![]() The mailbox password, however is cached on the client, as it is only used to decrypt mail. The server will occasionally ask the user for the login password to confirm sensitive settings changes, such as password changes. The login password authenticates the user to Proton Mail and is not stored by the client. In two-password mode, there is a login password and a mailbox password. ![]() This same philosophy was also applied when we redesigned our authentication system. By utilizing client side end-to-end encryption, we ensure that we do not have the ability to decrypt your emails, and thus, your communications would also be inaccessible to any attacker who does manage to breach our systems. This is the fundamental philosophy behind our Zero Knowledge Architecture. Incidents like the Yahoo breach (new window) are not isolated, and will gradually become the norm over the next decade. Our basic assumption is that all servers can be compromised, and that sooner or later, Proton Mail will also be compromised. While Proton Mail’s authentication system has been completely redesigned, these changes are transparent to end users, and we will continue to support the legacy two-password mode. In pursuit of these goals, we are happy to introduce both one-password and two-factor authentication support with Proton Mail 3.6.0. Third, it makes two-factor authentication (a best-practice method to securing online accounts) a very onerous process, as the user has to enter both passwords and a two-factor code to log in.Īt Proton Mail, our mission to is make secure communication easy-to-use and secure. Second, it tends to confuse password managers, one of the best ways to organize and secure passwords. The security benefit provided by this separation is easy to understand, but it has multiple usability issues.įirst, two passwords are more difficult to remember than one, and it contributes to users losing access to their accounts and mail. Proton Mail launched with a two-password system-one to authenticate the user to Proton Mail, and one to decrypt the mail. Today, we are happy to announce the launch of a brand new authentication system for Proton Mail’s secure email service using just a single password. Last update on NovemPublished on December 1, 2016
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |