Disclosure: Privacy Australia is community-supported. We may earn a commission when you buy a VPN through one of our links. Learn more.

Tutanota Review

Will Ellis
Will Ellis —

Last Updated on

Share this Post

Tutanota is a secure and encrypted email service. It helps you protect yourself from prying eyes on the internet that may be malicious by encrypting your inbox and sent emails.

Do you ever get the feeling that you’re being watched?

If you do get the feeling that someone is watching you or if you’re concerned for your internet security in general, as most people should be, regular old email platforms may not do the trick for you.

The sad truth is that most email providers don’t deliver in terms of security as hacking techniques have long surpassed regular email security protocol. They may offer useful features and fun customization but your security is at risk.

Services like Tutanota make your daily emails much safer and more secure for individuals and small businesses. There are other secure email services on the market but let’s find out how Tutanota does when deeply looked into.

TL;DR

In this day and age, you should be using an email provider that encrypts your messages. There are a handful of good options on the market but Tutanota is a great choice in our book.

Tutanota comes complete with a simple interface and everything you could want out of an email provider in terms of simple functionality. The service does lack a few features most people take for granted but the project is always adding more features and functionality.

The free version is completely free of charge so there is no harm in testing out the service for yourself and making an educated decision against the other top secure email providers.

Overview of Tutanota


Tutanota as a secure email provider is one of our favorites. It features fantastic security (as it should) and an easy to use interface. As far as we’re concerned, anything above that is an added bonus for an email encryption service. It’s clear that Tutanota is striving to be the best email service it can be, beyond encryption.Seven Seals

The name of the company comes from two Latin words. The word “tuta” means secure and “nota” means message. Just having “secure message” as the company name shows that they take encrypted emails seriously.

The service doesn’t use advertisements and gives you the ability to white label their service. They even offer a free version and paid versions if you want to upgrade.

Tutanota’s mission is to make Tutanota the only email provider you need. This is ambitious as providers like Gmail offer so many features.

Our favorite thing about Tutanota besides their simple to use and secure email service is that they seem pretty altruistic. They believe that privacy is a fundamental human right, which Privacy Australia can really identify with. They want to help stop mass surveillance, which is one of our goals as well.

  • Pros

    • Free version
    • Paid version is cheap
    • Secure
    • Altruistic
    • Open-source
    • Easy to use
    • Kill-switch included with all plans
    • Adding more features
    • Accepts crypto-currencies
    • Anonymous sign up
  • Cons

    • Storage can get expensive
    • Low storage capabilities to start
    • No IMAP or POP3

Security


When it comes to secure email providers, they all do pretty much the same thing. They encrypt your emails so people can’t read them.

Encrypted Email

In the case of Tutanota, the company uses end-to-end encryption and two-factor authentication (2FA) to ensure your email is safe. Nobody will be able to access your inbox or read the data you are storing and sending. 

Tutanota always has your data encrypted whether you’re using the mobile apps or the desktop clients. They encrypt every aspect of an email, including attachments and contacts

For the encryption nerds out there, Tutanota uses a hybrid method of encryption. They deploy an algorithm that is symmetrical and asymmetrical. The service uses 128-bit AES with 2048-bit RSA encryption. Specifically, emails sent to recipients not using Tutanota are encrypting using 128-bit AES.

GDPR

Since the project is open source, anyone can verify the code at any time. If there is a security flaw in the software, you will probably hear about it

You don’t only have to take our word and Tutanota’s word for their security. In 2013, SySS GmbH performed a penetration test and were unable to retrieve any data.

If you have any GDPR fears, the service is GDPR compliant and offers a data processing agreement.

Use


Sometimes you need to read an email or even send one. That’s the nitty gritty of how Tutanota works. Not only does it offer an email client, but the company also offers address book functionality and are currently working on a calendar and cloud storage.

You can use Tutanota as a web-based service or you can download a client for Windows, Mac, or Linux. If you’re on the go, apps are available on iOS and Android, offering the same security functions as the computer version of the software.

Actually using Tutanota is extremely easy and the interface is one of our favorites when it comes to email. The interface is extremely simple with advanced options off to the side beneath menus so you don’t become overwhelmed.

We prefer the simple approach that Tutanota provides.

Features


Tutanota is an open-source project that will keep adding features as long as they get donations or enough paying customers. As this was written, the funding to add a calendar feature and cloud storage feature was almost complete.

For an email provider that has a main selling point of security, Tutanota is surprisingly feature-rich. It still is missing some standard features that a service like Gmail might offer but for the most part has everything you need. Features can be requested and most standard features are on their development timeline.

Let’s dive into what the service actually provides.

The Most Important Features

First off, it sends and receives encrypted and secure emails. It better, since that’s the whole point of it. Along these lines, the service encrypts the subject, body, and attachments.

If for some reason you don’t want to send an encrypted email, you can send one that isn’t encrypted. You can also receive unencrypted messages as well. You have the power when it comes to encryption but the cool thing is that the messages will also be encrypted when stored.

All of your contacts will be encrypted as well.

Those are the basics but what else can you do with the email provider?

Other Features

As mentioned above, you can use Tutanota on all of the basic devices. You can do this in 31 languages so far while creating as many folders as you want.

Basic email features that are included are spam protection, spam filters, signatures, drafts, inbox rules, multiple email selection, search, email exporting and the newly-released encrypted calendar.

Other security features included are SSL configuration, support of PFS and DANE, 2FA authentication with U2F and TOTP, and disabling automatic image loading. The Tutanota client code is also open source which means it is verified by anyone who wants to verify it.

Premium features are available such as custom domains, business use, aliases, and combining accounts.

Jurisdiction


Tutanota resides in Germany, specifically in Hanover. The company’s entire team is located there and all encrypted messages are stored in data centers in Germany as well.Germany

There are two sides to the coin when it comes to having a data-sensitive company located in Germany.

Being part of the EU means that Germany has one of the strictest data protection regulations in GDPR. Along with that, Germany has other data protection laws that top the list in the world as far as protecting a citizen’s right to privacy. The German constitution itself also goes over the human right to privacy.

That sounds pretty great when it comes to security. Germany sounds perfect. Remember, there is another side of the coin.  

It is worth noting that Germany is part of the Fourteen Eyes group of countries. This may concern some people as the government does have the ability to meddle in the affairs of companies but Tutanota is clear about what the government can and can’t do with their service.

All in all, we don’t recommend letting the jurisdiction get yourself in a tizzy. Germany has pretty clear laws and they don’t look like they will change soon. If you’re not a criminal, there is no reason the German government will ever try to access your information.

Pricing


Using Tutanota is free of charge forever if you want to use the most basic version of the service. If you want to upgrade, the price is extremely low and just comes out to a few dollars per month at the most.

Tutanota also offers a few add-on packages that make more economic sense which is outlined below.

One other thing to keep in mind is if you represent a non-profit, Tutanota provides deals to worthy causes. All you have to do is contact the company directly.

The plans Tutanota offers are as follows:

Besides regular pricing for yearly plans, Tutanota also includes options for adding storage as well as aliases.

Alias pricing:

Storage pricing:

Customer Support


A lot of open-source projects don’t really offer customer support. The way Tutanota has its service set up makes a lot of sense in terms of customer support. If you have the free version of the software, you can access their blog and knowledge base.

The middle tier of the service or premium version offers email support. We experienced response times below 24 hours which is kind of what we’d expect from a service like this. The customer support agent we communicated with was knowledgeable and spoke English well.

The pro version of the service includes priority support which means that the response times on support requests are quicker than the regular email support.

Why do you Need a Secure Email Provider?


Email has been around for a while now, since 1972 to be exact. It didn’t become a widespread communication tool until the 1990s, we all remember “You’ve got mail!” being yelled at us when our speakers were turned up too loud, but since then a surprisingly little has changed. We have text messages for personal communication and software like Slack for internal company communication but somehow email is still trudging along as an integral part of our lives.

Email Security

Even if on the surface not a lot has changed about email, the number of people using it has exploded with 38 trillion emails being sent each year. Google says that 40 to 50 percent of emails aren’t encrypted.

Those emails aren’t just cat videos and weird gifs you and your friends can laugh at. Online banking grows every year and sensitive information like social security numbers and passwords are sent over email every day.

With the way hackers and malicious organizations have improved their abilities, not having an encrypted email is almost like telling those dangerous parties that you want them to steal your information and sell it online. They will gladly oblige. 

When you send an email there are many points where someone could access the contents of the message.

  1. When an email is sent from your inbox
  2. When an email is received by the email provider’s server
  3. When an email is sent to the recipient from the email provider’s server
  4. When an email is received by the recipient in their inbox

Realistically, there isn’t a great way to stop someone from trying to access an email. The reality is that the Simple Mail Transfer Protocol (SMTP) isn’t secure. That’s why something needs to be done to the actual message to ensure that anyone trying to read a message won’t be able to.

That’s where encryption comes into play.

SMTP not being secure really isn’t a big deal as encryption can cover your tracks. You don’t have a say over what your recipient does with an email you send. If they don’t encrypt the messages in their inbox, step 4 above is out of your hands.

That does leave you with steps 1 through 3. You can use an email service that encrypts those messages at all three stages. This makes it nearly impossible for a hacker to check out your emails.

Final Thoughts


In general, we highly suggest using a secure email providers such as Tutanota. There are others out there but Tutanota is 100% worth a try and there is no reason not to try as you can use the service completely free. We promise it won’t be a waste of your time.

If you’re questioning whether it is really worth it to use an encrypted email provider, just go through your inbox and see what you have sent out and received in the last few years. I guarantee there are at least a handful of emails with sensitive information you wouldn’t want a malicious party to get a hold of.

FAQs


Q: What is the most secure email account?

There are many secure email accounts on the market that will get the job done with similar levels of security. We haven’t found one to be more secure than the other so we make our decision based on the other factors an email provider brings to the table. Tutanota is currently our favorite one.

Q: Is Tutanota free?

Tutanota has a free version. If you would like to upgrade, there are premium options as well.

Q: How safe is Tutanota?

Tutanota is a very safe and secure email provider. Emails sent out are encrypted using AES-128 which is a very safe encryption protocol. Incoming messages from non-Tutanota users can’t be encrypted as they’re being sent but once it is received the message will be encrypted as it is being stored.

Add your own review:

We do our best to independently research products to better help our readers make decisions. That being said, we also want to hear your opinions. We accept individual reviews that are informative and non promotional. Please fill the form below and we’ll publish your review. Promotional reviews by companies themselves will not be published. Thanks!

By clicking the button below, I acknowledge that I have read and accept the Terms of Use.