Protonmail Web App New! (Android OFFICIAL)

The server only receives the hash of the password, not the password itself. This hash is used solely for authentication purposes. The user’s private encryption keys are encrypted with a key derived from the user’s actual password. Therefore, the server does not possess the capability to decrypt the user’s private keys. This creates a "Zero-Access" environment where ProtonMail technically cannot read user emails, even if compelled by legal authorities.

: Click the three-dot More tools (or settings) menu in your browser. Create Shortcut : Select Save and Share → Create Shortcut . protonmail web app

While the architecture is robust, the web environment presents inherent security risks distinct from native applications. The server only receives the hash of the

Caveat: This means your browser does heavy lifting. On a 2015 laptop, the web app feels slightly sluggish when opening large threads. Therefore, the server does not possess the capability

How does a browser app do encryption that usually requires desktop software? Proton solves this by downloading a local cryptographic engine (OpenPGP) into your browser's memory when you log in. You decrypt your emails locally, read them, and re-encrypt them before they ever hit the cloud.