Tutanota Review

ProPrivacy.com Score 8 out of 10

Following Edward Snowden’s revelations that everything we do online is spied on all the time by secretive and vastly powerful government organizations, there is a growing demand for more private internet services. This is never more true than with the outdated and highly insecure, yet still essential for most our day-to-day lives, communication system that is email.

VPN Stats

Even more than the likes of the NSA, the advent of web based email that is easy to use, can be readily accessed from any internet enabled device, and which is ‘free’ (but which we pay for by allowing the likes of Google to scan every email and use the information it gleans from this to deliver ever more targeted advertising) presents the single greatest threat to our privacy yet seen.

Although by far the most secure and private way to access email is using a stand-alone email client with PGP encryption (see our tutorial on using Gpg4win as an example of this), preferably using a self-hosted email server, this is a fiddly, inelegant solution that involves a sophisticated understanding of using asymmetric key pairs, something which the vast majority of internet users’ have no ability or desire to master. OpenPGP browser plugins such as Mailvelope are easier (if less secure) to use, but are still too complex for most users.

There is therefore an urgent need for a Gmail-like webmail service that provides all the functionality of something like Gmail, but is both more secure, and which will not spy on its users and then monetize that very personal data (it should be understood, however, that no webmail service can protect against targeted NSA-style surveillance, and that simply by virtue of being a privacy-based encrypted service, users will automatically be of interest to government spying organizations.)

In our article on Free privacy conscious webmail options we examine some good privacy oriented alternatives to Gmail (etc.), but the two new services that are getting the most attention from the security community are ProtonMail and Tutanota, both of which have gone to great efforts to make their services attractive to casual users looking for a more secure email solution but without losing all the aesthetics and functionality offered by their current provider.

We reviewed ProtonMail (which is still in beta) earlier this year, and were broadly impressed with. It is a long way from perfect, but ‘is a very easy to use webmail service (on par with Gmail and suchlike) that is much more secure than most such webmail services, and which will not (cannot) spy on all your correspondence in order to deliver targeted advertising.’

As the two services are in fairly direct competition, we think it will be useful in this review of Tutanova (the ‘name derived from Latin and contains the words "tuta" and "nota" which mean "secure message"’) to compare and contrast them, which will hopefully help to highlight the pros and cons of each.


As with ProtonMail, all Tutanota accounts are currently free, but a premium service will be offered soon (Tutanova also accepts donations). It currently offers the following features:

  • 1GB storage (forever free)
  • Attachments limited to 25MB (for now)
  • 1 free alias is permitted (i.e. 2 email addresses). More will be available to premium users
  • Everything is encrypted - subject, body, and attachment (ProtonMail currently only encrypts the body)
  • Completely open source (code available here)
  • Android and iOS apps
  • Can not only send encrypted emails to users of regular email (as ProtonMail can), but can receive an encrypted reply from them
  • Outlook addon (for premium business users - we did not test this)
  • (Upcoming - use webmail services with own domain name)

The killer feature here is clearly the ability for non-Tutanota users to securely respond to encrypted emails (please see update at end of this article). The fact that Tutanota is open source while ProtonMail is not should in theory give it an edge, but Tutanota’s source code has not been independently audited by reputable researchers, while ProtonMail’s, although closed source, has…


Much is made of the fact that ProtonMail is based in Switzerland (or at least its servers are, the team hails from Harvard University in the US), which because of its strict privacy laws is widely regarded as privacy-friendly. This is, however, to a large extent an illusion (Google Translate), as data retention laws and NSA-style surveillance are alive and well there.

Tutanota is based in Germany, which also has strict privacy laws, but which also practices widespread surveillance of its own, and is provides the base for the NSA’s extensive European operations. You pays your money and takes your chances…

Tutanota does not use two-factor authentication (although his feature is planned at some stage), but then neither does ProtonMail (which does require two passwords, but as these are each ‘something you know’ rather than ‘something you know and something you have’, does not count as 2FA).

Tutanota provides end-to-end encryption, so email stored on Tutanota’s servers is encrypted an cannot be accessed or decrypted by staff members. When asked how Tutanota would respond if asked ask by the police to identify a user, a Tutanota staff member said,

We would refuse requests. Only if a German court issues a warrant, we can be forced to hand over data. However all data on our servers is encrypted and we do not have access to the encryption keys. So the only thing we could hand out is the metadata (from, to, when), we are working on how to conceal these. We do not log IP addresses and anonymous sign up it possible. We strip IP addresses from mails sent and received to guarantee your anonymity.

This sounds all very reassuring, although the website FAQ does note that IP addresses will be logged if ‘we find out that an account is misusing the system.’ As alluded to in the above statement, Tutanova permits users to sign-up anonymously over Tor, which is good news.


As noted above, Tutanota uses end-to-end encryption, and does not know users’ passwords, which are ‘salted and hashed with Bcrypt on your device before being transmitted’ for login. You should beware that because Tutanota does not store any passwords, if you lose yours then it will not be recoverable!

Emails between Tutanota users are encrypted using ‘a standardized, hybrid method consisting of a symmetrical and an asymmetrical algorithm’, using 128-bit AES with 2048-bit RSA handshake encryption. Emails to non-Tutanota users are encrypted using AES-128. This sounds pretty secure to us, although we do wonder why the industry-standard 256-bit AES encryption was not chosen.

Although ProtonMail’s use of PGP encryption is arguably stronger than that used by Tutanota, Tutanota’s method allows it to encrypt not just the body of the message, but the subject line and attachments as well, which is a definite feather in its cap. Regular messages sent to non-Tutanota recipients are not encrypted in transit, but are stored encrypted on Tutanota’s servers, as are messages and attachments received that arrive in plaintext.

Unfortunately, all encryption is performed in JavaScript by your browser, so as with ProtonMail, this cannot be considered completely secure against a determined attacker.

Tutanota in use

Unlike ProtonMail, signing-in to Tutanota requires entering a single password, which takes you to the main interface.

The basic interface is cleanly laid out and easy to use, but lacks many of the bells and whistles we have come to expect from a webmail service (the most notable of which is the ability to save drafts).

By default, all emails are sent confidentially i.e. encrypted (this can be changed in the settings), which requires entering an agreed upon shared passphrase that the recipient will know (if this is too short then you will receive an alert, but you can choose to override this). Unlike ProtonMail, there is no hint option, so you will have to agree on a password in advance (preferably in person or using secure IM chat).

If a recipient uses regular email, they will receive an invitation to view your message securely. Note that while the senders name is shown, the subject, body, and attachments are not.

To view your message the recipient follows the supplied link, and enters the agreed upon password.

This where Tutanota really shines, because non-Tutanota using recipients of secure email are assigned a special ‘personal’ account that allows them to respond to the message securely. All messages sent from a specific Tutanota account are also available through this special account.

Early users complained about the basic Contacts manager, but this has now been fixed and seems to be fully featured. Hopefully the ability to save draft messages will also come soon!

The mobile app

A Tutanota app is available for iOS and Android. We tested the Android version.The app is simple, but is well laid out and works well. As with the web client, emails are encrypted by default


We really like Tutanota. As with ProtonMail, it is certainly not perfect, and should not be considered secure against the NSA - encryption using JavaScript within the browser is not very secure, and Germany is not the ideal location for a privacy service (but then where is?). It is, however, vastly more secure and private than most webmail services, and it has a nice mobile app.

Whether you prefer ProtonMail or Tutanota really depends on what features are important to you - ProtonMail has a much more fully featured interface (Tutanota’s complete lack of a draft function is a total bummer), but Tutanota allows even non-user recipients to reply securely to encrypted emails*, and encrypts the subject line and attachments, in addition to an email’s body.

Both services are currently free (and will continue to offer basic functionality for free), so there is no reason not to try both and see which you prefer (although the waiting list for ProtonMail accounts is quite long). Both services are still under heavy development, so we look forward to seeing how they progress.

*Update 10 March 2015: The ProtonMail team has contacted ProPrivacy.com to let us know that its latest update (ProtonMail BETA v1.15 ) allows outside users to reply to encrypted messages securely. Please see here for more details. This is great news, and makes choosing between two services even more than ever a matter of personal choice, with ProtonMail having a much more advanced interface, while Tutanota encrypts headers and attachments. As already noted, both services are under heavy development and are adding new features all the time, which can only be a good thing for users of either one.

Update: As of 13 August 2015 ProtonMail is fully open source.

Written by: Douglas Crawford

Has worked for almost six years as senior staff writer and resident tech and VPN industry expert at ProPrivacy.com. Widely quoted on issues relating cybersecurity and digital privacy in the UK national press (The Independent & Daily Mail Online) and international technology publications such as Ars Technica.


  1. Alex Song

    on June 13, 2018

    Based on my recent experience as a casual user, Tutanota's support team has been both unprofessional and uncommitted. Other users have reported to me the same kind of careless "follow up". Story short: they abruptly suspended my account. I contacted them since my password wouldn't allow for me to log in anymore and their answer was "Hi there, that account was used to send spam, so it was suspended. Cheers, Arne" As I said to them, I have never spammed anyone. My connections were also entirely secured, so no one else has logged in on the account besides me. I cannot log in or do anything with the email anymore. If it's happening to me, it has happened to others and will happen again. No detailed information. No resolution. "Account suspended. Cheers." I'm making sure people know how Tutanota handles extremely basic situations such as this one.

    1. HS replied to Alex Song

      on September 13, 2018

      Thanks Alex, your comment helps.

  2. knightdragon

    on June 16, 2017

    I have created two email accounts, both times even if I punch in the correct password I am told that it is invalid. what is up?

    1. Douglas Crawford replied to knightdragon

      on June 19, 2017

      Hi knightdragon, I'm afraid that you need to ask Tutanota's support about this.

  3. tutavsprot

    on May 11, 2017

    ProtonMail Allegedly Proxied by Israeli Firm with IDF Links https://cryptome.org/2015/11/protonmail-ddos.htm Protonmail has routed all their server to Israeli Radware for scanning for DDos attacks BUT Israeli IDF spy network now has total a grip of protonmail privacy. Is this really an issue? Just because a company has done business with the Israeli military, does that make it a tool of and spy for that industry? ProtonMail is/was under large scale DDoS attack, with bold and resourced attackers unafraid to cause collateral damage to provider infrastructure. ProtonMail said likely attacker is/was nation-state. ProtonMail subsequently announced they received support to filter the attack, rescuing the service. Let us examine final 5 traceroute hops to ProtonMail: 6. be2115.agr21.fra03.atlas.cogentco.com 7. 8. 9. ??? 10. Hop 7 is "Internet Binat" based in Israel. %rwhois V-1.5:0010b0:00 rwhois.cogentco.com (CGNT rwhoisd 0.0.0) network:ID:NET4-95068D941E network:Network-Name:NET4-95068D941E network:IP-Network: network:Org-Name:Internet Binat network:Street-Address:Habarzel 27 Tel Aviv Or Building A 69710 Israel network:City:tel aviv network:Country:IL network:Tech-Contact:ZC108-ARIN network:Updated:2015-07-08 17:07:25 Internet Binat is synonymous with "Bynet Data Communications" which built the Israeli Defense Forces "cloud" server farm, and the IDF Intelligence Corps "technology campus" in the Negev, in deals brokered by Lockheed Martin. http://www.israeldefense.co.il/en/content/defense-sector-will-switch-cloud-computing-nevertheless http://www.globes.co.il/en/article-1000849860 Binat and Bynet spell their names identically (vet-yud-nun-tuff) in Hebrew, share the same Habarzel 27 address, and are linked by Binat CEO Shmulik Haber. https://il.linkedin.com/in/shmulik-haber-9871a94 Likely the DDoS attack on ProtonMail was orchestrated to follow with an offer of generous "help" it could not refuse, necessarily a re-route of all traffic through third-party "anti-DDoS" systems. Now the "Switzerland" based privacy firm is proxied by an Israeli firm for traffic analysis, network exploitation of users, cryptographic monkeying. Israeli expertise in the latter is unmatched. Classic gov-mil cyber op with great PR happy ending for exploited asset. Users of ProtonMail must not fret; they got lucky with this fumble. Don't trust this security faker; don't trust the next one. https://protonmail.com/support/knowledge-base/protonmail-israel-radware/ They explain first that they work with Radware, which has offices all over the world. I think they work with the German office. But the headquarters is in Israel. Further, all the traffic for DDoS filtering goes through encrypted tunnels. The traffic, when DDoS filtering is active, goes through servers in Germany, not Israel. So it's is false that they are proxied in Israel--both because that's not where the servers are and because they are not being "proxied," which is a misunderstanding of the technology being used. And lastly when they setup the DDoS filtering they went out of their way to find a solution that did not affect the privacy of Protonmail, which required a more expensive complex solution than basic DNS protection. Do you know where in germany ? At frankfurt !!! Frankfurt where was located the nsa team ... proton mail is compromised , works with the nsa by a contract with an israely firm. Protonmail runs a smart challenge for an ideal (free software on the front-end - unknown back-end) & for their private ambition (education & origin & competence - not mature : borderline -) applying a trick & tip plan, repeats that they learnt blindly : make money without conscience, morality, involvement. That is their signature where the frontier between scam & corruption brings trouble & confusion. More importantly, the article focuses on one of the hops when you connect to Protonmail's servers. But you also hop through a whole slew of other servers that could also do traffic analysis. We already know that NSA can and does set up servers on the internet backbone to watch traffic. I feel that protonmail attacks has came from the same people who offered Protonmail an offer that they could not refuse. ProtonMail seems to be just a good business oriented email provider with bunch of folks coming from elite universities claiming that switzerland is the safest country for encrypted email provider. I don’t see a reason why it has to be in Switzerland, since it should be encrypted in a way that there is no possibility for decryption. Tutanota does it that way and then it doesnt matter anymore where the servers are, except of the USA where such email provider company cannot even start to operate. So any user of an encrypted email service like Protonmail should probably assume that using such a service means they're email traffic is being watched. If Protonmail's encryption can't handle that, then it's a useless service anyway. And indeed, the whole reason there are encrypted email services to begin with is because email traffic is being watched. Users should already assume their traffic is being analyzed and intercepted. That's why they use encryption. Much is made of the fact that ProtonMail is based in Switzerland (or at least its servers are, the team hails from Harvard University in the US), which because of its strict privacy laws is widely regarded as privacy-friendly. This is, however, to a large extent an illusion, as data retention laws and NSA-style surveillance are alive and well there. Protonmail was developed at CERN, the same people who play god with particle accelerators and manufacture black holes. They also started the WWW, which is the very source of most privacy concerns. Trusting them with anything is like trusting drunks with explosives. Oh wait, that's how we celebrate America's birthday in this age of terror fears; Protonmail was designed by AMERICANS at CERN. Anyone from Europe and Asia can tell you just how amazingly intelligent Americans are. I'd go with Tutanota, as Germany knows from personal experience just where American "freedom" is heading. Americans don't even know what privacy or security truly mean. Maps on Wikipedia and probably elsewhere show the location of the Protonmail servers, information you shouldn't blather about the web if you truly understand those concepts. Tutanota is based in Germany, which also has strict privacy laws, but which also practices widespread surveillance of its own, and is provides the base for the NSA’s extensive European operations. There is nothing stopping Tutanota (or ProtonMail ect.) from updating the JavaScript sent to your browser with bad code. This one of the main reasons that browser-based JavaScript cryptography is considered very insecure. Basically, services such as Tutanota, ProtonMail are much more private than regular webmail services, but are no protection against a targeted attack by the likes of the NSA. * The .com top level domain (TLD) is under the control of the US government (more specifically, the .com TLD is managed by VeriSign which is a US company under US jurisdiction). However, for users who wish to always avoid .com domains, an alternative webmail access is provided.

  4. Dave None Or Your Business

    on May 4, 2017

    Tutanota out right lies to it's users. They say that they do not track you IP addresses. However make two accounts on the same day from the same pc. And the 2nd account can not send email until they review your account. There for they know your IP addresses. Also it's kind of a dumb move on there part. Because they only know my user name and IP address, what are they reviewing. So no I do not like Tutanota.

    1. Douglas Crawford replied to Dave None Or Your Business

      on May 4, 2017

      Hi Dave, Hmm. This is something you will need to ask Tutanota about. I know that Tutanota has had issues with abuse of its system before (fake accounts setup for use by spambots). It might be possible to detect that two account are being used at the same time in realtime, withot the need to log IPs as such. But as I say, you will need to ask Tutanota about this.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.