In a way, yes. The more things that have your credentials the greater the attack surface. However the code is open source, you could inspect it and build it from source if you’d like to. Additionally if you use a mailbox password then the app won’t be able to read email content as the mailbox password is used to decrypt the actual content while the main password is for accessing the account. The app doesn’t need your mailbox password for its functionality so it can’t decrypt email content (except the header which is not encrypted by PGP).
Signing in to Proton Mail with my username and password on this app made me a little nervous, are there any privacy concerns about doing this?
In a way, yes. The more things that have your credentials the greater the attack surface. However the code is open source, you could inspect it and build it from source if you’d like to. Additionally if you use a mailbox password then the app won’t be able to read email content as the mailbox password is used to decrypt the actual content while the main password is for accessing the account. The app doesn’t need your mailbox password for its functionality so it can’t decrypt email content (except the header which is not encrypted by PGP).
Thanks! 🙂👍