2.5 KiB
2.5 KiB
Proton Mail Privacy Settings
Login to your Proton Mail from browser.
Click gear icon on top right > Go to settings
Recovery
Data recovery
- Recovery phrase: On > Generate recovery phrase > Enter Password > Submit > Save Recovery phrase > Done/Download.
NOTE: A recovery phrase lets you access your account and recover your encrypted emails after a password reset. Keep this phrase somewhere safe, to prevent loss or unauthorised access. It can be stored in a password manager, in an encrypted note, or write it down somewhere safe.
Account and password
- Two-factor authentication >
- On > Next > Scan the code using an authenticator app > Enter Password and Two-factor authentication code > Submit > Save the backup codes > Ok.
NOTE 1: Use a privacy respecting authenticator app. Check out recommendations, alternatives & reviews.
NOTE 2: The backup code is required to login, if 2FA method is lost, broken or unavailable. Keep this code somewhere safe, to prevent loss or unauthorised access. It can be stored in a password manager, in an encrypted note, or write it down somewhere safe.
- Two-password mode: On (Optional, but can be enabled for one extra layer of security.)
Security and privacy
Session management
- Revoke any old sessions which you don't use anymore.
Security logs
- By default, Proton Mail keeps temporary IP logs to combat abuse and fraud. IP address may be retained permanently if you're engaged in activities that breach their terms and conditions (spamming, DDoS attacks against ProtonMail infrastructure, brute force attacks, etc.).
- If you suspect that someone else has access to your account, you can check your login activity in the authentication logs by enabling this. If you enable advanced logs, it'll capture IP addresses and the date and time of activity. However, this also means your login IP address is kept permanently until you manually wipe the logs.
Privacy and data collection
- Send crash reports: Off
Messages and composing
Messages
- Auto-load embedded images: Off
- Confirm link URLs: On
Composing
- Undo send: 20 seconds (Not necessarily a privacy feature but might come in handy)
Email privacy
- Auto show remote images: On (Make sure to enable the next setting below too)
- Block email tracking: On
Encryption and keys
External PGP settings
- Sign external messages: On
- Attach public key: On
- Default PGP scheme: PGP/MIME