Is there any way to recover a ProtonMail password from settings.bin?

[jameswagar]

I setup a new ProtonMail account and cannot find its password in my password manager.

Is there a way to recover that password from settings.bin?

I am still logged into the account in ElectronMail.

Many thanks!

[vladimiry]

Yes if you have saved the account password in the app and you remember the master password to unlock the ElectronMail app (to decrypt the settings.bin file). I can put instructions here if needed but not today.

[jameswagar]

Perfect. Thank you @vladimiry. I have saved the account password and know my master password for ElectronMail.

I'll look forward to your instructions.

[vladimiry]

• Make sure you have Node.js installed (I'd recommend LTS/v18.x version). Ideally, use the same node version that is used by the app (see it in the "about" window).
• Open console in the folder you like.
• Create in that folder two files:
  • package.json:

  {
    "name": "settings-decryption",
    "dependencies": {
      "fs-json-store": "*",
      "fs-json-store-encryption-adapter": "*"
    }
  }

  • index.js:

  const {Store} = require("fs-json-store");
  const {EncryptionAdapter} = require("fs-json-store-encryption-adapter");
  
  const [/* node binary */,  /* script file */, settingsFile, masterPassword] = process.argv;
  
  (async () => {
    const {accounts} = await new Store({
      file: settingsFile,
      adapter: new EncryptionAdapter({password: masterPassword, preset: {}}),
    }).readExisting();
  
    for (const account of accounts) {
      console.log(`${account.login}: ${JSON.stringify(account.credentials)}`);
    }
  })();

• Execute the console command: npm install
• execute the console command: node index.js app-settings-folder-path/settings.bin 'your-master-password'

You will have the credentials printed to the console. See example:

$ node index.js ~/.config/electron-mail/settings.bin 123
login-123: {"password":"pass-123","twoFactorCode":null,"mailPassword":null}

PS You might need to wrap the password in a singe quotes if you use special characters, like $ (thanks @sometimes-retro).

[jameswagar]

Thank you, @vladimiry. This worked perfectly. I have recovered my password.

[toolonely]

@vladimiry I have just successfully used the instructions above to recover the passwords for the accounts I have added in the app, while knowing only the master password. Thank you.

However, I imagine that for the average end user the recovery process is a bit "techy". As a technically clueless end user I would prefer to:

1. Open the app
2. Click on settings
3. Click on Accounts button
4. Click Edit button on an account
5. Have a Show Password button (or a checkbox) next to the Password field, which, when clicked, would show the account password in plain text

I did not go as far as submitting this as a feature request in a new issue, because I'd like to know your opinion on this. But if you are positive, such an improvement would be very, very welcome.

[vladimiry]

Have a Show Password button (or a checkbox) next to the Password field, which, when clicked, would show the account password in plain text

Noted, agree in general.

[RojjaCebolla]

i followed the instructions and recovered an important password; thank you!

[vladimiry]

Just keep in mind that EM is not a password manager software, there are better tools for this purpose.

[vladimiry]

Have a Show Password button (or a checkbox) next to the Password field, which, when clicked, would show the account password in plain text

Won't be implementing the quoted feature request as passwords saving in the app and then consequent @ProtonMail credentials forms filling & submitting becomes the obsolete thing since https://github.com/vladimiry/ElectronMail/releases/tag/v4.10.2 release.

[sometimes-retro]

@vladimiry Do the directions above still work for newer releases of the app, for password recovery? (I'd be using the MacOS version, if that makes any difference.)

[vladimiry]

@sometimes-retro yes it should work (I just updated the packages versions in the original message, minor stuff).

[sometimes-retro]

@vladimiry I tried the directions listed above on a Linux machine, node version 10.24.0, npm version 5.8.0, and ElectronMail v4.12.9, and I got a bunch of errors and no passwords were printed out. I'm using the latest versions of node and npm available for my machine. Do the .js and .json files need to be tweaked to make them compatible? (Let me know if I should open a new issue on this, or if this is a small issue that can be solved here.) Thank you!

[vladimiry]

node version 10.24.0

I didn't try to re-run the code, but nodejs must be v12+ (better v16, same version that the app goes with, see "about" window). Next time print errors here or send privately to email (locate in https://github.com/vladimiry/ElectronMail/blob/master/package.json#L5).

[sometimes-retro]

I downloaded v16.5.0, which is the same as listed in the About box of ElectronMail. I extracted it, put the files above in the bin directory of the extracted archive, and ran them from there. It gave these errors:

/home/user/Downloads/node-v16.5.0-linux-x64/bin/node_modules/fs-json-store-encryption-adapter/lib/encryption/index.js:56
                            throw new errors_1.DecryptionError("Decryption failed (" + JSON.stringify(rule) + ")", error_2);
                                  ^
DecryptionError: Decryption failed ({"type":"sodium.crypto_secretbox_easy","options":{"nonceBytes":24},"data":{"nonceBase64":"rGUNFZtb6RwcDbT4VdeDPiAnYg897SLp"}}) "sodium.crypto_secretbox_open_easy" decryption has failed(print "cause" prop of error to see its origin) (print "cause" prop of error to see its origin)
    at Object.<anonymous> (/home/user/Downloads/node-v16.5.0-linux-x64/bin/node_modules/fs-json-store-encryption-adapter/lib/encryption/index.js:56:35)
    at step (/home/user/Downloads/node-v16.5.0-linux-x64/bin/node_modules/tslib/tslib.js:143:27)
    at Object.throw (/home/user/Downloads/node-v16.5.0-linux-x64/bin/node_modules/tslib/tslib.js:124:57)
    at rejected (/home/user/Downloads/node-v16.5.0-linux-x64/bin/node_modules/tslib/tslib.js:115:69)

[vladimiry]

@sometimes-retro the shared code snipped is ok, just tested it. So you likely put a wrong password there (last command line argument).

[sometimes-retro]

I tried the command several times. I included the password in double quotes and without double quotes. It gave me the same errors. The password contains special characters. Could that be causing problems? (e.g. a "$" character)

[vladimiry]

@sometimes-retro I just tested with $ character and it works if you wrap the password in a single quotes, not double.

[vladimiry]

By the way consider trying the persistent session feature instead of keeping the credentials in the app. It's enabled by default since https://github.com/vladimiry/ElectronMail/releases/tag/v4.10.2 (originally enabled in https://github.com/vladimiry/ElectronMail/releases/tag/v4.2.0).

[sometimes-retro]

I did get a readout this time, but everything was listed as "null" -- the password field, the twoFactorCode field, and the mailPassword field. Is there some reason that would happen? I can still log into ElectronMail using my password with no problem.

Thank you for the persistent session recommendation. I'll definitely check that out. I'd just like to try to recover these passwords first, if possible. ProtonMail will allow me to reset my passwords, but then I lose access to everything in my account due to the way they encrypt things.

[vladimiry]

I did get a readout this time, but everything was listed as "null" -- the password field, the twoFactorCode field, and the mailPassword field. Is there some reason that would happen?

The only reason for that is that you don't have those credentials saved in the app. So there is no values to list.

ProtonMail will allow me to reset my passwords, but then I lose access to everything in my account due to the way they encrypt things.

You could save the credentials using the special things built for this purpose, like Bitwarden or KeePassXC. The app is not designed for storing passwords, it's not its primary purpose.

[sometimes-retro]

That's really strange. I did enter all the credentials into the app and it automatically logs me in. I never have to enter my passwords for the individual accounts.

[vladimiry]

Maybe you have enabled the persistent session? If not, and the app actually fills the login forms for you, then yes it looks strange.

[sometimes-retro]

It looks like persistent session got enabled somehow. I don't recall enabling it. I did update to a much newer version recently. Maybe something strange happened during that update process? I was actually just trying to recover the passwords to put into a password storage app, as you had suggested. I may have to reset things now, though. Since, it seems that there is likely no way to recover them. Thank you very much for your help!

Edit: I did have another OS partition with ElectronMail installed and accessed that settings.bin file and it was an older version, without persistent session, so I managed to get the passwords out of it. :)

[vladimiry]

It looks like persistent session got enabled somehow. I don't recall enabling it. I did update to a much newer version recently.

It's enabled by default since https://github.com/vladimiry/ElectronMail/releases/tag/v4.10.2 but only for newly added accounts. So the accounts added to the app before v4.10.2 didn't get the persistent session enabled (it's up to a user to enable it manually if needed). So you likely added your mail account to the app after v4.10.2 release and didn't pay attention to the enabled by default "persistent session" toggle.

it was an older version, without persistent session

Enabling the persistent session thing doesn't mean that the saved credentials will be removed. Those things can work together (if saved session gets expired or explicitly dropped then auto forms filling gets into the game). But I don't recommend storing the credentials in the app (that was a way to enable auto-login when the persistent session feature didn't exist here yet).

[Beck343]

Yes if you have saved the account password in the app and you remember the master password to unlock the ElectronMail app (to decrypt the settings.bin file). I can put instructions here if needed but not today.

Hi, could you please help me to recover settings.bin file from my phone, bootloader is looked and it's seems impossible to unlock(Oneplus 8 TMO 5G) is it any other way? Because of my recovery mail is closed for inactivity and proton support don't helping me. If I'll lose access to my phone I'll lose access to my mail what i'm using more then a 10 years from now.

[vladimiry]

Hi, could you please help me to recover settings.bin file from my phone, bootloader is looked and it's seems impossible to unlock(Oneplus 8 TMO 5G) is it any other way?

I'm not sophisticated in extracting a file from the locked phones, so this is something you will have to explore on your own. Having the file (and master password), you got the instructions how to extract the credentials from it.

Besides, it's unclear what settings.bin file was doing on the phone in the first place, as ElectronMail is a desktop app. Technically, one could compile the "arm" app version and run it on any arm-based devices, but I didn't hear so far that someone was actually running the app on the phone.

[Beck343]

Hi, could you please help me to recover settings.bin file from my phone, bootloader is looked and it's seems impossible to unlock(Oneplus 8 TMO 5G) is it any other way?

I'm not sophisticated in extracting a file from the locked phones, so this is something you will have to explore on your own. Having the file (and master password), you got the instructions how to extract the credentials from it.

Besides, it's unclear what settings.bin file was doing on the phone in the first place, as ElectronMail is a desktop app. Technically, one could compile the "arm" app version and run it on any arm-based devices, but I didn't hear so far that someone was actually running the app on the phone.

Normally there is android data with application setting inside what can be accessible easier from unlocked phones but in my case it seems impossible. Okay i thought it was an android application. Anyway thanks for an attention.