The reason why they combined the passwords, or more like derive the decryption password from the login password, is so that they can provide account recovery. I think it is misleading not to be more upfront about that. People rightly assumed they were getting ee2e
Discussion
As I understood it, it's up to the user to set various recovery methods. Proton can't help you with recovery.
https://proton.me/support/set-account-recovery-methods
Unfortunately nostr:nprofile1qqsdu74x8vw8aqylv6n8hhxjh4xf22sfe4fwuq0d0ke435ym4ktlssqpz4mhxue69uhhyetvv9ujumt0wd68ytnsw43qzxthwden5te0wfjkccte9eeks6t5vehhycm99ehkuegprpmhxue69uhkummnw3ezucm0d9hxvatwvshxzursdn707c posts from Mastodon so they can't clear this up here.
Yes I think what I said made it sound like you don't get ee2e by default, but that is not what I meant. It is that if they can provide recovery with just an alternate email address, then they can also decrypt your stuff if they wanted to. Going back to a separate decryption password that only you have prevents that. Would be nice for nostr:nprofile1qqsdu74x8vw8aqylv6n8hhxjh4xf22sfe4fwuq0d0ke435ym4ktlssqpz4mhxue69uhhyetvv9ujumt0wd68ytnsw43qzxthwden5te0wfjkccte9eeks6t5vehhycm99ehkuegprpmhxue69uhkummnw3ezucm0d9hxvatwvshxzursdn707c to chime in though