Linux Security

Affected by the Yahoo! Breach? Why Not Try ProtonMail?

Kev Quirk 03-10-2016

Yahoo! confirmed a massive security breach Yahoo! We Lost Your Data! Two Years Ago... Web giant Yahoo has suffered an enormous data breach. The breach, which took place in 2014, resulted in the information of 500 million Yahoo users being offered for sale on the dark web. Read More recently. Unless you have been living under a rock, you probably heard about it. Breaches such as this, like the Ashley Madison hack 3 Reasons Why The Ashley Madison Hack Is A Serious Affair The Internet seems ecstatic about the Ashley Madison hack, with millions of adulterers' and potential adulterers' details hacked and released online, with articles outing individuals found in the data dump. Hilarious, right? Not so fast. Read More  — where over 37 million accounts were compromised — are commonplace these days.


The Yahoo! breach is much bigger than Ashley Madison, with over half a billion accounts confirmed to be compromised. With this in mind, you might want to consider a new, more secure email provider such as ProtonMail.

What Is ProtonMail?

ProtonMail is a free email service that focuses on security and privacy by allowing users to easily send and receive encrypted emails. ProtonMail is also open source and, of course, based on Linux.

Adding security features like two-factor authentication Lock Down These Services Now With Two-Factor Authentication Two-factor authentication is the smart way to protect your online accounts. Let's take a look at few of the services you can lock-down with better security. Read More  or some simple security questions is often an afterthought for many email service providers, and security measures like these aren’t always up to the task of keeping the bad guys out. ProtonMail has security at its core, so with them it’s a way of life, not an afterthought.


Because your mailbox is encrypted, the ProtonMail staff have zero access, never mind the NSA Who Is Fighting On Your Behalf Against The NSA And For Privacy? There are several Internet activism groups who are fighting on your behalf for privacy. They are doing their best to educate netizens as well. Here are just a few of them that are incredibly active. Read More . ProtonMail will ask you for your mailbox decryption key after you have initially logged in. You won’t be able to access your mailbox until you have entered both sets of credentials.

The first password allows you to log on to the server, just like any traditional method of logging on. The server then decrypts and mounts your mailbox once you have entered your “Decrypt Mailbox” key. Without this, your mailbox is useless.

ProtonMail Mailbox Decryption Key

The encryption goes much further than just your mailbox. Emails are transmitted in an encrypted format between servers and user devices, and emails sent between ProtonMail users is protected by end-to-end encryption via a secure server network. Because data is encrypted at all steps How Does Encryption Work, and Is It Really Safe? Read More , the risk of message interception is largely eliminated.

The encryption process uses public and private keys. The public key is used by the sender to scramble (encrypt) the message, then the recipient uses their private key to un-scramble (decrypt) the message when they receive it. The basic process is shown in the diagram below:

ProtonMail Encryption Process Graphic

Encryption Outside of ProtonMail

Encryption can also be applied to messages that are sent outside of ProtonMail. Here’s how that works.

When composing a message, select the padlock button from the composer window. This will open the encryption options for your message.

ProtonMail Compose Email Padlock

Enter an encryption password and a hint that allows the recipient to decrypt the message. The hint could be something as simple, like “I’ve texted the password to you”. Or it could be instructions as to what the password is.

ProtonMail Compose Email Encryption Process

Click the Set button, finish composing your email as normal, and hit Send when you’re ready. The recipient will receive an email with a link to view the secure message.

ProtonMail Encrypted Message Sent

Once the recipient clicks on the View secure message link, they will be asked to enter the password. They will then be able to view the message.

ProtonMail View Encrypted Message

The recipient can also reply to the message from this window, which will be sent from their email address. This message will, of course, be encrypted also.

ProtonMail Encrypted Reply

Encrypted messages that are sent outside of ProtonMail will expire after 28 days.


ProtonMail take privacy very seriously. As already mentioned they have zero access to your mailbox, but they also go to great lengths to ensure your anonymity remains intact. The privacy policy states:

Our company’s overriding policy is to collect as little user information as possible to ensure a completely private and anonymous user experience when using the Service. We also have no technical means to access your encrypted message contents.

Sharing too much of your privacy online Online Privacy: Do You Share Too Much Information? Sharing has always been a prominent part of what the Internet is and how it functions. And with social networks exploding in popularity in the past several years, sharing is probably the one aspect we... Read More  is commonplace nowadays, so anything that can be done to limit that exposure has to be a good thing.

Using ProtonMail

The ProtonMail user interface is a pleasure to use. The developers have done a great job making such a clean interface with great advanced features, such as custom themes, alias addresses, email filtering and signatures. The features are on par with most other free email services The Best Free Email Accounts You Need to Consider Everyone knows about Gmail. If you think that's the best free email account out there, you're underestimating all the other services. You have options and we have the details. Read More out there. So there’s no need to worry about giving up features in favor of security.

ProtonMail Inbox View

A number of service tiers are available to choose from, ranging from the free 500 MB of email storage, up to $30/month for 20 GB of storage and some additional features, such as custom domain names. If you are not a heavy email user, then the free 500 MB service should be fine.

ProtonMail Pricing Structure

Is It Email for Nerds?

Even though ProtonMail has all this fancy encryption, it’s not just for nerds. Once you have logged in and entered your decryption key, the process of sending an email is exactly the same as you would expect from any other email service. ProtonMail handles all of the clever stuff for you.

ProtonMail Send Email View

Apps are available for both Android and iOS, so getting your secure email on the go is no more difficult than logging in. The mobile apps are classed as being in beta, but I’ve found them to be extremely stable and had no issues. Security could be compromised by using IMAP and POP IMAP vs. POP3: What Is It and Which One Should You Use? If you have ever set up an email client or app, you will have certainly come across the terms POP and IMAP. Do you remember which one you chose and why? If you are not... Read More , so ProtonMail does not support them. Which means you won’t be able to use third party mail apps with the service.

Should I Leave Yahoo!?

This is a question only you can answer, but being online requires a pragmatic approach to both security and privacy. You will limit your risk of exposure by considering both at all times.

Often there is a trade off between security and ease of use, but ProtonMail takes that trade off and tips the balance in favor of security, whilst managing to remain as simple to use as your Yahoo! Mail account.

Leaving Yahoo! (or any other widely-used webmail service) in favor of ProtonMail won’t guarantee your security online though, as no service is immune to attack. The only way to achieve 100 percent security is to stay off the internet. It’s a harsh fact, but it’s true. If you decide to stay with Yahoo! I would urge you to go and change your password right now.

Have you been affected by the Yahoo! breach? Do you have security concerns and considering a move to something like ProtonMail? Tell us your thoughts in the comment below.

Explore more about: Email Tips, Encryption, Open Source, Yahoo Mail.

Whatsapp Pinterest

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Carl Jobs
    February 25, 2017 at 4:34 pm

    Question: is one able to use POP with Proton Mail? That is, I do not want my email stored on your servers, but wish to download it to my main computer.

    Question: are you able to sort the email by Sender, Subject, Date? In Gmail, one cannot. Without that ability, we cannot use email comfortably!

  2. Mr A
    October 4, 2016 at 11:39 am

    Can I say I think it is good to get people to consider alternative emails besides the big three of Outlook, Gmail and Yahoo. However, ProtonMail themselves had to pay in Bitcoin to access their own servers, after being hacked.

    • Kev Quirk
      October 4, 2016 at 12:24 pm

      That's actually incorrect. They were not hacked, it was a massive DDOS and they paid to stop the attack so that service could resume. If a DDOS/BotNET is big enough then no DDOS mitigation can stop it.

      Being hacked and being subjected to a DDOS attack are two completely different things.

      I do agree though, exploring other email services is important, in my opinion. I notice from your email that you use a lesser knows email provider (don't worry your email isn't public, it's just listed as I'm the author) - I use the same provider for my personal emails. I have one of their paid tiers, they're a great provider.

    • Mr A
      October 4, 2016 at 12:32 pm

      Revision of my comment.

      It appears ProtonMail had a DDOS attack not hacked as I previously mentioned. I am sorry for this comment as I recalled many articles at the time saying about this, It seems I need to find better Technology News feeds !