Password protecting a Proton alias email revealed my actual Proton email address

ZenByte:

Also is it just me or is it strange for a business to not accept encrypted content? How bizzare.

Very common in my experience. No encrypted files, no encrypted folders, and if I visit them in person, they won’t accept a flash drive.

I don’t believe I have ever tried sending a Proton password-protected email to a business, but I am doubtful they would refuse. The only reason I can think of for them refusing is not the fear of malicious content, but their desire to have a permanent record of your exchange. When you send a password protected email from a Proton address to a non Proton address, no only are the messages only saved on Proton’s servers, but they will self-destruct after 30 days.

HOW I SEND DOCUMENTS

By default, I never send documents as attachment in emails. I always upload them to an encrypted service like Tresorit Send. And this is where I encounter resistance. Many businesses have told me they cannot accept files via external cloud services, because they are not allowed to visit other sites. They might even be blocked.

I personally find this annoying, because those same businesses expect me to visit other sites that are not theirs, but they won’t do it themselves. If it’s not safe for you, why would it be safe for me?

WHAT CAUSED YOUR PROBLEM?

With all that being said, this does not explain your problem.

Firstly, Proton aliases cannot send E2EE emails.

I don’t know where you got that idea.

If you can’t send an encrypted link from Tresorit or another E2EE cloud service, I would password protect the documents themselves. Make sure you have a display name for your alias, so the business can easily identify you.

Secondly, I use aliases every day to email businesses. In fact, it is my primary way of emailing people, and my inbox/Proton address is never exposed.

Do you have a free or paid Proton Pass account?

If it’s the former, I would hope that Proton doesn’t remove protections by exposing your inbox/Proton address. They shouldn’t.

THE ONLY WAY YOUR INBOX/PROTON ADDRESS CAN BE EXPOSED

There is only one way your inbox/Proton address can be exposed when you use aliases, and that’s when someone has not replied to you after you emailed them, and you decide to send them a second follow-up email, as a reply to your first email.

When you do that, when you reply to an email that you sent with an alias, you inbox address is exposed in the history thread, and you have to remember to delete it and replace it with your alias.