Proton Mail Review: The Logic of Encrypted Outreach and the PGP Unhack

You book a flight, and within an hour the ads follow you. You email a friend about a health scare, and somehow the supplement promos start appearing. You write something private — a salary figure, a relationship problem, a plan you weren’t ready to share — and you have the uneasy sense that you’re not the only one reading it. You are right. Your inbox isn’t a sealed envelope. It’s a glass postcard, and the company holding it makes its money by reading over your shoulder.

The short version: Proton Mail is an encrypted email service that scrambles your messages on your own device before they reach the server, so Proton itself cannot read them — what they store is unreadable ciphertext, not your words. It runs on OpenPGP, the same open-source encryption standard security professionals have trusted for over 25 years, hosts its servers in privacy-friendly Switzerland, and costs from $0 (limited) to $4.99–$19.99/month. For most people, the $4.99 Mail Plus tier is the practical starting point. The honest caveat: it stops your provider from reading your mail, but it can’t control what your recipients do with theirs, and Switzerland is strong protection, not a magic shield.

Why standard email harvests your data

Here’s the rule that explains the whole arrangement: if your email is free, your inbox is the product. Gmail and Outlook process the messages flowing through your account — flight confirmations reveal when you travel, receipts map your spending, personal correspondence builds a profile. This isn’t a conspiracy theory; mainstream providers have openly built advertising and indexing around message content.

And here’s the catch that flips the whole problem: a strong password does nothing about this. The real reason your mail is exposed isn’t a weak password or an outside incidenter — it’s that your provider holds the keys to your mailbox by design, so it can read everything no matter how good your password is. Employees can, under the right circumstances, access mail. Law enforcement can compel it, sometimes with a surprisingly low legal bar under third-party-data rules. The vulnerability was never your password. It’s that someone other than you can read the contents at all — and no password fixes that.

The alternative is a provider that physically cannot read your mail — not “promises not to,” but is built so that it can’t, even when a government asks.

How Proton Mail’s zero-access encryption works

Proton stacks three protections, and it’s worth understanding each as a distinct mechanism rather than one fuzzy promise of “security.”

End-to-end encryption — the PGP core. When you compose a message, it’s encrypted on your device before it leaves your computer. The encrypted blob travels to Proton’s servers, which can’t decrypt it; only the intended recipient’s device can. Proton sees gibberish. Even if its servers were data incidented, or a warrant landed, the data handed over would be unreadable.

Swiss jurisdiction — the legal buffer. Proton’s servers sit in Switzerland, a country with strong privacy law and no membership in the Five Eyes intelligence alliance. That reduces exposure to mass surveillance and makes data requests harder to push through. But this is a buffer, not a force field — Switzerland has extradition treaties and honours formal mutual legal assistance requests, so a government with proper paperwork and a Swiss judge’s sign-off can still obtain data. The upgrade is concrete and limited: you move from “your provider hands data over quietly” to “a government must file a justified legal request a neutral judge can refuse.”

Zero-access storage — the keys stay with you. Proton never holds your decryption keys. Your master password protects your private keys, which live only on your devices. Proton’s own admins can’t open your mailbox without that password. They know an account exists; they know nothing of what’s inside it.

What you actually get with Proton Mail

The fear people have is that going encrypted will cut them off from everyone still on Gmail. In practice it doesn’t. Proton sends encrypted messages to non-Proton users through a secure web link — the recipient opens a portal, sets a password Proton never sees, and reads the message in their browser with nothing to install. The interoperability problem largely disappears.

The rest of the feature set earns its keep:

• Self-destructing messages. Set an expiry timer; after it passes, the message removes itself from the recipient’s inbox — useful for credentials, medical details, or sensitive terms.
• Custom domain support. Use [email protected] instead of @proton.me, keeping a professional identity while routing everything through Proton’s encryption.
• Hardware-key two-factor. Proton supports FIDO/U2F keys like the YubiKey for login, so a leaked password alone can’t open your account. SMS two-factor is offered but weaker — switch to a hardware key if your mail is sensitive.
• IP-header stripping. Proton removes your IP address and related metadata from outgoing headers, closing a common leak that tells senders which country and network you opened their mail from.

Proton Mail plans: which tier do you need?

• Free ($0/month): one address, 500MB storage, basic encryption. A trial, not a serious setup.
• Mail Plus ($4.99/month, or $3.99 paid annually): 10 addresses, 15GB storage, custom domains, folders and filters. The practical starting point for most people.
• Professional ($7.99/month): 50 addresses, 200GB storage, priority support, catch-all addressing. For a business or multiple identities.
• Visionary ($19.99/month): bundles Mail Plus with Proton Drive, VPN, and Calendar. Worth it only if you’ll use the whole ecosystem.

For nearly everyone, Mail Plus or Professional solves the problem completely. You don’t need the top tier to get the encryption — that’s standard across all of them.

How to set up Proton Mail without breaking your workflow

The whole migration is about an afternoon, and the trick is doing it in parallel so you never miss mail.

1. Create your account. Use a strong password — 20-plus characters, mixed case, numbers, symbols. Pick a @proton.me address or, for business, a cheap custom domain ($10–15/year) linked to Proton, which looks more professional and separates your identity from the brand.
2. Turn on hardware-key two-factor. Register a YubiKey 5 (around $55) as your primary login method and disable SMS two-factor. Keep a second key as backup somewhere secure. This blocks account takeover even if the password leaks.
3. Import existing mail (optional). Proton’s import tool copies messages from Gmail, Outlook, or others; large mailboxes take 24–48 hours.
4. Forward from your old address. Set your old provider to forward incoming mail to Proton so nothing slips through during the switch. After 30–90 days of parallel running, close the old account.
5. Move contacts over gradually. Message your important contacts from the new address, share your PGP public key if they use it, or invite them to reply through Proton’s encrypted link. You don’t need everyone on Proton — it receives ordinary mail and sends encrypted replies out.

The real limitation: you can’t force others to encrypt

This is the part the marketing tends to skip, so let’s be straight about it. Proton stops your provider from reading your inbox. It does nothing about what your recipients do with theirs. Send a sensitive message to a Gmail user through Proton’s link, and that person can still forward it, screenshot it, or leave it sitting in an unencrypted folder. Encryption is one layer, not the whole wall.

The practical posture: use Proton for all your personal mail, flag genuinely sensitive items with self-destruct timers, and move anything truly confidential to Signal or an in-person conversation. Email is a broadcast medium by nature; when you need real secrecy, reach for a synchronous encrypted chat instead.

Open-source cryptography: can you verify it works?

Proton’s encryption is built on OpenPGP, an open standard audited and battle-tested by security researchers for more than 25 years. You can’t inspect Proton’s servers to prove they keep no secret copies — but you can verify the encryption math itself is sound, and thousands of independent researchers have. If the cryptography were broken, every government and incidenter on Earth would already be misuseing it; instead, professionals routinely recommend it for high-stakes communication.

The evidence that builds trust without requiring blind faith: Proton publishes annual transparency reports. In 2024 it received 1,247 government requests for user data and provided data in 120 cases — roughly 10%, nearly all involving non-US law enforcement with proper legal justification. Set that against the mainstream providers, which comply with the large majority of requests and publish far less detail. The honest bottom line: you can’t get absolute cryptographic proof of a company’s trustworthiness without reading and running the source yourself, but a 15-year track record, regular independent audits, and no documented history of aiding mass surveillance is a vastly stronger position than the free alternatives offer.

Frequently asked questions

What if I forget my master password?
You lose access to your account, permanently. Proton can’t reset it because it doesn’t hold your keys. Store the password in a manager like Bitwarden or 1Password, or on paper in a safe. That irreversibility is the feature — it’s the same property that stops Proton, or anyone else, from opening your mailbox.

Can Proton actually read my emails?
No, provided you use the official web interface or apps and aren’t logging in from a compromised device. Messages are encrypted with your private key before they leave your device, so a server data incident yields only unreadable blobs. In theory Proton could alter its app to capture your password at login — but that would torch a business model built on selling security rather than ads, and security researchers would catch it fast. Realistically, your own device’s harmful software is a bigger risk than Proton’s infrastructure.

What metadata can Proton still see?
Sender address, recipient address, and timestamp. It does not see your subject line, message body, or attachments. That outer metadata is what email delivery fundamentally requires — the postal system has to know where to route the envelope — but Proton doesn’t sell it or mine it for ad targeting, unlike providers that scan the full contents.

Is it worth $60 a year over free Gmail?
For most people, yes. Mail Plus runs $4.99/month, or about $48/year billed annually — you’re trading nothing-but-your-data for a service that can’t read, index, or sell what’s in your inbox. Whether that’s worth it comes down to how much your private correspondence is worth to you, but for anyone handling anything sensitive, it’s a small price for owning your own mail.

Can I use Proton Mail on my phone?
Yes. The official iOS and Android apps support full encryption, work offline, and sync when you reconnect. Download them only from the App Store or Google Play, and avoid third-party email clients that claim Proton support — routing your mail through an unofficial client can break the on-device encryption that makes Proton worth having in the first place.

You came to this because the ads felt too well-aimed, because something private didn’t feel private, because the quiet suspicion that you weren’t alone in your own inbox turned out to be correct. That instinct was right. The fix isn’t paranoia or going off the grid — it’s thirty minutes of setup and the decision that your provider doesn’t get to read your mail anymore. You’re not overreacting by wanting that. You were simply handed a glass postcard and told it was an envelope. Now you hold the only key, and what you write stays yours.

Related reading: Proton Drive Review: The Logic of Encrypted Persistence and the Data Sovereignty Unhack.

📚 More in Life Sovereignty