How to recover your emails and other encrypted files after a password reset (data recovery)
If you reset your Proton password by email or phone, you won’t be able to read your existing emails and other encrypted files due to the encryption that we use. Note that this only happens when you reset your password by email or phone (for example, when you forget it) and not when you change your password(neues Fenster).
Here we explain how you can recover your encrypted data after resetting your password by email or phone. Note that if you reset your password using your recovery phrase, you’ll automatically restore full access to your existing messages and other encrypted data.
In this article, we’ll cover:
- Warning when you need to recover your data
- Recovering your data if you remember your password
- Recovering your data using your recovery phrase
- Recovering your data using your recovery file or backup encryption key
- Recovering your data using device data recovery
Note if you’re using two-password mode
The default password setting in Proton Mail is one-password mode.
If you use two-password mode with one password to sign in to your Proton Mail account and a second password to decrypt your mailbox, resetting either of these passwords will revert your account to one-password mode. It will make your existing emails and other encrypted data unreadable.
As with one-password mode, you can follow the steps below to recover your data if you know your mailbox password or have set a data recovery method.
Warning when you need to recover your data
If some of your data is encrypted and needs to be recovered after a password reset, we warn you in the web app. You’ll see this red warning banner:
Your emails cannot be decrypted due to a recent password reset. If you remember your previous password, you can re-activate the previous key in order to access your messages.
Or you may see this error message at the top of an email:
Decryption error: decryption of this message’s encrypted content failed.
When you see these warnings, you can use one of the three data recovery methods below to decrypt and recover your data.
Recovering your data if you still remember your password
1. Click Settings → All settings → Encryption and keys and click the Reactivate keys button.
2. Click on the Password tab and enter your previous password in the space provided.
3. Click Recover data and enter your current password when prompted.
Recovering your data using your recovery phrase
1. Click Settings → All settings → Encryption and keys and click the Reactivate keys button.
2. Click on the Phrase tab and enter your 12-word recovery phrase in the space provided. You must enter the 12 words that make up your recovery phrase in the same order they were given to you.
3. Click Recover data and enter your current password when prompted.
Recovering your data using your recovery file or backup encryption key
1. Click Settings → All settings → Encryption and keys and click the Reactivate keys button.
2. Click on the File tab and upload your recovery file. Alternatively, you can upload an encryption key that you’ve previously downloaded.
3. Click Recover data and enter your current password when prompted.
Please note that you’re not meant to open and read your recovery file. Unlike your recovery phrase, which is made up of 12 words you can write down or copy, your recovery file is an encrypted file. You can download it, store it in a safe place, and upload it as described above to restore your encrypted emails and other encrypted data when needed. It’s not designed for you to open and read it.
Learn how to download your public and private encryption keys(neues Fenster)
Learn how to upload your backup private encryption key(neues Fenster)
Recovering your data using device data recovery
If you enable device data recovery, Proton will store an encrypted backup keychain as a file in your browser’s web storage. If you forget your Proton password and need to reset it, the next time you sign in on a trusted device using your new password, full access to your Proton Account will be restored.
Device data recovery is enabled by default. But to save the encrypted keychain file to your browser’s web storage, you must select the Keep me signed in checkbox when you sign in to your account.
If you forget your password and device data recovery is enabled:
1. Reset your password
2. Log in to your account on a trusted device using your new password.
Your account keys will be decrypted in the background, giving you full access to your Inbox.