Proton Mail came under scrutiny for its role in a legal request by the Spanish authorities leading to the identification and arrest of a user.

    • NeatNit@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      Depending on what its purpose it, it likely needs to be unencrypted (or at least decryptable by the operator without the user’s key) in order to function. A recovery email likely needs to be used precisely when you don’t have your password, so it can’t work if it’s encrypted with your private key.

      I suppose this isn’t necessarily obvious to a user but it’s not a flaw or fault of Proton, it’s unavoidable if a recovery email is used. Note that it’s optional to add one (see article update).