The Proton Blog

How to disable Microsoft Edge, step by step

Greg Govin — Thu, 25 Jun 2026 16:46:54 GMT

Microsoft Edge is pre-installed on, and deeply integrated with, every Windows 10 and 11 computer. Even if you use a different browser, Edge continues to run in the background, pops up where it doesn’t belong, and overrides your chosen defaults.

If you are wondering how to disable Microsoft Edge to free up system resources, or just want it to stop bugging you like a petulant child, this guide will help.

Four simple ways to disable Microsoft Edge
Advanced ways to get rid of Microsoft Edge
Why you should disable Microsoft Edge
Alternatives to Microsoft Edge
Don’t just stop at disabling Edge
Frequently asked questions

Four simple ways to disable Microsoft Edge

In newer versions of Windows, Microsoft Edge is deeply integrated into the system. Forcibly removing the browser can cause system instability and crashes, especially if you’re unsure of what you’re doing. For most users, disabling its ability to run in the background and opening on startup is an effective compromise.

Method 1: Stop Edge from running in the background

This stops Edge from silently consuming your memory and CPU in the background, freeing up your computer to run other programs more smoothly.

1. Open Microsoft Edge.

2. Click the three-dot menu (⋯) in the top-right corner.

3. Select Settings.

4. In the left sidebar, scroll down and click System and performance.

5. Select System.

6. Toggle these two features off:

Startup boost
Continue running background extensions and apps when Edge is closed

You may have to restart the browser for the changes to take effect.

Quick tip: If you usually close Edge by clicking the X in the corner, try going to Menu → Close Microsoft Edge instead. This should shut everything down properly, rather than just hiding the window.

Method 2: Stop Microsoft Edge from opening on startup

Even after turning off Startup Boost, Edge might still launch when you boot your computer. Here’s how to prevent that using Task Manager on Windows 11 and 10:

1. Press Ctrl + Shift + Esc to open Task Manager.

2. Click the Startup tab (or Startup apps on Windows 11).

3. Find Microsoft Edge, right-click it, and select Disable.

Method 3: Change your default browser

This makes sure that when you click a link in an email, a document, or anywhere else, it opens in the browser you actually want.

On Windows 11:

1. Press Win + I to open Settings.

2. Go to Apps, then Default apps.

3. Search for your preferred browser and click on it.

4. Click Set default.

Note: Some users report that Microsoft sometimes overrides this setting and opens Edge anyway. Go to the Default App settings page and look under the By file type section. Changing your preferred browser separately for each file type should reduce how often Edge gets unintentionally launched.

On Windows 10:

1. Press Win + I to open Settings.

2. Go to Apps, then Default apps.

3. Under Web browser, click on Microsoft Edge to change your default browser.

Method 4: Uninstall Microsoft Edge (EEA users only)

If your device is in the European Economic Area (EEA), you can uninstall Microsoft Edge through normal Windows settings, thanks to the EU’s Digital Markets Act. This works on Windows 11 version 23H2 or later, and the EEA covers EU countries plus Iceland, Liechtenstein, and Norway. (Windows determines eligibility from the region set during device setup).

1. Press Win + I to open Settings.

2. Go to Apps, then Installed apps.

3. Find Microsoft Edge and select Uninstall.

How to get rid of Microsoft Edge: Steps for advanced users

If you have the technical know-how, you can remove the app entirely. But with Edge being so integrated into modern versions of Windows, removing it can cause issues such as Windows Search and widgets to not work properly, Microsoft integrations breaking, and PDFs not opening.

If you decide to continue, proceed cautiously and ensure you have a System Restore point created first. Note that future Windows updates may reinstall Edge.

Registry edit

Editing the registry can make an uninstall button for Edge appear in Windows Settings (this may not work on 24H2+).

1. Run CommandPrompt or PowerShell as administrator. Press Win + X and select Terminal (Admin) or PowerShell (Admin).

2. Run this command:

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" /v "NoRemove" /t REG_DWORD /d 0 /f

3. Restart your computer.

4. Go to Apps, then Installed apps.

5. Find Microsoft Edge and select Uninstall.

PowerShell force uninstall

You can force Edge to uninstall with this method.

1. Open File Explorer.

2. Go to: C:\Program Files (x86)\Microsoft\Edge\Application\

3. Open the folder with the highest version number

4. Open the Installer folder

5. Right-click an empty space

6. Select Open in Terminal or Open PowerShell window here

7. Run the uninstall command:

.\setup.exe --uninstall --system-level --verbose-logging --force-uninstall

Why you should disable Microsoft Edge

Edge is built into Windows in a way that makes it feel almost impossible to escape. It’s designed to be “always on,” which means it reserves space in your RAM before you even click a button. If you’re running an older laptop or just like your computer to run lean, this background activity eats up resources that your actual work or games could be using.

Microsoft also uses Edge as a funnel for its own services, sometimes overriding your default browser settings to push Bing or personalized ads through Windows Search and widgets. It can feel like your own computer is trying to push you to use Edge on every corner of the operating system, in the same way that Microsoft Authenticator users were forced into using Edge to store passwords.

Then, there’s privacy. Your browser is how you access the online world, and it can see everything you type and every site you visit. While Edge is generally secure from hackers, as a closed-source tool, we won’t know just how invasive it actually is. And when Microsoft’s business model involves targeted advertising, keeping Edge around essentially grants the company access to your private online life.

Alternatives to Microsoft Edge

There are better alternatives. Consider using the best browsers for your privacy, such as:

Mozilla Firefox: Probably the most effective choice to stop being tracked. Firefox has a built-in enhanced tracking protection that actively breaks the invisible web trackers that follow you from site to site. It’s also the only open-source competition to Google’s browser engine.
Brave: Designed with a strong privacy focus, Brave automatically blocks ads and trackers the moment you open it. A fully independent search engine, Brave Search, is also built in for a more private search experience.
LibreWolf: Essentially a privacy-maximized, custom version of Firefox. LibreWolf collects no telemetry, uses privacy-friendly search engines, and implements various hardening features to protect your privacy.

Microsoft Edge is also used to store passwords. If you’re planning to disable the browser, you’ll need a new password manager. Proton Pass is an end-to-end encrypted password manager that ensures only you can access your passwords and other stored data. Even if you weren’t uninstalling Edge, moving your passwords out of Edge is good, because it exposes your stored passwords.

Proton Pass is free to use, and you can store as many passwords as you want. Plus, we’ve made importing your passwords from Edge easy.

Don’t just stop at disabling Edge

Disabling Edge is the first step to going online more securely, and choosing a private browser is half of the picture. To truly go online privately and safely, you need to shield your online activity from your internet service provider (ISP) and any other network you connect to.

Whether you choose Firefox or any other browser to replace Edge, be sure to pair it with Proton VPN. When you go online with a VPN, your ISP (and by extension your government) can’t see what you do online, and websites you visit can’t see your real IP address.

Proton VPN has a strict no logs policy and is based in Switzerland, outside of US and EU surveillance programs. Proton is supported by paying subscribers; unlike Microsoft, we will never show you ads or collect your data and sell it. You can trust us to keep your digital presence truly private.

FAQ: How to disable Microsoft Edge

Why does Edge keep coming back after Windows updates?

Microsoft considers Edge to be a system component because of how deeply integrated it is with Windows. System updates often repair and patch the system, which may include reinstalling any missing core apps and files.

Why does Edge keep running when I haven’t opened it?

The Startup Boost feature is the main culprit. It pre-loads Edge into memory when your PC starts, so that it launches faster when you do use it. This consumes memory and processing power even when you’re doing something unrelated on your computer.
Edge is also deeply embedded in Windows. Some Windows features may open Edge, such as Windows Search or when you open PDF files, even if you’ve changed your default browser.

How to turn off Microsoft Edge in Task Manager?

To stop Edge processes that are currently running:

1. Press Ctrl + Shift + Esc to open Task Manager.
2. Click on the Processes tab.
3. Look for Microsoft Edge in the list.

Right-click any Edge process and select End task.
Note: If multiple processes are listed, you may need to repeat this for each one. To prevent it from returning automatically, you must also disable Startup Boost within the Edge browser settings.

Is it safe to completely remove Microsoft Edge?

It can be risky because of how deeply integrated Edge is in Windows. Force-removing it can break the system and cause errors in some apps or features. Unless you have the technical expertise, it’s best to just disable Microsoft Edge instead.

Password fatigue: why too many passwords put your business at risk

Ben Wolford — Thu, 25 Jun 2026 14:06:07 GMT

Password fatigue builds gradually. It’s caused by the mental load of creating new logins and accounts, numerous password resets, and inevitably losing track of the dozens or even hundreds of passwords that it isn’t possible to keep track of. Inevitably, team members will try to manage password fatigue with insecure practices.

These practices present a significant security problem for your business because small workarounds can create significant exposure. A reused password can help an attacker access multiple services. A weak password can fail under a dictionary attack. A password shared informally can leave no clear audit trail. Password fatigue has to be managed by designing easy and efficient access management within your business network.

What is password fatigue?

How password fatigue appears at work

Why password fatigue creates business risk

Creating stronger passwords isn’t enough

The real solution to password fatigue

How Proton Pass for Business helps reduce password fatigue

What is password fatigue?

Password fatigue is the frustration and overload that people experience when they have to manage too many passwords across too many accounts. In a business setting, this means creating, remembering, resetting, updating, and sharing credentials across dozens of everyday tools. These may include email, messaging platforms, project management software, HR systems, finance tools, cloud storage, and other work applications.

Over time and with enough accounts, password management can become too complex to handle manually. Each service or account may have different rules for length, special characters, resets, lockouts, or multi-factor authentication. Over time, keeping every password unique, strong, and easy to access becomes difficult to sustain.

This is the point when password fatigue becomes a business risk. When people face too many passwords and too many rules, they often reduce the burden in practical but unsafe ways. They reuse passwords, create predictable patterns, save credentials in notes or spreadsheets, or share access informally when a colleague needs to get into an account quickly.

How password fatigue appears at work

When you’re trying to assess your business for password fatigue, it can be difficult to spot as it manifests in different ways.

Password reuse

The most common pattern is password reuse. If an employee has too many passwords to remember, using the same password across several accounts can feel efficient. But if one password is exposed in a breach, phishing attack, or malware infection, every account using it becomes accessible.

Predictable passwords

Another pattern is predictability. People may use a company name, season, year, keyboard pattern, pet name, or small variation of an old password because those patterns are easier to remember. A password like Spring2026! may satisfy a basic rule, but it is still easier to guess than a long, random password.

Unmanaged storage and informal sharing

Password fatigue can also lead to unmanaged storage and informal sharing. Team members may write passwords in notebooks, save them in spreadsheets, rely on browser-saved passwords, or send access through chats and email threads. These shortcuts work in the moment, but they spread credentials across places the business cannot easily monitor, audit, or revoke.

Sharing itself is not always the problem. Many businesses have legitimate reasons to share access to certain accounts, especially where a vendor tool doesn’t support individual accounts, single sign-on, or role-based permissions. Secure, controlled sharing in a business password manager is safe because access can be restricted, updated, and revoked through a managed system. But when team members share outside your business network and approved tools, you lose control of the entry points to your network.

Why password fatigue creates business risk

Reused passwords, predictable patterns, uncontrolled storage, and informal sharing all weaken the controls businesses rely on to prevent unauthorized access.

So, password fatigue is a threat to your business’s access management. If one exposed credential is reused across multiple systems, an attacker may be able to move from one account into email, SaaS tools, cloud platforms, or admin systems. Because they’re using a valid login, this activity may look legitimate at first and be harder to spot.

Password reuse enables credential stuffing

Credential stuffing works because password reuse is so common. Attackers will use exposed username and password combinations from one breach to try to access other services, knowing many people reuse credentials across accounts.

For businesses, just one leaked password can cause serious issues. An exposed email password may let an attacker reset access to other tools. A project management account can reveal client information, internal files, links to other systems, or operational details. Access to an admin account can be even more serious, allowing attackers to change settings, create new accounts, or escalate privileges.

Once an attacker has a single set of credentials, password reuse enables them to begin moving laterally through a business network. They can explore the environment, test access to other systems, and look for higher-value accounts. Reused passwords make that process easier because one exposed credential may open more than one door.

Weak passwords reduce brute-force resistance

A weak or predictable password is easier to guess through brute-force, dictionary, or pattern-based attacks. Attackers use automated tools, leaked password databases, and common substitutions.

Password fatigue increases the likelihood of weak passwords because people optimize for memorability. They choose what they can remember, not what is hardest to crack. A strong password should be long, unique, and random, but asking every employee to manually create and remember dozens of long, unique, random passwords isn’t realistic. Without a business password manager, the advice is technically correct but operationally weak.

Informal sharing removes accountability

When several people use one shared login, it becomes harder to track who’s using it and when. If a file is deleted, a setting changes, a payment is approved, or data is exported, the logs may only show the account activity and not individual users.

Shared logins can also make offboarding harder. If an employee had access to shared credentials through chat history, documents, or screenshots, removing their individual account may not remove their practical access. Secure sharing through a business password manager helps teams collaborate without sharing sensitive data in uncontrolled channels.

Scattered passwords slow incident response

During a security incident, teams may need to revoke access, rotate passwords, review activity, and confirm which systems are affected. Password fatigue makes this harder when credentials are reused, stored in too many places, or shared informally. The security team may not know which passwords exist, who has them, where they are stored, or which accounts depend on them.

That uncertainty increases response time and business disruption. IBM’s Cost of a Data Breach Report 2025 places the global average cost of a data breach at $4.4 million, even with a decrease from the previous year.

Creating stronger passwords isn’t enough

Telling employees to use stronger passwords does sound reasonable. But stronger passwords alone can’t solve password fatigue. In some cases, this approach can make the problem worse.

A stronger password is only useful if it is unique, stored securely, and used consistently in the right place. If employees are expected to create and remember every strong password themselves, the burden becomes too high. They may respond by reusing one strong password everywhere, making predictable variations, or saving passwords somewhere unsafe.

People can remember a few important secrets, but they can’t reliably remember dozens of unique, random, high-entropy passwords across changing business tools. When a password policy ignores this reality, it creates a gap between what your business says people should do and what people can actually do.

This is why modern security guidance has moved away from rules that create unnecessary password strain. If a control pushes people toward weaker behavior, it may reduce security rather than improve it.

A better approach is to design password security around how people at your business work. They shouldn’t need to memorize every password, create strong credentials manually, or paste secrets into chat to keep work moving. You need to make secure behavior the easiest option.

The real solution to password fatigue

Ultimately, moving away from placing more burden on employees is the best approach. Solving password fatigue does not mean asking employees to remember more, try harder, or invent stronger passwords on their own. This places the burden on individual memory instead of outsourcing it to a reliable tool.

A business password manager removes that burden from the daily workflow. Instead of expecting employees to remember every credential, it lets them generate strong, unique passwords, store them securely, autofill them when needed, and share access in a controlled way. Instead of trying to force people to try harder, this makes the safest behavior the easiest choice.

Password generators are useful, but they need to be used correctly: a password generator is a feature, not a standalone business solution. The real value to your business is when strong password generation is built into a business password manager that can also store, autofill, share, and manage credentials. That is also what makes a business password manager stronger than the password manager built into a browser.

The password managers built into browsers can help one person save their own passwords, but your business has no administrative oversight over it: there’s no controlled sharing or clear ownership of company credentials. For a business, a business password manager makes unique credentials the default across every work account, without adding more work for employees or losing control over where access lives.

Managed password vaults also give every credential a proper home. Instead of passwords ending up in notes, spreadsheets, browser profiles, or documents, teams have one secure place to store and access what they need. This reduces password sprawl and gives administrators a clearer view of access, offboarding, and password rotation when something changes.

Controlled sharing is part of the same shift away from password fatigue. Some business credentials still need to be shared, but the question is how to do it safely. With informal sharing, passwords end up in insecure locations. With controlled sharing in a business password manager, access can be managed more deliberately. Teams can share credentials through vaults, limit who has access, update passwords, and revoke access when needed.

Ultimately, a business password manager enables stronger password behavior without creating extra work. Autofill helps employees access tools without typing or remembering complex passwords. Built-in password generation means they don’t have to invent strong credentials themselves when trying to meet your password policy standards. Organized vaults make access easier to find, while admin controls help the business keep policies consistent.

How Proton Pass for Business helps reduce password fatigue

Proton Pass for Business is a secure business password manager that helps teams reduce password fatigue by replacing manual password habits with a secure, manageable system. Employees can generate strong, unique passwords, store them in encrypted vaults, and access them when needed without relying on memory, browser-saved passwords, or unsafe workarounds.

For administrators, Proton Pass for Business supports centralized credential management for teams. It helps businesses reduce password reuse, limit informal sharing, and improve visibility into how credentials are managed. Instead of passwords living in spreadsheets, chats, browser profiles, or personal notes, teams can use a dedicated password manager built for business use.

Proton’s SMB Cybersecurity Report 2026 reinforces the fact that password fatigue is not only an individual behavior problem, but also a systems problem. The report found that 48% of small and medium-sized businesses surveyed don’t have a password manager in place at their organization, and even some that do still share credentials through email, messaging apps, shared documents, conversations, or written notes.

That is why adoption, policy, and controlled sharing need to work together. Proton’s guidance on creating a password policy makes the same practical case: a strong policy should give employees the tools to follow it.

Proton Pass is designed around Proton’s broader security model. It uses end-to-end encryption for every stored credential including metadata, is open-source, holds independent audits, and relies on Proton-owned infrastructure.

Proton Pass for Business gives both large organizations and smaller teams without large security teams a practical way to reduce password reuse, replace unsafe sharing, and make secure access easier to follow every day.

Malicious apps on Google Play: how to prevent Android malware

Kate Menzies — Wed, 24 Jun 2026 18:06:10 GMT

As an Android user, you might assume it’s safe to download apps from the Google Play Store. That’s understandable, but not entirely accurate.

Stringent security checks make the Play Store the safest place to get Android apps, but not an entirely safe one. Google’s app store is a prime target for both cybercriminals and developers who monetize (and therefore compromise) your data, and will never be 100% risk free.

That’s why you need to shop for apps conscientiously: vetting apps before downloading them, auditing apps you’ve already downloaded, and securing your device data in case of a breach.

How malicious apps get past Google

Last year, Google blocked 1.75 million policy-violating apps from publication and banned over 80,000 developer accounts. Google Play Protect, which is built into most Android devices, blocked 266 million risky installation attempts.

But Google can only do so much. Cybercriminals consistently find ways to bypass Google’s pre-publishing and pre-installation scans.

Popular strategies:

Submitting clean apps for review then pushing malicious activity via remote updates.
Disguising malicious apps as simple (and functional) utility apps such as a document scanner or PDF reader.
Disguising malicious apps as a security or antivirus app, a particularly devious and effective disguise — if a user is anxious to fix a problem, they’ll be less likely to scrutinize before installing.

2,029 apps are published on the Play Store every day, so it’s inevitable that some malicious apps slip through Google’s net. Last year, Bitdefender uncovered an ad fraud campaign codenamed Vapor that involved at least 331 malicious apps, some of which were collecting user credentials and credit card data.

These apps were downloaded from the Play Store over 60 million times.

Legitimate apps can still put your data at risk

Malicious apps aren’t the only hazards to watch out for on the Play Store. There are also legitimate apps that quietly collect and store your personal and tracking data, and share it with third parties, such as ad networks.

Last year, NowSecure tested 25,000 apps across iOS and Android and found 75% of iOS apps and 70% of Android apps tested collected both sensitive data and tracking domains.

Google allows these apps on the Play Store because their developers openly disclose what data they collect and why in the data safety section of the app’s product page.

Google tightened its policy up in 2025, blocking 255,000 apps from gaining “excessive access” to sensitive data. That leaves thousands of apps unblocked that collect data within the letter of Google’s policy, but still far in excess of what users might expect.

This isn’t just a privacy concern: it’s also dangerous. Legitimate but data-hungry apps routinely share user data with advertising SDKs and analytics partners. These third parties can then pass that data on to unscrupulous data brokers.

Every link in this chain is a potential breach-point. If your data is compromised, you might not find out about it until it’s too late.

What to look out for: a five point checklist

There’s no authoritative, up-to-date blacklist of banned (and should-be-banned) apps that you can refer to.

But there are things you can look out for to identify risky apps:

Check the data safety section: Has the developer explained what data they collect and how they will use it? An empty data safety section is a big red flag, of course, but so is a policy that doesn’t match with the app’s functionality. A torch app shouldn’t need to know your contacts.
Read the permissions on install: Once you’ve installed an app, it will often request access to your location, contacts, storage, location, and/or microphone. Sometimes that makes sense, but other times it might seem excessive. Again, does a wallpaper app need to know your location?
Check the developer name and history: Is the developer a named company with other published apps and a web presence? Or is it a one-person account with this single app to their name, and no trail to add context?
Check if reviews are real: Fake reviews tend to show up in obvious patterns. A wall of five-star reviews posted in a short period is a known manipulation tactic. Check for critical reviews interspersed with positive reviews, and for a wide spread of dates.
Watch out for free utility apps: The most common disguises for both malicious apps and data-harvesting apps are free flashlight and battery apps, keyboard apps, free photo editors, weather apps with location access, and ad-supported games. If an app is free and you can’t see how its function could possibly make its developers money, then the answer could be that your data is their revenue model.

How to protect your data

Even if you’ve done your due diligence, you may still end up downloading a malicious app from the Play Store. But with the right protections in place, you can limit the damage that app can do.

Encrypt your connection with Proton VPN

Malicious apps will often attempt to transmit your data (including your browsing behavior, location, and device identifiers) over an unencrypted connection.

Enter Proton VPN: a secure VPN which

Encrypts all data to and from your phone at network level, making transmission and interception of browsing behavior, location, and device identifiers significantly harder
Prevents network-level surveillance on public WiFi (a common attack vector for compromised apps)
Blocks data transmissions that analytics SDKs rely on (via built-in tracker blocker NetShield), limiting what data developers can share with third parties

Protect your credentials with Proton Pass

Malicious apps use invisible keyloggers and phishing overlays to steal login credentials. This can be particularly damaging if you — like many — reuse the same passwords across multiple accounts.

Proton Pass is a secure password manager that addresses both problems:

Generates unique passwords for every account you create, so if one gets breached, they don’t all get breached
Protects passwords, passkeys and credit cards with end-to-end, zero-knowledge encryption. This means your credentials are encrypted on your device before they leave it, and not even Proton can access them.

Know how to remove malware

If you’re concerned that your device may have been compromised, or you want to know what to look for when it is, make sure that you recognize the signs that your phone has been hacked.

Can iPhones get viruses? What’s possible, what’s likely, and what to do about it

Jessica Bernard — Wed, 24 Jun 2026 13:23:16 GMT

iPhones have long had a reputation for being impervious to viruses and malware. But is this reputation deserved, or is it just a myth? In this article, we take a look at the likelihood of an iPhone being infected, what safety measures you can take, and how to protect yourself from viruses and other types of malware.

Do iPhones get viruses?
Signs of viruses or malware on your iPhone
How to get rid of a virus on iPhone
Is it ok to jailbreak my iPhone?
Security tips: What to look out for

Do iPhones get viruses?

Maybe your iPhone is hot to the touch, or perhaps it’s running out of battery too fast. The good news is that it’s extremely unlikely to be a virus. The bad news is that it’s still possible your iPhone is affected by malware.

Viruses vs. malware on iPhone

Malware (a combination of the words “malicious” + “software”) is intentionally designed and deployed to steal, disrupt, or destroy data, or to gain control of a device. There are different types of malware, including trojans, spyware, ransomware, and, of course, viruses.

A virus is so named because of the way it behaves. Once it infects its host, it replicates across files. The reason iPhones are considered safe from viruses is that every third-party app on an iPhone is isolated not only from every other app, but also from operating system data. This makes it virtually impossible for a virus to self-replicate on an iPhone.

How Apple protects against malware

Apple’s defense strategy relies on an architecture designed to prevent malware (including self-replicating viruses) from ever establishing a foothold. Instead of relying on third-party antivirus software, iOS (Apple’s proprietary operating system for the iPhone) integrates security through three primary layers:

Strict sandboxing: Every app runs in its own isolated environment (a “sandbox”), preventing it from accessing data from other apps or core system files unless explicitly permitted by the user.
App Store vetting: Apps undergo both manual and automated reviews before being published. This significantly reduces the risk of malicious code entering the ecosystem, unlike on open platforms (such as Android) where sideloading is much more common.
Automated security patches: Apple delivers frequent, mandatory iOS updates that patch known vulnerabilities immediately. This ensures that exploited loopholes are closed rapidly across supported devices.

Learn more about Android vs iOS security

Perhaps because they’re so confident in the security measures they have in place, Apple has no official support resources that use the term “virus.” Instead, they focus on concepts like “unauthorized modification” and “threat notifications”.

While this reinforces the idea that iPhones are immune to viruses, it makes it harder to take action if you suspect your iPhone has been compromised. And although there’s no evidence that viruses have successfully targeted iPhones, there have been notable malware attacks.

Real-world attacks

While iOS is designed to block self-replicating viruses, it remains vulnerable to other forms of malware under specific conditions, such as jailbreaking, compromised development tools, or targeted state-level exploits.

AdThief (2014)

Malware type: Adware/hijacker

This malware targeted users who had jailbroken their devices. Once installed on approximately 75,000 devices, it swapped legitimate ads within apps with its own malicious ones. The impact was financial: cybercriminals hijacked the ad revenue stream, stealing income from developers.

It serves as a prime example that once the OS sandbox is broken via jailbreaking, even simple revenue theft becomes possible.

XcodeGhost (2015)

Malware type: Supply chain Trojan

This was a landmark incident in which the attack method wasn’t a phone virus but a compromised development tool. Attackers created a fake version of Xcode (Apple’s official coding software) that was infected with malware. Chinese developers who downloaded this counterfeit tool unknowingly built compromised versions of popular apps—including WeChat and Angry Birds. When users installed these apps from the App Store, the malware activated.

This showed that even apps vetted by Apple could be carriers if the source code itself was poisoned before review.

Pegasus (2016–present) and Graphite (2025-present)

Malware type: Zero-click spyware

Unlike previous examples, Pegasus and the similar Graphite don’t require user interaction. Developed by the Israeli firms NSO Group and Paragon Solutions respectively, they exploit zero-day vulnerabilities in iOS to gain root access. Once inside, they can extract messages, photos, location data, and microphone feeds.

These are the most serious threats to date, demonstrating that sophisticated actors can bypass iOS security entirely through undiscovered flaws. Targets are generally high-profile people such as journalists and politicians, rather than the general public.

LightSpy (2020–present)

Malware type: Cross-platform spyware/web-based exploit

Targeting both macOS and iOS, LightSpy uses malicious websites to deploy its payload. When users visit a compromised page — often via phishing links or deceptive ads — the site attempts to install surveillance software that can harvest contacts, messages, and files without any further interaction.

You don’t need to download anything or tap anything suspicious — just visiting the wrong webpage can be enough. Since Safari is the default browser on iPhone and opens web links automatically, it’s the most likely entry point for this kind of attack if the device isn’t running the latest software.

Signs of viruses or malware on your iPhone

There’s no definitive way to check for viruses on the iPhone, but there are signs you can look out for.

1. Unusual account activity

Messages sent from your device that you didn’t send
Unknown trusted devices linked to your Apple ID
Unexpected password changes or purchases

Threat notifications
- If Apple identifies a threat, you’ll receive alerts to your email, phone number, and within your Apple Account

3. Technical anomalies

Battery drain or overheating without clear cause
Apps crashing unexpectedly or unknown apps appearing
Settings changing without your input

4. Pop-ups or phishing attempts

Messages urging you to install profiles, click suspicious links, or provide credentials—these are often scams but can indicate attempted compromises

Learn more about how to know if your phone is hacked

How to get rid of a virus on iPhone

Because Apple doesn’t use the term “virus” in its official support documentation, you won’t find any specific steps for virus removal on its website. However, if you’re experiencing the above symptoms, you can take practical steps to troubleshoot what might be acting like a virus — such as adware, browser hijacks, or configuration profile malware.

Since no antivirus app for iPhone can scan your entire system, you’ll need to perform a manual diagnosis using built-in tools:

1. Run Safety Check (iOS 16 or later)

If you suspect an app has too much access to your data, use Apple’s Safety Check feature to review and reset permissions.

Go to Settings → Privacy & Security → Safety Check.
Tap Manage Sharing & Access and follow the prompts to reset sharing with people and apps.

This ensures that any potentially compromised app immediately loses access to your contacts, location, and photos.

2. Clear Safari data
Often, what looks like a virus is actually aggressive adware or malicious scripts trapped in your browser cache, which can cause pop-ups.

Go to Settings → Apps → Safari.
Scroll down and tap Clear History and Website Data.

This removes cookies and cached scripts that might be triggering unwanted ads or redirects.

3. Review configuration profiles
Malware sometimes installs a hidden “profile” to force changes to settings or redirect your internet traffic.

Go to Settings → General → VPN & Device Management.
If you see Device Management listed, tap it to view installed profiles.
If you don’t see any profiles, you have none installed. If you see anything unfamiliar or suspicious, tap the profile, select Delete Profile, enter your passcode, and restart your device.

4. Perform a factory reset
If the issue persists after trying the steps above, the most definitive solution is to wipe the device clean.

Warning: Before doing this, ensure you have a recent, clean backup of your data via iCloud or a computer.
Go to Settings → General → Transfer or Reset iPhone → Erase All Content and Settings.

This completely wipes the phone, removing any malware. You can then set it up as new or restore from a backup created before the symptoms started.

Note: If you believe your device has been targeted by sophisticated spyware (such as Pegasus or Graphite), a factory reset may not be sufficient. In these rare cases, contact Apple Support directly for advanced assistance.

Is it OK to jailbreak my iPhone?

We strongly advise against jailbreaking your iPhone. While removing Apple’s software restrictions grants access to unofficial apps and customization options, it also dismantles the security architecture that protects your device from malware. For most people, there is no practical reason to accept this risky trade-off.

When you jailbreak an iPhone, you bypass three critical layers of protection:

You break the sandbox: Jailbreaking removes the isolation between apps. Once the sandbox is broken, a malicious app can access data, contacts, and system files belonging to other apps. This is how traditional viruses operate on other devices.
You lose App Store vetting: Apps installed via third-party stores or sideloading haven’t undergone Apple’s security review. This increases your risk of installing adware, Trojans, or spyware.
You block security updates: Jailbroken devices can’t easily install the latest iOS security patches. Without these updates, known vulnerabilities remain open, leaving your phone exposed to new exploits.

Keeping your iPhone unmodified is the single most effective defense against malware. The convenience of custom themes or unauthorized tweaks isn’t worth it if it turns your secure iPhone into an easy target for hackers.

Security tips: What to look out for

While iPhones are naturally resistant to viruses, your biggest risks come from social engineering and risky behavior. Security breaches are most likely to occur when you’re tricked into granting access or installing malicious software. Here’s what to watch for:

Phishing and smishing: Be extremely skeptical of unsolicited emails, texts (smishing), or iMessages claiming you have a package delay, a compromised account, or that you’ve won a prize. These messages often contain links to fake login pages designed to steal your credentials. Always mark suspicious messages as junk and delete them immediately.
Fake “virus scanners”: If you see an app on the App Store claiming to scan for iPhone viruses, don’t download it. As we noted earlier, iOS architecture makes system-wide virus scanning impossible. Apps that make this claim are often scams designed to harvest your data or sell you useless subscriptions.
Malicious websites: Avoid clicking links in suspicious messages, even if they appear to come from legitimate companies. Before installing an app, be sure to check its credibility yourself. Look for high download numbers (millions usually indicates a reputable app), read recent reviews for red flags, and check the permissions it requests. An app shouldn’t need access to your microphone or contacts just to show a flashlight.

The best way to protect yourself against phishing and data theft is to use tools that manage your security for you. We recommend using a dedicated password manager like Proton Pass to generate and store unique, complex passwords for every site, so if one is breached, the others remain safe. Proton VPN’s NetShield Ad-blocker DNS filtering feature will also prevent malware and trackers from connecting to malicious domains.

A strong data security plan could help you win new business, research finds

Alanna Alexander — Tue, 23 Jun 2026 22:22:35 GMT

Data security is rarely at the top of a new business pitch. But new research suggests it should be.

Our large-scale survey of 3,000 founders, executives, and IT leaders at small and medium-sized businesses across six countries — the US, UK, Brazil, France, Germany, and Japan — found that security has moved firmly into commercial conversation.

As many as 66% of business leaders said demonstrating secure handling of client data was “very important” or “critically important” to winning new business.

Part of what’s driving this shift is exposure. Data breaches often involve a third party — suppliers, vendors, hosting partners, or outsourced IT support. When a business works with you, they’re aware they’re trusting you with their data. Because if that data is breached on your watch, their reputation is on the line too.

Does security deserve a slide or two in your next pitch deck? Here’s what the data shows.

Clients are asking how you’ll protect their data

When a prospective client shares customer records, financial data, internal documents or any other sensitive data with you, they retain responsibility for it. Regulators, their own customers, and their board still hold them accountable.

A breach in your systems can trigger their compliance obligations, damage their customer relationships, and put their brand in the headlines. It makes sense, then, that businesses are asking harder questions before signing.

If you have a clear, confident answer, you have an opening. Without it, expect more questions, clearance delays, or — depending on how regulated your prospective client’s industry is — a lost deal.

Security has become one of the primary barometers potential partners use to decide whom to trust.

Your competition is already sharing their security practices

Businesses operating in highly regulated industries — financial services, healthcare, legal — have been ahead of this trend for years. Compliance requirements forced them to document and demonstrate their security posture early. So, they lead with it.

When asked whether they highlight secure file-sharing as a selling point when competing for new business, the overwhelming majority of respondents said yes.

Businesses are increasingly treating security as something worth leading with, not just something to have.

Proactively presenting your security practices makes you the easy choice. It tells a prospective partner’s IT team that their data will be handled within a defined, auditable framework. It tells the Procurement team that you’ve already done the due diligence they would otherwise have to chase. And it tells the Legal team that the liability question has been thoroughly considered.

That’s the kind of partner risk-averse buyers want to work with.

How to present a convincing data security plan

If you’re reconsidering how to pitch your security practices, here’s where to focus:

Don’t just list the tools you use. Our research shows 92% of SMBs already have modern security measures in place — password managers, MFA, VPNs, employee training. Tool adoption is the baseline, not the differentiator. Tell prospective clients exactly how these measures protect their data: Instead of “We have a password manager,” say “All our clients credentials are managed centrally, access is role-based and limited to the team members working on your account, and we have an off-boarding process that revokes permissions the day someone leaves.”
Strengthen your defenses around client data. Use tools that integrate naturally into existing workflows so that the secure option is the easy option. Enforce MFA across every service that supports it. Maintain and audit your credential management process regularly.
Be prepared to show your data protection plan. As regulatory scrutiny of vendor relationships increases across industries, clients are asking more specific questions: Where does our data live? How is it encrypted? What happens to it when the relationship ends? The businesses that have clear, documented answers to these questions move through procurement faster and create fewer reasons for a client’s legal team to pause.

Security can help you build trust with businesses — and, so often, trust is what procurement decisions are made on. Use your data security practices to differentiate yourself and you’ll start seeing the results in faster deal cycles, smoother approvals, and stronger client relationships.

Get more findings and insights in the full report

Our complete Proton SMB Cybersecurity Report 2026 covers the reality of the security and threat landscape facing SMBs today, including what’s actually causing breaches despite heavy investment, where human error keeps slipping through, how cloud and AI are opening new blind spots — and the strategies to turn your security stack into something clients trust and competitors can’t easily match.

Download the SMB Cybersecurity Report 2026

Cloud storage email scams: How to spot them and what to do

Elena Constantinescu — Tue, 23 Jun 2026 22:04:19 GMT

Cloud storage email scams are increasingly common. These messages are designed to make you believe your files are at risk — and push you into clicking a link or entering payment details before you have time to think it through.

A form of phishing, these “cloud storage full” scams exploit a simple fear: that your photos, documents, or backups are about to be deleted. Fake renewal pages are built to collect your payment details, phishing websites mimic real cloud services to steal your login credentials, and links redirect to products to generate affiliate revenue. In some cases, malicious websites attempt to install unwanted software on your device.

Some scam emails impersonate well-known providers like Apple, Google, or Microsoft to appear more credible. Others use generic names like “Cloud+” or “Cloud Storage,” but are designed to look convincing enough to create doubt. Here’s how to tell the difference, check your storage account safely, and avoid getting caught out.

How to spot a cloud storage scam
Examples of cloud storage scams vs. legitimate “storage full” emails
What to do if you receive a cloud storage scam email
Why you keep receiving cloud storage scam emails, and how to stop them
Stay ahead of scammers with Proton

How to spot a cloud storage scam

Scammers rely on a consistent set of tactics. Before you act on or click any links in an email, check for these warning signs of a scam:

Unusual sender address: Messages often come from random domains or long, unreadable email addresses that don’t match the company being impersonated.

Generic branding: Names like “Cloud”, “Cloud+”, or “Cloud Storage” are commonly used instead of real product names.

Urgent or fear-inducing language: Warnings about your cloud storage getting full or files being permanently deleted on a specific date are a hallmark of phishing attacks, designed to pressure you into acting quickly.

Suspicious links: Links may redirect through unrelated domains or lead to fake login pages designed to mimic real services.

Fake account details or scans: Some messages include made-up account IDs, or links to fake pages that perform a “storage scan” and always report that your account storage is full.

Generic greetings: Messages often use “Hello” without your name, or address you by your email address.

Unrealistic offers: Massive discounts that sound too good to be true, such as “80% off upgrades” or “limited-time recovery deals”, are a strong indicator of a scam.

Examples of cloud storage scams vs. legitimate “storage full” emails

Cloud storage scams can be especially convincing because they often appear alongside real storage alerts from services such as iCloud, Google Drive, OneDrive, or Dropbox.

For Apple users, an iCloud scam may claim that your iCloud account has been blocked, your photos and videos will be deleted, your payment method has expired, or your cloud service has been disabled. The goal is to make you click a malicious link that leads to a fake login or payment page designed to steal your Apple ID or banking details. The Guardian provides a good example:

Source: The Guardian

A legitimate “storage full” email is less threatening and will direct you to manage your storage through the official app or account settings. Go to Settings → [your name] → iCloud to check. If storage is actually full, the official account page will show the issue and provide safe options to manage or upgrade storage.

Source: The Guardian

What to do if you receive a cloud storage scam email

If you receive a suspicious storage alert, follow these steps:

Do not click anything in the email

Cloud storage scam emails often include fake buttons or links such as “upgrade storage,” “renew account,” “claim free space,” or “fix payment.” These links may lead to phishing pages designed to steal your password, payment details, or personal information.

Do not click links, buttons, or attachments in the email.

Check your real cloud storage account directly

Log in to your real account directly, such as Proton Drive, iCloud, Google Drive, OneDrive, or Dropbox, and check your storage, billing, and security settings there. If there is a real issue, it will usually appear inside your official account.

Mark the email as spam or phishing

Simply deleting the email removes it from your inbox, but it does not help your email provider identify similar scams in the future.

Use your email provider’s “Report phishing,” “Report spam,” or “Block and report” option. This helps train spam filters and may reduce similar scam emails over time.

Do not reply to the sender

Replying can confirm that your email address is active. Scammers may then send more scams or sell your address to other spam lists.

Do not respond, even to say “stop” or “unsubscribe.” Instead, use only unsubscribe links from companies you recognize and trust. Proton Mail provides an auto-unsubscribe option to make this easier for you.

Delete the scam email after reporting it

Keeping scam emails in your inbox increases the chance that you may accidentally click them later.

After reporting the message as spam or phishing, delete it from your inbox. You can also empty your trash later to remove it completely.

Change your password and turn on 2FA if you clicked a link

If you clicked a link and entered your password, scammers may now have access to your cloud storage account or other accounts where you reuse the same password.

Change your cloud account password immediately by using a strong, unique password that you do not use anywhere else.

And, if you don’t already have two-factor authentication (2FA) enabled, make sure to turn it on for extra security. If a scammer has your password and tries to break into your account, 2FA can alert you by prompting for a second step, such as a code or approval request. If you receive a prompt you didn’t request, deny it and change your password immediately.

Check your account activity and payment details

If you entered login or payment information on a fake page, scammers may try to access your account, change settings, or use your card details.

Review recent account activity, connected devices, recovery email addresses, and payment methods to remove anything unfamiliar. If you have a paid Proton account, you can enable Proton Sentinel to help protect you from account takeover.

If you entered card details, contact your bank or card provider to freeze your card or account.

Report the scam

Cloud storage scams are part of larger phishing campaigns, and reporting them helps anti-phishing organizations track and fight these attacks.

Forward suspected emails to APWG (Anti-Phishing Working Group), an international nonprofit focused on fighting phishing, online fraud, email spoofing, malware, and related cybercrime. You can also report them to your email provider and the company being impersonated.

Why you keep receiving cloud storage scam emails, and how to stop them

Even after reporting and blocking, you might still keep receiving scam emails, and there are a few reasons why:

Your email address is on spam lists

Your email address may have appeared in a data breach, on a public website, in a mailing list, or in a marketing database sold by a data broker. Once scammers have your address, they may repeatedly target you with cloud storage scams.

Dark web monitoring is a Proton Pass feature that checks whether your email has appeared in known breaches. You can also remove your email address from public pages where possible and use email aliases when signing up to online services or apps, to hide your true email address.

You opened, clicked, or replied to a scam email before

Opening a suspicious email can sometimes confirm your address is active, especially if the message loads tracking images. Clicking links or replying gives scammers an even stronger signal that your inbox is being monitored.

Do not click links, open attachments, or reply to suspicious messages. Access your cloud storage account only by typing the official website address or opening the official app, and turn off automatic image loading in your email settings. Proton Mail removes invisible tracking from every email you receive, to hide your email activity from senders.

Scammers rotate senders and domains

Blocking one sender may not stop the scams because scammers often change email addresses, domains, and display names. The next message may look similar but come from a completely different sender.

Report these messages as phishing instead of only blocking the sender, which helps your email provider recognize similar scams and improve filtering for future messages.

Your spam filter is still learning

Some scam emails are designed to bypass spam filters by using images instead of text, strange spacing, misspellings, shortened links, or compromised email accounts that appear more trustworthy.

Continue reporting scam emails as phishing, and create custom inbox filters for repeated phrases such as “storage full,” “cloud renewal,” “payment failed,” or “account suspended.” Also check your spam folder occasionally to make sure legitimate emails are not being filtered incorrectly.

Stay ahead of scammers with Proton

Cloud storage scams work because they target two things people care about: access to their inbox and access to their files. Protecting both makes it much harder for scammers to trick you, steal your information, or pressure you into handing over payment details.

Proton Mail helps protect your email from phishing attempts with spam filtering, phishing protection, custom filters, tracker protection, and simple reporting tools. It also protects your emails with end-to-end encryption and zero-access encryption, so your inbox stays private by default.

Proton Drive gives you a safer place to store and back up your important files, photos, and documents. With end-to-end encrypted cloud storage, your files are encrypted on your device before they’re uploaded, meaning no one — not even Proton — can access them without your permission.

If these scams have made you rethink where you keep your emails and files, Proton is easy to try. With a free Proton account, you get both Proton Mail and Proton Drive, giving you a more private inbox and secure cloud storage from the start.

Create a free Proton account

What we learned at Europe’s largest cybersecurity conference

Alanna Alexander — Tue, 23 Jun 2026 16:43:50 GMT

Infosecurity Europe brings together leading experts in cybersecurity every year in London. This year, Proton made its first appearance at Infosecurity Europe 2026. We welcomed hundreds of visitors to our booth, which showcased our business password manager and other business solutions, and our business VPN product manager gave a talk on cyberattack patterns and how small teams can respond. Proton COO Raphael Auphan also spoke to Infosecurity Magazine about how we fight criminals on our platform.

As a result of all those conversations, we came away with a clear picture of what people care about right now in IT security. Today we’re sharing our key takeaways to keep those conversations going.

The core topics included:

Tech sovereignty
Business continuity
The risks of US Tech
AI hype and oversaturation

What everyone is talking about

During more than 500 conversations at our booth, we spoke to people of all seniorities across industries, from insurance to media, cybersecurity firms to supermarkets. Our conversations ranged from broad discussions about European tech to technical questions about switching from US tech to Proton.

Attendees were keen to understand how Proton fits into a quickly changing tech landscape. They also spoke about their concerns regarding business continuity and data protection.

Businesses want tech sovereignty

The push for EU tech sovereignty has gained significant momentum in the last year. We’ve seen governments moving to reduce or even eliminate dependencies on American tech, and the European Commission has proposed a new tech sovereignty package to build domestic capacity. The US has already weaponized its tech dominance against the rest of the world, banning foreign access to Anthropic’s most powerful large language model. The EU already had to beg the US administration for access to the prior model, Mythos.

Watching this play out in the news, many of the attendees at Infosecurity Europe had strong feelings about the risks of relying on US tech. Surveillance and third-party data sharing were always concerns when using Google or Microsoft. But geopolitical tensions and the risk of service cutoff or data loss have made the risks too significant to ignore. Business leaders say they no longer feel like they’re in control.

Thankfully, a groundswell of support for tech sovereignty means that businesses have significantly more options if they want to move away from US tech. Many European companies and governments alike are actively seeking European alternatives which can offer stronger privacy protections and a more secure future.

Leaders are worried about business continuity

Last year, US sanctions against the International Criminal Court showed how political decisions could affect legal proceedings in Europe. Any institution outside the US could find itself cut off from data and cloud services instantly. If that happens, it can bring business to a standstill.

We spoke with businesses asking exactly this question: If a US tech provider cuts off my organization, can we continue to communicate and stay operational? At Proton, we’ve already developed solutions.

In March, we launched an encrypted European suite for businesses, including email, calendar, drive, docs, sheets, VPN, password manager, video conferencing, and AI assistant. And this month, we introduced Easy Switch for Businesses to help them migrate with zero downtime. But not everyone is ready to fully migrate all their data to a new platform. Some just want a plan B standing by. So we’ve also introduced business continuity option that gives organizations a way to stay online in an emergency.

Businesses aren’t fully aware of US tech risks

Even though attendees spoke to us about US risks generally, many of them still weren’t sure why they should be skeptical of Google or Microsoft business offerings. While Big Tech’s consumer privacy failures are frequently in the news, businesses assume they benefit from enterprise protections since they’re paying for the service and their data isn’t monetized with ads. But this isn’t the case.

Big Tech providers are consistently sovereignty-washing, claiming that they’re offering a European cloud. But that doesn’t stop them from moving the goal posts. We saw this when Microsoft in particular introduced flex routing to process Copilot data outside Europe.

Businesses are also affected by Big Tech’s data capture for the purpose of AI training. Even if emails and documents aren’t being used for training at scale, model development is being prioritized over customer privacy. Many companies are also insisting on inserting their AI solutions (such as Gemini) into everything, even when they aren’t wanted. Beyond exploiting data for training AI, the tools themselves don’t even guarantee security: Passwords saved in the Microsoft Edge browser are left unencrypted by design.

Even if businesses aren’t aware of the biggest risks caused by their existing US tech, they’re noticing that the tools they once relied on aren’t as good anymore. Europe has an opportunity to develop better tech at home to remedy this.

AI oversaturation and confusion

AI has dominated public discourse of late, and conversations at Infosecurity Europe were no different. We spoke to attendees who are themselves adopting AI and ones who are watching their service providers incorporate AI into their products. There were two recurring themes:

Over-investment in unproven AI products: Big Tech companies prioritize establishing themselves as leaders in AI at the expense of core products and the needs of smaller business clients.
Confusion about AI offerings: People are overwhelmed by the sheer number of AI tools on the market and finding it increasingly difficult to discern helpful tools from cash grabs.

AI is absolutely everywhere, so how can you tell what’s innovative and what’s a marketing ploy? As with any new tool, users have rushed to be early adopters while developers land grab for market share. But now that the landscape is settling, we heard many attendees wondering how to discern the buzzy from the genuinely useful. We also heard dissatisfaction with the support and attitude of Microsoft towards their customers in particular: with regards to data, attendees mentioned that even though our data in Europe and they were assured it can’t be resold, Microsoft’s IT team can access it.

Trust in the AI age is important. Too often, AI tools incorporate ads or abuse personal data in return for a service that doesn’t even respect its users. When it comes to business use, AI can be particularly risky. Depending on where your data is stored for processing, your queries and any data you give an AI tool could be accessed by foreign governments. There’s also no guarantee you’re protected by data laws.

AI is a powerful and useful tool if used and managed properly, but it should be private by design and it should be optional. It’s also essential that European AI tools are adopted by individuals and businesses alike. We built our AI chatbot Lumo as an alternative to AI services that don’t put their users first and protect their privacy. It’s part of our business offering because we know that businesses can benefit from it if they choose to, but AI isn’t going to detract from our mission of building a more private internet for individuals and businesses alike.

Bottom line: digital sovereignty is on the way

After so many illuminating conversations, we’re hopeful that digital sovereignty is closer than ever. There have never been more European digital offerings than there are today. And data privacy, economic investment in Europe, and strengthened cybersecurity are more possible for businesses now that European alternatives are widely available. We welcome a future where European companies can invest in tech that puts them first and builds a more private future.

Credential stuffing: what it is and how to protect your business accounts

Kate Menzies — Mon, 22 Jun 2026 17:53:08 GMT

Credential stuffing is one of the clearest examples of how a personal password habit can quickly become a business security problem. The attack is simple: criminals take usernames and passwords exposed in one breach, then automatically test them against many other services, hoping some people reused the same login elsewhere.

For businesses, that means a breach your company had nothing to do with can still become your problem. If an employee reused a personal password for a work account, a consumer data leak can turn into unauthorized access to email, SaaS tools, finance platforms, admin panels, or customer systems.

We’ll explain what credential stuffing is, why it works at scale, why small and medium-sized businesses are particularly exposed, and how to reduce the risk.

How does credential stuffing affect businesses

Why credential stuffing works at scale

Why SMBs are more exposed to credential stuffing

What a credential stuffing attack can do to a business

How to prevent credential stuffing attacks

What to do if you suspect credential stuffing

How does credential stuffing affect businesses

We’ve explained what a credential-stuffing attack is in detail before, so now we’ll focus on what credential stuffing means for business accounts: where one reused password can expose business email, SaaS tools, admin panels, and customer systems.

This type of attack is effective because so many people reuse passwords. If someone uses the same password for a personal shopping account, a social media profile, and a work tool, a breach at one service can expose the password for all three.

Credential stuffing is different to a brute force attack. Attackers use brute force attacks to guess passwords. By using credential stuffing, they already have real credentials from previous leaks — they can then test whether the same password works somewhere else.

That makes credential stuffing attacks very efficient. A single leaked credential can be tested against email providers, cloud services, customer relationship management platforms, payroll tools, developer accounts, file storage, and admin portals. Even a low success rate can be valuable when attackers test at scale.

Why credential stuffing works at scale

Credential stuffing is effective because the process can be automated. Criminals can obtain large lists of leaked credentials from previous breaches or dark web markets. Then automated tools test those credentials against hundreds of services. The process can run quickly, repeat attempts, rotate IP addresses, and mimic normal login patterns to avoid basic detection.

Within a business, it’s extremely difficult to spot a threat created by a single login attempt. The first sign of a credential attack may be a successful login from an unfamiliar location, a password reset request, a new mailbox rule, an invoice change, a file download, or unusual activity inside a SaaS tool.

The attack also benefits from the way modern work is distributed. Employees use many services, often outside a single identity system. Some accounts are created by departments without IT oversight. Some tools do not support single sign-on or two-factor authentication (2FA). Some vendor portals have weak monitoring. Credential stuffing looks for exactly these gaps.

Why SMBs are more exposed to credential stuffing

Credential stuffing can affect organizations of any size, but SMBs are often especially exposed.

Fewer resources, more responsibilities

Smaller teams tend to move fast and share duties. Employees may create accounts for new software without a formal approval process. Shared vendor logins may circulate through chat or email. Password reuse may go unnoticed because there is no dedicated security team overseeing and enforcing a password policy. A password created years ago may still protect an important business system.

Lack of personal/ work digital boundaries

The biggest risk is cross-over between personal and work credentials. If an employee uses the same password for a breached consumer service and a work account, attackers don’t need to breach the business first. They can use the consumer breach as an entrypoint instead.

This is why credential stuffing prevention has to focus on preventing password reuse. Training helps, but memory-based password habits don’t scale. Employees can’t safely create and remember unique, strong passwords for every personal and business account without support.

SMBs are targets for cybercriminals

Proton’s Data Breach Observatory shows how often leaked data includes information that can support account compromise, such as names, email addresses, passwords, financial information, contact details, and other sensitive information.

Today, no business is too small to be targeted by cybercriminals. For example, in February 2026 French e-learning platform GDQuest was affected by a suspected data breach that contained more than 66,000 records including email addresses and usernames. Despite being such a small business, GDQuest presented an obvious payday for cybercriminals, and was targeted by an undisclosed attack vector.

A small breach becomes a big problem

For small businesses, the lesson is clear: leaked data doesn’t stay isolated to the company where it first appeared. If an employee reuses a password from a breached personal or third-party account, attackers can test that same credential against work email, SaaS platforms, finance tools, or admin systems. That is how an external breach can become an internal access problem.

What a credential stuffing attack can do to a business

A credential stuffing attack can go undetected at first: if a single account logs in from a new device, or one email rule changes, or just one document is downloaded. But once attackers have valid credentials, the risk grows quickly.

Unauthorized access to SaaS tools

Business operations now depend on SaaS tools for project management, customer communication, HR,and sales. If attackers use reused credentials to access one of these services, they may find client data, internal documents, invoices, customer lists, or operational workflows.

Even tools that seem low risk can reveal useful information. A project management account may show which systems the company uses, who approves payments, which clients are active, and where sensitive files are stored.

Email compromise and account takeover

Email is one of the most valuable targets in a credential stuffing business attack. Once attackers access email, they may reset passwords for other services, search for invoices or contracts, impersonate employees, set up forwarding rules, or monitor conversations silently.

It’s also important to remember that email access supports phishing. An attacker with access to a legitimate inbox can send convincing messages to colleagues, clients, or vendors because the message comes from a trusted account.

Admin panel access and privilege escalation

If credential stuffing reaches an admin account, the impact can be severe. Attackers may create new accounts, change security settings, invite external collaborators, disable controls, export data, or escalate privileges.

This is where password reuse becomes especially dangerous. Admin and privileged accounts should never reuse passwords from other services because their compromise can affect many other accounts and systems.

Lateral movement across systems

Credential stuffing also enables lateral movement. Once attackers gain access to one account, they can use what they find to test other systems, identify higher-value accounts, and move through the business environment.

For example, a compromised SaaS account might reveal internal naming conventions, shared documents, vendor portals, or links to admin systems. Attackers can then try the same password, search for stored credentials, or use password reset flows to reach other services.

Ransomware and extortion risk

Credential stuffing does not automatically lead to ransomware. On its own, it is more often used for account takeover, fraud, or data theft. But compromised credentials can also become the first step in a more serious attack.

If attackers gain access to cloud storage, admin consoles, remote access services, or endpoint management tools, they may be able to escalate the incident into extortion, operational disruption, or ransomware deployment.

How to prevent credential stuffing attacks

Credential stuffing prevention starts by removing the weakness that this type of attack depends on: password reuse. From there, businesses can add layers that make unauthorized access harder to complete and easier to detect.

Choose unique passwords for every account

Unique passwords are the strongest defense against credential stuffing. If every account has a different password, a credential leaked from one service cannot be reused to access another.

This sounds simple, but it is difficult to sustain manually. Employees should not be expected to invent and remember unique, strong passwords for every work account. A business password manager makes this practical by generating and storing unique passwords for each service.

Proton Pass for Business helps teams create strong, unique passwords, store them in end-to-end encrypted vaults, use autofill, and share access securely. This directly reduces the attack surface credential stuffing relies on.

Use password health check to find weak or reused passwords

Businesses also need visibility into existing password risk. Password reuse often builds up over time, especially across older accounts, shared tools, and accounts created outside formal IT processes.

Password health check helps identify weak or reused passwords so teams can change them before attackers take advantage of them. Proton Pass for Business helps you identify weak and reused passwords within an organization, helping you prioritize and protect the credentials that create the most risk.

Turn on 2FA as a second line of defense

2FA adds a second layer when a password is compromised. Even if attackers have the correct username and password, they still need another factor to access the account. That helps organizations reduce the likelihood that weak, stolen, or reused credentials lead directly to unauthorized access, while strengthening the overall security posture of high-risk accounts.

That kind of defense should be prioritized for email, password managers, admin accounts, finance tools, identity providers, cloud storage, and any system that can reset or control access to other services.

2FA is a supplement to, not a replacement for unique passwords. If a reused password is exposed, attackers may still cause disruption through repeated login attempts, lockouts, attempts to trick employees into sharing 2FA codes, or attacks against systems where 2FA is not enforced. Still, using an authenticator reduces the chance that one stolen password becomes an immediate compromise.

Use dark web monitoring for exposed credentials

Dark web monitoring helps businesses detect whether employee credentials appear in breach data. In practice, it works by scanning breach datasets and dark web sources associated with credential leaks, such as forums, marketplaces, and other places where stolen data may circulate. It does not prevent the original breach, but it can give teams a chance to respond before exposed credentials are abused.

Proton Pass includes Pass Monitor, which can detect credential leaks and warn you when your information appears in a breach. Proton’s Data Breach Observatory 2026 also highlights how leaked business data appears in the wild and why organizations need better visibility into credential exposure.

When monitoring finds exposed credentials, the response should be fast: change the affected password, check whether it was reused elsewhere, revoke suspicious sessions, review account activity, and enable 2FA where possible.

Protect your Proton Account with Proton Sentinel

Proton Sentinel adds advanced account protection for Proton accounts. Using automated detection and human analysts, it identifies and challenges suspicious account takeover attempts. It can help prevent an attacker from accessing your data even if they have successfully stolen your Proton Account username and password.

Bear in mind that Proton Sentinel is only available for protecting your Proton Account. For the other business services your employees use, such as SaaS platforms, finance tools, admin panels, or vendor portals, your broader defense strategies should still depend on unique passwords, 2FA, monitoring, and clear access policies.

Build credential stuffing prevention into daily access management

The most effective prevention strategy is not asking employees to remember more. It is giving them a system that makes reuse unnecessary.

Proton Pass for Business helps teams do that by generating strong, unique passwords, storing them in encrypted vaults, identifying weak or reused passwords with password health check, and supporting secure sharing across teams. That turns credential stuffing prevention from advice into a daily access practice.

Use email aliases

Email aliases hide your personal or professional email addresses when you’re signing up for new accounts or services. They’re an excellent way to ensure that your email address can’t be followed around the internet by cybercriminals.

Proton Pass for Business also helps reduce credential stuffing risk through email aliases powered by SimpleLogin. Employees can use a unique email alias for each service they sign up to, which means a breach at one service won’t automatically expose their primary work email for credential stuffing attempts elsewhere.

What to do if you suspect credential stuffing

Start by identifying affected accounts. Look for unusual login locations, repeated failed login attempts, new devices, unexpected password resets, mailbox forwarding rules, new admin users, unusual file downloads, and changes to payment or security settings.

Then take immediate action:

Reset passwords for affected accounts.
Check whether those passwords were reused elsewhere.
Revoke active sessions.
Enable or enforce MFA.
Review account activity and audit logs.
Remove unauthorized users or integrations.
Check email rules and forwarding settings.
Notify affected customers, partners, or regulators if required.

After containment, reduce the chance of recurrence. Move affected accounts into a business password manager, replace reused passwords with unique credentials, review shared accounts, and use password health check to find weak or reused passwords that remain.

If exposed data includes personal information, the incident may also raise data protection obligations. Proton’s guide to data breach protection for businesses can help teams understand how to reduce breach risk and strengthen controls before the next incident.

How to improve password manager adoption for teams

Ben Wolford — Fri, 19 Jun 2026 16:23:22 GMT

Business password manager adoption isn’t automatic. A company can choose the right solution, pay for the seats, announce the rollout, and still end up with employees saving passwords in browsers, sharing credentials through chat, or writing down passwords.

The real implementation problem comes after the purchase decision. Once an IT manager, COO, or founder invests in a business password manager, setup is just the first part of the work. Adoption is what determines whether the investment will be able to change daily behavior.

If you want adoption, your business password manager needs to make work easier. Team members still need to protect and remember their primary password, but they should be pleased to no longer have to carry the full burden of everyday credential management on memory or bad habits alone. If the rollout feels like another security task added to an already busy day, that’s adoption can stall.

We’ll explain why password manager adoption fails, how to choose a password manager your team will actually use, and how to roll it out in a practical way. It also covers what IT teams can measure, what policies can and can’t enforce, and how Proton Pass for Business helps make adoption easier across small and growing teams.

Why password manager adoption fails

The 3 barriers to password manager adoption

How to choose a password manager your team will actually use

How Proton Pass for Business supports team adoption

Practical steps for rolling out a password manager

How to measure password manager adoption

Why password manager adoption fails

Employees don’t avoid password managers because they want to weaken your security. They avoid them because their current habits already help them get through the day.

Browser-saved passwords, reused credentials, notes, spreadsheets, and old message threads all feel faster and more convenient than learning a new process, even though they create risk. If a password vault is introduced only as a policy enforcement tool rather than as something that actually makes their daily work easier, employees may see it as one more task to manage.

Adoption becomes easier when the rollout connects security to convenience. Messaging really matters at this point: you need to impress upon your team members that this will help them log in faster, create stronger passwords without extra effort, and share securely without digging through chats or documents.

The three barriers to password manager adoption

Password manager adoption usually runs into some barriers: inertia, learning effort, and skepticism.

1. Inertia: people already have a system

Old habits cause inertia, which prevents picking up a new tool. Employees may already rely on browser-saved or reused passwords, personal password managers, spreadsheets, or informal team practices.

These systems are risky, but they feel familiar. Moving to a company-approved password manager asks people to change where they store credentials, how they share access, and how they log in. Even a solution that’s better than what they currently use can feel disruptive if the rollout doesn’t explain what changes and why.

This is why password manager onboarding for a team should begin with practical migration support. Show employees how to import passwords, clean up duplicates, save new logins, use autofill, and organize credentials in vaults. The faster people see their daily logins become easier, the faster the old system loses its appeal.

2. Learning effort: a new solution needs a clear first use

A password manager can be simple, but it is still a new workflow. Employees need to understand where passwords live, how autofill works, how to generate a password, how to share access safely, and what to do when something does not work.

Long training sessions are rarely the answer. Short, task-based onboarding works better. For example:

Save your first work password.
Generate a new password for one account.
Use autofill to log in.
Share one credential through a managed vault.
Turn on two-factor authentication for your password manager account.

This gives employees a first useful experience instead of a long explanation.

3. Skepticism: employees need to know what problem it solves

Some employees may wonder why they need a password manager at all. They may believe their passwords are already strong, that browser storage is enough, or that password security is mainly an IT issue.

The rollout should answer that skepticism without blaming people. Show them that business access has become too complex to manage safely by memory or informal habits alone.

If you need educational resources, this guide to why you need to use a business password manager is helpful for explaining that business password managers give administrators oversight and help employees access and share information more securely. That is the adoption message that gets through to people: this password manager means better security and easier daily access.

How to choose a password manager your team will actually use

Adoption starts before rollout. If the new password manager is difficult to understand, slow to set up, or disconnected from how employees work, usage will suffer. A good business password manager should reduce security risk, make everyday access easier, and stay simple enough for employees to use confidently.

Here are the criteria that matter most for password manager adoption.

Easy onboarding

Employees should be able to start using the password manager quickly. Look for simple account setup, clear migration from browsers or other solutions, straightforward vault organization, and training materials that don’t require deep security knowledge.

Autofill that works in daily tools

Autofill is one of the strongest adoption drivers because employees immediately feel the convenience. If the password manager helps them log in faster, they have a reason to keep using it.

A password manager for employees should work across browsers, devices, and the tools people use every day. If employees constantly need to copy and paste credentials manually, old habits may return.

Secure sharing that replaces chat-based sharing

Many businesses rely on shared accounts, especially for vendor tools that don’t support individual accounts or role-based access. Shared access is sometimes unavoidable, but passwords should not move through email, chat, tickets, screenshots, or documents.

A business password manager gives teams a safer way to handle that access. Credential access can be shared through vaults, limited to the right people, and revoked when someone changes roles or leaves.

Admin visibility without heavy overhead

IT teams need enough visibility to manage adoption and reduce risk. That includes usage reporting, logs, user management, vault access, and policy controls. With that visibility, password management becomes an active security tool that helps teams spot gaps, guide rollout, and reduce unmanaged access risk. This helps you understand whether the rollout is working, which teams need more support, and where credentials may still be unmanaged.

Strong security model

Usability shouldn’t come at the expense of trust. A password manager stores sensitive business access, so teams need to understand how credentials are protected, who can access them, and whether the vendor’s security claims can be verified. For a business, this means looking for encryption, transparent security practices, admin controls, and a clear model for shared access.

How Proton Pass for Business supports team adoption

When your business starts comparing password managers for adoption, all of the criteria we listed above have to be taken into consideration. The solution also needs to fit daily work, encourage real adoption, and give IT enough control without creating more manual work.

Proton Pass for Business is a business password manager that supports that transition by replacing scattered password habits with a system employees can use every day. Teams can generate strong, unique passwords, store them in encrypted vaults, use autofill, enable 2FA, store time-based one-time password (TOTP) codes where appropriate, and share access securely instead of sending credentials through chat, email, or documents.

A secure password manager for IT teams supports centralized user management, secure sharing, detailed activity logs, SCIM provisioning, SSO integrations, enterprise-wide security policy enforcement, 2FA enforcement, and password health monitoring. Together, these features help teams scale deployment, manage access changes, reduce password sprawl, and avoid tracking credentials manually.

For small and growing teams, adoption often fails when security features feel heavier than the problem they solve. Proton Pass gives employees a simpler way to handle passwords, while administrators gain clearer oversight of how work credentials are stored and shared.

A password manager is only valuable if people use it. Proton Pass for Business gives teams the security features they need for a secure foundation, but adoption still depends on rollout quality: clear policies, practical training, champion users, measurable usage, and a solution that makes secure behavior easier than the workaround it replaces.

How to frame the adoption process

The way you introduce a password manager shapes how people respond to it. If it sounds like another security requirement, employees may expect more work. If it sounds like one place for work passwords, faster logins, and safer sharing, the value is much easier to see.

Lead with the practical benefit: fewer passwords to remember, fewer password resets, faster access with autofill, strong passwords without manual effort, and no need to send credentials through chat or old message threads.

Data breach protection is essential, but it should not feel like a burden placed on employees. The password manager exists to remove an unrealistic expectation: asking employees to manage hundreds of unique work credentials through memory alone.

That message is especially important for smaller teams, where people often move quickly, share responsibilities, and adopt solutions before formal IT processes exist.

Practical steps for rolling out a password manager

Rolling out a password manager is part technical setup, part change management. The goal is to make the first few weeks clear, useful, and easy to follow.

Step 1: Start with a password and access audit

Before inviting the whole team, map the current password situation within your business. Identify where credentials live, which shared accounts exist, which teams rely on browser storage, and which tools create the highest risk.

Prioritize accounts tied to email, finance, customer data, cloud storage, admin tools, and shared operational systems. These should move into your new password manager first.

This audit doesn’t need to be perfect, it just needs to reveal the main risks and quick wins.

Step 2: Set a clear password policy

A password manager works best when it is supported by a clear password policy. Employees should know which credentials must be stored in the company password manager, when to generate new passwords, how sharing should work, and what is not allowed. A policy gives the rollout structure, but it should be realistic enough for employees to follow.

Step 3: Pilot with champion users

Start with a small group before rolling out to everyone. Choose people from IT, operations, finance, sales, or client-facing teams who use multiple tools and can give practical feedback.

These champion users can test onboarding, identify confusing steps, and show other team members how the password manager helps in real workflows. And the goal of a pilot is not only to find bugs, but also to create internal examples of successful adoption.

Step 4: Train in short, practical sessions

Keep training short and focused on real tasks. A 20-minute session that helps employees save, generate, autofill, and share credentials is more useful than a long security lecture.

Training should answer:

How do I save a work password?
How do I generate a strong password?
How do I use autofill?
How do I share access securely?
What should I do if I lose access?
Which passwords must be moved first?

Record the session or turn it into a short internal guide so new hires can follow the same process later.

Step 5: Create quick-win use cases

Adoption improves when employees feel the benefit immediately. Start with use cases that solve existing pain.

Examples include:

Move shared vendor logins into a team vault
Replace chat-based password sharing with secure sharing
Generate new passwords for the most reused accounts
Store backup TOTP codes in an approved secure location
Use autofill for the five most common business tools

Quick wins make the password manager part of everyday work instead of a security project people only think about once.

Step 6: Build it into onboarding and offboarding

Password manager adoption will stall if it is rolled out as a one-time deployment with no follow-up. Add it to employee onboarding so every new hire learns the approved process from day one.

Offboarding is just as important. When someone leaves, admins should revoke access, transfer ownership where needed, remove vault permissions, and rotate shared credentials if appropriate.

This is where a business password manager setup becomes an operational control, not just a convenience solution.

How to measure password manager adoption

You can’t improve adoption if you just announce the new solution and hope that people will use it. IT teams can use simple metrics that show whether the password manager is becoming part of daily work.

Useful adoption metrics should track not only whether employees are logging in, but whether they are using the password manager in safer ways over time, including stronger password practices, secure sharing, and 2FA enrollment:

Active users: How many invited employees are using the password manager regularly?
Vault usage: How many credentials are stored in approved work vaults?
Password health: Are employees using the password manager to generate and store unique, strong passwords instead of reusing weak or familiar ones?
Secure sharing: Are shared credentials moving out of chats and documents?
2FA enrollment: Have employees enabled two-factor authentication on their password manager accounts and other high-risk work accounts where required?
High-risk account coverage: Are admin, finance, email, and customer systems stored and managed properly?
Offboarding completion: Are vault permissions and shared credentials reviewed when someone leaves?

These metrics should be used to support adoption, not shame employees. Low usage may mean training was unclear, autofill is not working as expected, or employees do not know which credentials they need to move.

Outlook attachment size limit: How to send large files via email

Greg Govin — Thu, 18 Jun 2026 17:27:41 GMT

Nothing wrecks an organized day faster than a stuck email with an oversized attachment. When a deadline is approaching, the last thing you want is to be troubleshooting how to send an email with an attachment that exceeds the allowable size limit.

This guide covers what Outlook’s attachment limits actually are, what happens when you hit them, and how to send your large files without the headache.

What is the Outlook attachment size limit?

Outlook’s attachment size limit depends on which version of the service you’re using. Here’s a simple breakdown:

Outlook for Microsoft 365	35 MB per email
Outlook 2013-2024	20 MB per email
Personal Outlook accounts	25 MB per email
School or work Outlook accounts	25 MB per email
Exchange (on-premises)	10 MB per email

This limit covers your entire email, from your attachments to your message, and any embedded images. Even if your email looks like it’s under the limit, it may still get blocked as emails sometimes increase in size as they get delivered, or if your recipient’s email server has a lower cap.

What happens when you hit the size limit?

If you’ve attached a file that blows through the attachment size limit, Outlook will stop the message from sending and give you an error message like:

The attachment size exceeds the allowable limit.

Sometimes, Outlook doesn’t flag the problem up front. Microsoft servers sometimes reject your email and send you a bounce-back notification after you hit send. By the time the bounce-back lands in your inbox, it may already be too late.

For businesses, that could mean a contract never gets sent and falls through instead, and on a personal level, it could mean your job application never made it to the recruiter before the deadline.

Can you increase the Outlook attachment size limit?

Technically, yes, but you need to be comfortable with technical settings. On a Windows device, you can raise the limit of a personal Outlook account by editing the Windows Registry — but we’d recommend against this unless you really know what you’re doing, as changes can affect your computer.

If you’re using a Microsoft 365 or Exchange account, the limit is controlled at the server level, so your IT administrator is the only one who can change it.

That said, this isn’t a reliable fix. Your recipient may not be able to receive your file if their email service doesn’t support large attachments. For most people, finding a smarter way to send large files is the more practical route; let’s explore.

How to send large files via email

If Outlook’s file size limit is getting in the way, you still have a few good options.

Compress your files

Compressing files into a .zip folder reduces their overall size and keeps everything tidy in one place. You can compress files right from your Windows or Mac, so there’s nothing extra to install:

On Windows: Right-click → Send to → Compressed (zipped) folder
On Mac: Control-click → Compress

This method works well for documents and folders, but it has limits. Already-compressed formats like JPEGs and MP4s won’t shrink much, and much larger files won’t compress their way under Outlook’s limit.

For businesses, compression alone rarely cuts it, and for personal use, compressing photos and videos can lead to quality loss.

Pros:

Works offline and without third-party tools
Multiple files and folders can be packed into a single .zip file

Cons:

Makes little difference for large or already-compressed files
Compression can potentially degrade the quality of some files
The privacy of your .zip files is limited by the security model of your email provider

Use a file transfer service

File transfer services let you upload a file and share a download link instead of attaching anything directly. They’re quick to use, and most don’t require an account to get started.

But their tradeoffs are worth knowing upfront. On free tiers, you have no visibility into what happens after you hit send — you can’t see who downloaded your file or revoke access if it went to the wrong person. Some services also decrypt files on their servers before re-encrypting them, meaning your data briefly exists in an unprotected state, giving the service access to it.

For businesses in regulated sectors, this can create real compliance issues with regulations like GDPR or HIPAA. For personal use, it’s worth knowing your files may pass through servers where third parties have some level of access.

Pros:

Quick and simple, with no account required on most services
Generous size limits even on free tiers

Cons:

No way to track downloads or revoke access after sending
Encryption standards vary and may not meet compliance requirements
Password protection is typically reserved for paid plans

Use cloud storage

Using cloud storage to share files means simply uploading a file, generating a shareable link, and dropping it into your email; no attachment size limits to worry about.

For Outlook users already in the Microsoft ecosystem, OneDrive is the natural starting point. It integrates directly with Outlook and makes sharing straightforward, though its free storage is limited and shared across your Microsoft account, and you’re subjected to Microsoft’s data collection policies. This can give pause, especially when sharing personal and confidential files.

When looking for a OneDrive alternative, it’s worth thinking about how your data is handled. Some platforms, like OneDrive, can access the files you store with them, while others protect your files with end-to-end encryption so that only you and the people you share with can see them.

For businesses, working with a non-compliant provider can expose your organization to regulatory penalties and reputational damage. For personal users, the question is simpler but still worth asking: do you want your provider to use your files for their own purposes?

Pros:

Bypass attachment size limits with sharing links
Links stay current even if you update the original file
Some providers offer end-to-end encryption and advanced sharing controls

Cons:

Privacy and security vary significantly between providers
Free storage tiers tend to be limited and fill up quickly
Misconfigured sharing permissions can expose files to unintended recipients

Securely send large files via email with Proton Drive

When Outlook blocks your attachment, Proton Drive gets your file to your recipient without compromise — no size or format restrictions, and no quality compression.

For any business that cares about privacy and access control, most sharing options come with caveats. Proton Drive is different. We protect all your files with end-to-end encryption, so only you and the people you share with can access them, not even Proton can.

You can password-protect links, set expiry dates, track downloads, and revoke access at any time, giving you full control over who can access your files and for how long. And because Proton is based in Switzerland, your data is protected by some of the world’s strictest privacy laws.

For businesses, Proton Drive supports compliance with regulations like HIPAA and GDPR, making it a dependable choice for regulated industries. For everyone else, it’s simply a more private and secure way to share files online.

You can get started with 5 GB of storage for free

The Proton Blog

How to disable Microsoft Edge, step by step

Four simple ways to disable Microsoft Edge

Method 1: Stop Edge from running in the background

Method 2: Stop Microsoft Edge from opening on startup

Method 3: Change your default browser

Method 4: Uninstall Microsoft Edge (EEA users only)

How to get rid of Microsoft Edge: Steps for advanced users

Registry edit

PowerShell force uninstall

Why you should disable Microsoft Edge

Alternatives to Microsoft Edge

Don’t just stop at disabling Edge

FAQ: How to disable Microsoft Edge

Password fatigue: why too many passwords put your business at risk

What is password fatigue?

How password fatigue appears at work

Password reuse

Predictable passwords

Unmanaged storage and informal sharing

Why password fatigue creates business risk

Password reuse enables credential stuffing

Weak passwords reduce brute-force resistance

Informal sharing removes accountability

Scattered passwords slow incident response

Creating stronger passwords isn’t enough

The real solution to password fatigue

How Proton Pass for Business helps reduce password fatigue

Malicious apps on Google Play: how to prevent Android malware

How malicious apps get past Google

Legitimate apps can still put your data at risk

What to look out for: a five point checklist

How to protect your data

Encrypt your connection with Proton VPN

Protect your credentials with Proton Pass

Know how to remove malware

Can iPhones get viruses? What’s possible, what’s likely, and what to do about it

Do iPhones get viruses?

Viruses vs. malware on iPhone

How Apple protects against malware

Real-world attacks

AdThief (2014)

XcodeGhost (2015)

Pegasus (2016–present) and Graphite (2025-present)

LightSpy (2020–present)

Signs of viruses or malware on your iPhone

How to get rid of a virus on iPhone

Is it OK to jailbreak my iPhone?

Security tips: What to look out for

A strong data security plan could help you win new business, research finds

Clients are asking how you’ll protect their data

Your competition is already sharing their security practices

How to present a convincing data security plan

Get more findings and insights in the full report

Cloud storage email scams: How to spot them and what to do

How to spot a cloud storage scam

Examples of cloud storage scams vs. legitimate “storage full” emails

What to do if you receive a cloud storage scam email

Do not click anything in the email

Check your real cloud storage account directly

Mark the email as spam or phishing

Do not reply to the sender

Delete the scam email after reporting it

Change your password and turn on 2FA if you clicked a link

Check your account activity and payment details

Report the scam

Why you keep receiving cloud storage scam emails, and how to stop them

Your email address is on spam lists

You opened, clicked, or replied to a scam email before

Scammers rotate senders and domains

​​Your spam filter is still learning

Stay ahead of scammers with Proton

What we learned at Europe’s largest cybersecurity conference

What everyone is talking about

Businesses want tech sovereignty

Leaders are worried about business continuity

Businesses aren’t fully aware of US tech risks

AI oversaturation and confusion

Bottom line: digital sovereignty is on the way

Credential stuffing: what it is and how to protect your business accounts

Your spam filter is still learning