Hello! I’m a long time lurker and wanted to see your opinions on Proton possibly recycling/releasing some usernames, but I saw it wasn’t posted here yet, so here we are:
Hey everyone,
As Proton continues to grow to hundreds of millions of users, occurrences of people not getting their preferred username is increasing. At the same time, we have on our system millions of user accounts which were improperly registered. In the very early days of Proton, before we had anti-abuse systems in place, millions of accounts were created by scripts that registered Proton accounts in bulk in violation of our terms of service. These accounts were typically detected soon after registration and disabled so they have never been used.
In order to alleviate the exhaustion of Proton’s username space, we are considering to release these usernames. Note, some usernames, in particular high value ones with common names (e.g. firstname@proton.me) have been disabled for close to a decade, but actually get email traffic as over the years, people randomly enter them into email forms across the internet (they even end up in breach datasets as a result). If you go to claim one of these common emails, keep this in mind.
No decision has been taken yet on releasing these usernames. At this stage, we are first collecting community feedback about this. Thank you for reading and we look forward to seeing your thoughts in the comments.
Stay safe,
Proton Team
Does this not infringe their policy on recycling usernames?
Please note that you cannot delete your account with the intention of switching to a different domain (like @proton.me or @protonmail.com). Once an account is created, the domain cannot be changed. You can have multiple domains if you upgrade to a paid plan.
Yeah, I don’t think Proton should engage in vanity updates for users just for usernames. Let’s not think like teenagers and have our name on literally everything. I much prefer having an email address that does not identify me or my name at all.
I feel like this is a longstanding problem solved by providers like Outlook and Gmail that have even more users. Usually, this takes the form of not reusing usernames in the first place for security/spam purposes.
Nothing prevents you from adding another number or something to your Proton username.
Is it just me, or does Proton also seem to be trying to recycle old deleted usernames?
I have this impression for two reasons. First, they ask questions on their subreddit to “gather feedback from their community.” If the reaction is positive, couldn’t that indicate to them that most of their customers see this change as positive and that it means they could even try to recycle old deleted usernames?
Secondly, Proton is doing so much marketing these days and targeting a new customer base that seems less concerned about this kind of issue, so maybe they think that they can attract more customers by making a change like this?
Just food for thought, as Proton has made some weird decisions recently, like Lumo, which doesn’t seem to be in the direction of their original core userbase (well, from my perspective at least).
For what I am reading they only plan to recycle, old accounts that never received any email and were long disable because they were created by domain hoarder / spammer. Doesn’t seem like an issue to me.
I think you’re spot on. Their target demographic has been shifting for while, at least if you’ve been paying attention, but I actually think it will end up something akin to this and people won’t mind it at all. They’ll auction the best ones too, like Telegram.
I’d like to get my old username back, but not at the expense of security for everyone, including my own.
Anyway, I don’t understand what the fuss is about. Gmail and Outlook have massive user bases, and apparently that hasn’t been an issue for them. Doesn’t pass the sniff test.
common names (e.g. firstname@proton.me) have been disabled for close to a decade, but actually get email traffic as over the years, people randomly enter them into email forms across the internet (they even end up in breach datasets as a result).
Very generous interpretation, I might add. How do they know none of this intended email traffic?
Seems the mood about Proton has been changing with a lot of people lately. And I studied it closely when I was looking for a new mail provider. Hard to accept when there focus is all on marketing and not devwloping the most basic requested features.
And to the original post, its like what @KevPham said, all it takes is a random number following the desired name and voila, same dang thing in the end.
Well that’s the second part of what they are planning to do. For this one they shouldn’t do it, especially as common names are probably less than the millions they can free up with spammers.
If those emails are used by many people, having such a username would be terrible UX lol. Hope/expect they will not do that part.
The subreddit replies seem to want this change… Is Proton seriously only collecting responses from Reddit of all places? Maybe they are also collecting feedback directly from e-mail, I suppose… But I wouldn’t know since I’ve yet to receive any e-mail from them about this and have no Reddit account.
It seems concerning to me that they haven’t announced this officially and only on social media. Unless I am wrong. Someone please please tell me I’m wrong. And please say that they are also collecting feedback in more ways than this.
No. It doesn’t look like it. Maybe they will decide on how to precisely move forward, but they did not suggest this in their Reddit post. They explicitly said that
These apparently high value usernames were “disabled” but they still received email traffic. They are releasing these usernames, which is why they say this:
Even if they were to only recycle ones with no email traffic, I would still think it’s an issue. I don’t think any usernames should be reused wrt to email accounts.
I also see no reason to expect that there will be no automated sign-ups this time to collect these high value usernames.
Only proves the point made above by @Simon. People are really excited, but that’s only because these people are very different from those who signed up for the service 10 years ago.
Your feedback was positive, so we have gone ahead and taken back the bot created usernames which were never used and are now going to release them. The following schedule will apply:
Available immediately – Visionary/Lifetime users Dec 26th 08:00 (Zurich) – All paid users
At some point in January, we will open it to all free users as well.
Overall, we cannot guarantee that you can get the username that you want, as many usernames are actually taken by legitimate users. For full details, you can refer to the original post on this topic.
Good hunting and don’t do excessive username lookups.
God, that is disappointing. You seriously can’t say that 200 comments from a social media post is sufficient for “community feedback” when your customerbase reaches the millions.
Regardless, aren’t there security issues, as @ph00lt0 and @KevPham point out? It’s very unlikely that @Proton_Team wouldn’t have considered this, so I’m wondering how they are planning to mitigate it exactly.
