ProtonMail has finally introduced two-factor authentication (2FA) to its encrypted email service, meaning you can now make it harder for third-parties to access your account should they gain access to your password.

The core raison d’être of ProtonMail is to provide a secure email service that uses client-side encryption — all data is encrypted before it arrives on the company’s servers. Given ProtonMail’s security-focused foundations — the company has previously touted itself as “NSA-proof” — it may surprise many to learn that 2FA wasn’t already a feature of the app. But, alas, it wasn’t — it was the most requested feature from the company’s community of users, however, which is why it is now being rolled out on Android and iOS.

For the uninitiated, 2FA adds an extra layer of security to online accounts, and many technology companies use it, such as Google and Dropbox. When you activate 2FA, anyone trying to access your account from a new device will be asked to enter a unique code, even if they have the correct password. Some companies ask for your mobile phone number to send you this code, but ProtonMail is instead leaning on third-party authenticator applications, which generate the required code each time you need to log in from a new device. An example of such apps include Google Authenticator and Authy, which are available on both Android and iOS.

ProtonMail: 2FA setup

Above: ProtonMail: 2FA setup

You can only activate 2FA through the web-based version of ProtonMail, within which you hit “Enable Two Factor Authentication” from the “Security” tab in your settings. Then, open the authenticator app and choose to scan a QR code on your screen, though you can also manually enter the key.

One password

Anyone who has used ProtonMail before will know that you are required to have two passwords to access the service — one to log in to the app, and one to access your mailbox. Now, however, the company is rolling out One Password Mode: “After extensive and careful study, our research team developed a way to allow provide the same level of privacy and security with just a single password,” the company says.

One Password Mode will be the default for all new accounts, but those with existing accounts can remain on the two-password setup if they wish.

Swiss startup ProtonMail was founded out of CERN in 2013, launched in beta in 2014, and went on to raise more than $2.5 million in funding before its proper launch earlier this year.

Curiously, ProtonMail said that new signups doubled after Donald Trump’s election victory last month, and last week it announced a limited number of “Lifetime accounts,” costing an eye-popping $1,400 each.