Proton Mail came under scrutiny for its role in a legal request by the Spanish authorities leading to the identification and arrest of a user.

  • NeatNit@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    2
    ·
    8 months ago

    Depending on what its purpose it, it likely needs to be unencrypted (or at least decryptable by the operator without the user’s key) in order to function. A recovery email likely needs to be used precisely when you don’t have your password, so it can’t work if it’s encrypted with your private key.

    I suppose this isn’t necessarily obvious to a user but it’s not a flaw or fault of Proton, it’s unavoidable if a recovery email is used. Note that it’s optional to add one (see article update).