[ImJamal]

How do the emails get decrypted then? I imagine your password would decrypt the keys which would allow them to decrypt the emails?

It seems like the next time you log in they would be able to capture your password and decrypt your emails.

[roomey]

There is an FAQ. They sat the emails get decrypted in your browser, or in the "bridge" which runs locally.

Your decrypted key isn't sent off your local computer. So it's not a case of waiting for you to log in and swipe your key. They never get the key.

In the past you could have a separate login password and decryption password. You still can in the advanced settings if you want.

[ImJamal]

The key has to be on their servers though? If I log into a proton account on a new computer I could see all my emails decrypted. I don't have to store the key somewhere and move it to my new computer.

Second, I am not talking about swiping the key, but the password. When you log in, you send your password to their server. They presumably hash the password and compare the hashes then send you the decryption key if the hash is correct.

The problem with that is they could keep the password you entered (pre hash). If hashes are good then use the password you entered themselves with the key to decrypt your email.

It sounds like the separate decryption password may work around this, but is not the default meaning a large chunk of the users are vulnerable to proton logging passwords.

[FranckRJ]

You never send your password to their servers, they use the "secure remote password protocol" : https://en.wikipedia.org/wiki/Secure_Remote_Password_protoco...

They explain what they do here : https://proton.me/blog/encrypted-email-authentication