ProtonMail Premium Review

ProtonMail Premium Review

Email is a service that we all rely on. Finding an email provider that promises a good balance of privacy, security, and convenience is a fraught proposition, however. As readers here doubtlessly know, I have huge privacy concerns around email. I hate giving out my real email address if possible, because it equates to attack surface (more on this later). I also hate using the same email for multiple services, but this creates major convenience problems. And I can’t store email with providers that either a.) dont’ store my data securely or b.) store it securely but scrape it for marketing purposes. Readers here also know I am a big fan of ProtonMail. This is why I decided to give ProtonMail Premium a try.

ProtonMail Premium

ProtonMail Premium has a flexible pricing structure.  To access the pricing options login into your account and click the “Settings” button at the top of the page. Scroll to the bottom of the page (on the “Dashboard” tab). Here you have the option to choose either the “Plus” or “Visionary” plan. I chose the ProtonMail Plus plan at $6.00/month ($5 if paid annually). By default this plan upgrades you to 5GB of storage, five addresses, and allows you to use one custom domain. These options are somewhat à la carte: you can choose additional storage in 1GB increments, and additional domains and addresses. Each of these adds additional cost to the plan, but allow you to pay only for the elements that are important to you.

The most important of these to me is the ability to purchase additional addresses. For the trial I upgraded to Plus, but added five more addresses for a total of 10. An additional charge of $1.00 is applied for every five additional email addresses you add but having additional addresses is an inestimable benefit. I can have a single ProtonMail account to which I can forward all my email. Being able to login to a single account and get emails from multiple addresses is extremely convenient. It is also a boon to privacy.

Email Compartmentalization

I use these addresses for different purposes. In some cases I can give out an actual ProtonMail address. For services like my bank or Blur, I don’t want to use a forwarding service. First, that gives an additional party access to my data. Secondly, if the forwarding service every goes down, I risk locking myself out. I can also setup one ProtonMail Premium address for use with Blur Masked Emails, and another for use with 33Mail. I use these with less sensitive services. With both I have control over the forwarding addresses and can shut them down at will, and in none of these cases have I given out a real ProtonMail address.

Adding a new ProtonMail address is painless. Simply click the “Add ProtonMail Address” button and choose your “” or “” email address.  You will be asked to enter you login password. Next, you will be asked to choose between a 2048- or 4096-bit key; I recommend always choosing 4096. Though it takes a little longer to generate (and may freeze your browser in the meantime) you won’t regret it after it’s created. Once the address is created you can begin giving it out and using it.

ProtonMail Premium ReviewBefore you begin creating custom ProtonMail addresses, I recommend that you think about them carefully. As you are warned during the creation process, you cannot delete these addresses, and they will always count toward your limit. If you are creating long, complex, and random addresses, I recommend keeping a list of these, along with where they have been used.

Custom Domains: Setting up a custom domain is similarly easy, assuming you already own a domain. To do so you will have to edit your DNS file, adding several TXT records and an MX record. Once you have completed this step you have unlimited addresses at your disposal, though they are all tied to you because of the custom domain. It may be useful for some to purchase a domain name just for the purpose of creating unlimited custom email addresses.


My major complaint with ProtonMail premium is this: though I can create multiple addresses, I cannot make one of the new addresses the login username. This is problematic. I would like to use ProtonMail as a single-source solution. However, my chosen username is easily guessable because I wanted an address I could easily give to (trusted) friends and family. I have previously written about usernames as a security measure. Now that I have upgraded and am considering using ProtonMail in a more robust capacity where it would become more exposed, I would like to have a login that is not easily guessable (i.e. randonly generated). While I can create I could setup a new ProtonMail account as the basis for a premium account, but this would involve transitioning all my friends and family to a new account – a hassle I’d prefer to avoid. I reached out to a senior engineer at ProtonMail with the following request:

I have a quick question about custom ProtonMail addresses: can I use a custom address as my login username?  I think this is an important security feature because it allows me to give out my address (, while keeping that address worthless as an attack vector.  If possible I would like to change my login to a pseudorandomly generated username.
 Thank you in advance for your time,
Justin Carroll

His reply was prompt and polite:

Hi Justin,
That’s an interesting idea, and one which we should consider implementing in the future. As you point out, there’s no reason your login username and email address local part absolutely have to be the same. For most people it make sense but a random hash would work just as well for those who want it. We’ll think about it.

For now, only you username or protonmail address can be used for login. This will be expanded to custom domain addresses in the near future for support of multi-member accounts, which will not really solve your issue because then there will be more possible usernames that can be use to log in.

Thanks for the idea, we’ll see what we can do.
 If you would like ProtonMail to support this feature, please make your voice heard. This feature has been formally requested through the feature-request program. Simply click the link and vote for the feature.

The Verdict

While not perfect, ProtonMail premium plans offer a greatly enhanced capability. Like standard ProtonMail accounts, I also have solid assurance that my data is not being scraped and sold. ProtonMail is stored in “zero knowledge” format, and I hold the password to my private keys. The ability to use additional alias email addresses and domains, while still checking a single inbox is amazing from a privacy perspective. My recommendation: if you’re looking for a sole-source, private email solution and are willing to pay for it, take a good look at the ProtonMail premium plans.

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

Leave a Reply