank you for joining us, we hope we were able to help you protect yourselves. 

Proton is working to build a better internet where everyone’s information is protected, and privacy is the default. If that’s a future you support, join us!

Get Proton for free today

Protect your privacy with Proton
Create a free account

Share this page

Richie Koch

Prior to joining Proton, Richie spent several years working on tech solutions in the developing world. He joined the Proton team to advance the rights of online privacy and freedom.

Related articles

The last thing you want when showing funny videos or holiday photos on your phone or tablet to friends and family is for them to see your sensitive and private photos. Although there are third-party apps dedicated to hiding your personal photos and
It can be slightly difficult to encrypt a zip file using the tools available on your Windows or Mac. Unlike encrypting a PDF or an Excel file, there’s no standardized software to use. You’ll need to rely on your device’s built-in encryption methods. 
Last week, the Spanish Presidency of the European Council delayed a vote regarding the Council’s position on the controversial Child Sexual Abuse Regulation (CSAR) due to a lack of consensus over the issue of encryption, among others. This proposed r
At Proton, we’re always working on new and innovative ways to protect the privacy and data of the Proton community. Sometimes that means developing entirely new services, like our Proton Sentinel program, which combines AI and human security analysts
How to unsend an email in Gmail, Outlook, Proton Mail, and Apple Mail
“Undo Send” gives you a chance to stop an erroneous message you’ve just sent. We’ve all done it. You hit Send on an email only to spot you’ve misspelled someone’s name, forgotten an attachment, or accidentally sent a cringing joke to half your conta
Google has already taken privacy washing to the extreme by trying to brand itself as “privacy focused”, even though its business model is based on surveillance.  Lately, the company’s marketing strategy has turned toward outright Orwellian doublespe