hydroxide: [9001] Login temporarily not permitted from your connection for security reasons

2021/05/31 11:13:28 request failed: POST https://mail.protonmail.com/api/auth/refresh: [10013] Invalid refresh token
2021/05/31 11:13:30 request failed: POST https://mail.protonmail.com/api/auth: [9001] Login temporarily not permitted from your connection for security reasons, please try again later. Using a VPN may cause this error

This makes no sense to me since 1: I’m not using a VPN and 2: I’m logged into the ProtonMail web interface from another host on this same LAN.

Possibly related: SMTPlib error 454 is thrown.

About this issue

Original URL
State: open
Created 3 years ago
Comments: 40 (10 by maintainers)

Links to this issue

[PATCH 0/7] gnu: Add hydroxide.

Commits related to this issue

Update API endpoint and version, set User-Agent Helps with: https://github.com/emersion/hydroxide/issues/179 — committed to emersion/hydroxide by shrimpyuk 2 years ago
Update API endpoint and version, set User-Agent Helps with: https://github.com/emersion/hydroxide/issues/179 — committed to NeoHBz/protonmail_hydroxide by shrimpyuk 2 years ago

Most upvoted comments

Apparently the user-agent must match your browser’s which you used to fetch the session id. It works for me now, thanks!

This method doesn’t work anymore. I have modified protonmail.go and added

       req.Header.Set("User-Agent", "Ubuntu_20.04")
       req.Header.Set("x-pm-appversion", "Other")

This modification seems to fix the login issue. No session id trick is required.

+11

pufferffish on Sep 3, 2022

This method doesn’t work anymore. I have modified protonmail.go and added
       req.Header.Set("User-Agent", "Ubuntu_20.04")
       req.Header.Set("x-pm-appversion", "Other")
This modification seems to fix the login issue. No session id trick is required.

I have just built from the master branch and was not able to login as well. Editing protonmail.go, commenting out the User-Agent line and adding both lines above did the trick, even if I am not running Ubuntu. Thanks!

lfom on Oct 17, 2022

For a (maybe temporary) workaround, I used my own chrome user agent (like from here and replaced the one in protonmail/protonmail.go line:122. I aswell passed in my current session-id like mentioned above . I haven’t setup anything yet, but it gave me the bridge password, so I think it’ll work.

getraid on Aug 7, 2022

Using sesson-id doesn’t seem to work anymore.

TinyBabyOwl on Oct 9, 2021

I confirm - it worked for me as well, here is a git diff:

diff --git a/protonmail/protonmail.go b/protonmail/protonmail.go
index 8093fb3..76bc437 100644
--- a/protonmail/protonmail.go
+++ b/protonmail/protonmail.go
@@ -7,13 +7,12 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
+	"log"
 	"net/http"
 	"strconv"
 	"time"
 
 	"github.com/ProtonMail/go-crypto/openpgp"
-
-	"log"
 )
 
 const Version = 3
@@ -119,7 +118,9 @@ func (c *Client) newJSONRequest(method, path string, body interface{}) (*http.Re
 }
 
 func (c *Client) do(req *http.Request) (*http.Response, error) {
-	req.Header.Set("User-Agent", "Mozilla/5.0 (X11; Linux x86_64; rv:101.0) Gecko/20100101 Firefox/101.0")
+	// req.Header.Set("User-Agent", "Mozilla/5.0 (X11; Linux x86_64; rv:101.0) Gecko/20100101 Firefox/101.0")
+	req.Header.Set("User-Agent", "Ubuntu_20.04")
+	req.Header.Set("x-pm-appversion", "Other")
 
 	httpClient := c.HTTPClient
 	if httpClient == nil {

gucio321 on Sep 26, 2022

@gucio321

Maybe you need to complete captcha for your ip by logging in normally out something (this human verification screen doors not always appear)?

I never got a captcha while login at the official protonmail website.

Staubgeborener on Dec 25, 2022

I have recompiled a number of times and tried both with and without session-id, but to no avail. I keep getting the 9001 error.

tomoqv on Jul 26, 2022

Just had this problem, tried using SessionID cookies and running the program on vscode with debug as well as command line but still no fix, hopefully this is dealt with soon.

greatlybabled on Jul 25, 2022