Although journalists and whistleblowers have used secure email services for several years, now regular individuals recognize the benefits of email encryption with services like Tutanota and ProtonMail leading the way; it is the only way to send and receive secure emails. Along with antivirus, password managers, and a VPN, a secure email service is another necessary weapon in your digital armor.
As mentioned, two of the most popular encrypted email providers are Tutanota and ProtonMail. While both offer end-to-end encrypted email services, some differences in the services’ features and technology may make one service better for you than the other.
Read on for our comparison of Tutanota and ProtonMail and to find out which encrypted email service we recommend out of the two.
An essential aspect of any secure email service is the security features to keep your sensitive information, personal data, and confidential emails private. Here’s how both services fare when it comes to several security features.
This popular email provider uses end-to-end encryption, employing AES-128 and RSA 2048 encryption to encrypt and decrypt emails. All elements of the email client are encrypted, including the email message body and subject lines as well as events in the calendar and data in the address book. Tutanota encrypts calendar appointment reminders as well; simply put, everything in Tutanota receives first-rate encryption.
Tutanota also uses TLS and Perfect Forward Secrecy as well as HTML sanitizer, which prevents XSS attacks and doesn’t load anything from external servers for your safety.
If you’re sending an email to other users with a Tutanota account, then your emails will automatically be fully encrypted. However, the first time you send an email to a user who isn’t using the service, they’ll need to use a password once to encrypt and decrypt the email.
To protect your password from hackers, Tutanota hashes and salts users’ passwords. Passwords are not stored on Tutanota’s servers, so no one except you knows your password. There is also two-factor authentication to secure your accounts and ensure no one can access your encrypted emails.
One of the best things about Tutanota is that it doesn’t track users’ IP addresses and send targeted advertisements in the form of emails to users’ inboxes.
Finally, Tutanota’s desktop clients and mobile apps operate on open-source software, meaning users can check the code for any security issues and alert the developers. We’re pleased to see this since it ensures any problems can be swiftly resolved.
ProtonMail uses PGP for end-to-end encryption, which Tutanota does not. Since ProtonMail uses PGP, this means that only the email body is encrypted, and Proton does not encrypt subject lines or email addresses of senders and recipients. This is a slight disadvantage that ProtonMail has compared to Tutanota.
To enjoy PGP encryption, ProtonMail users will need to download public and private keys. A private key will be used by users to decrypt emails, and a recipient’s public key is for contacts using third-party clients to decrypt messages from a ProtonMail user.
ProtonMail employs a zero access service which, basically speaking, means that Proton will never be able to access your account. Unfortunately, there is a downside to this: if you forget your password, Proton won’t be able to help recover your data for you.
For an extra layer of security, Proton employs SSL for a secure connection between your device and its servers to prevent third parties from intercepting your emails. Like Tutanota, Proton doesn’t store IP addresses or track users’ activity to send targeted ads to your inbox. You also don’t need to provide any identifiable data to Proton upon signing up, meaning its mail service is completely anonymous.
Finally, ProtonMail’s servers are encrypted and use the most advanced technology to ensure encrypted emails can’t be accessed by any third parties. This is reassuring, guaranteeing that even if there is a breach or the servers are seized, third parties won’t be able to access any data on the servers.
The winner: Both email providers perform well regarding security, but we feel that Tutanota slightly edges out ProtonMail. This is because Tutanota encrypts all parts of the email inbox and messages, including the subject line.
The location of a company’s headquarters is crucial when it comes to privacy and security, but fortunately, both ProtonMail and Tutanota are based in privacy-friendly countries.
Tutanota operates all its server data centers in Germany which are monitored 24/7 by Tutanota’s administrators. Thanks to general EU GDPR law and the Federal Data Protection Act in Germany, Tutanota can’t share any data from its servers without explicit consent from users. Moreover, the company can’t be forced to implement a backdoor to its servers so that the German government can gain access to user data, which could put user privacy at risk.
ProtonMail’s servers are all based in Switzerland, and therefore user data stored on these servers enjoy the protection of the Swiss Federal Data Protection Act. Proton states that it would be forced to hand over data to the Swiss government if handed a court order. However, the fact that it does not store encrypted data on its servers and operates a zero-knowledge infrastructure means there would not be a lot of personal information that the company could provide authorities with.
The winner: Both services are based in privacy-friendly countries, which is good news for users.
When choosing between encrypted email providers, it is important to look at what the services offer on top of an encrypted message system.
As mentioned in an earlier section, with Tutanota, it isn’t just your Tutanota messages that are end to end encrypted; your calendar and address book are also encrypted.
As well as the above, Tutanota offers a feature called Secure Connect, which lets you embed an encrypted contact form into your website. This is great for businesses since files, and confidential information can be securely sent to your inbox from customers or website visitors.
Another impressive feature of Tutanota is the cloud storage it offers across all of its plans, even on free accounts. Since Tutanota aims to rival email services like Gmail, it offers file storage from 1GB to 10GB, depending on the plan you choose.
Thanks to spam filtering, Tutanota can ensure that users’ inboxes are not filled with unwanted messages. This feature is consistently being updated to prevent spam from getting into your mailbox.
All Premium accounts come with custom domains with Tutanota, while free users can use Tutanota domains only. With a business plan, users can add as many custom domains as they wish, which is great.
Finally, Tutanota is a green email service. This means that the mail system relies solely on renewable, green energy, making it an environmentally friendly choice for eco-conscious users.
The features on offer with ProtonMail vary depending on the plan you choose to use. On the paid plans, you can use custom domains and add additional addresses to your account, with the number increasing based on the subscription you purchase.
ProtonMail offers storage limits starting from 500Mb on the free plan and increasing to 20Gb on the Visionary plan. The sending limit also increases with each plan, affecting the number of encrypted messages you can send per hour and per day.
With ProtonMail, you can also create custom filters to help better organize your mailbox, for example, sending messages to folders based on topic. An intelligent spam filter enables emails sent from blocked websites to go directly to your spam folder.
One area in which ProtonMail outperforms Tutanota is its inclusion of ProtonVPN for users who sign up for its Visionary plan. The VPN service offers users access to over 1,200 VPN servers and 10 simultaneous connections. It’s the perfect accompaniment to end-to-end encryption.
The winner: Each secure email provider offers great features. Tutanota provides encrypted cloud storage and customizable inbox rules while you can enjoy Proton’s VPN service along with its mail service. However, we think that Tutanota’s features may be more useful overall.
Both ProtonMail and Tutanota offer various subscription plans, with the service on offer varying slightly depending on which plan you choose.
Tutanota offers users the option of a free account. The free plan comes with support for a single user, 1GB of data storage, one calendar, and the use of Tutanota domains only.
ProtonVPN also provides a free tier, with a lower data storage limit, only up to 500MB. There is also a limit on sending only 150 messages a day, and like Tutanota, the free account doesn’t support custom domains.
Tutanota’s paid plans are split into private and business plans, depending on what you want to use the service for. With regards to the private paid plans, there are two options:
ProtonMail offers two paid plans. Like Tutanota, it offers more features based on the account you choose and how much you pay.
Both Tutanota and ProtonMail offer business accounts. Tutanota has three tiers of its business plans:
ProtonMail offers users a professional account:
The winner: Tutanota is the winner since its private premium plans are cheaper than ProtonMail’s, which we ultimately feel will be more appealing to internet users.
Email providers don’t just need to provide great features but ensure that their secure email services are easy to navigate.
In terms of desktop clients, Tutanota users can enjoy dedicated desktop clients for Windows, Mac OS, and Linux. It is easy to use and set up. Unfortunately, Tutanota does not support third-party integrations, meaning you cannot use the encrypted email service with another email provider client such as Apple Mail.
ProtonMail does not offer dedicated clients for desktop systems. However, you can integrate the open-source software with a third-party email client, which is good news for most users. For example, you’ll be able to access ProtonMail via Microsoft Outlook.
Tutanota offers an iOS and Android app so that paid user devices can have the service installed. You can manually install the app on Android using the APK for Android.
ProtonMail also allows subscribers to an Android or iOS app (or both), and you can download the application from the Apple Store or Google Play Store.
Tutanota supports various browsers, including Firefox, Opera, Chrome, Safari, and Microsoft Edge. ProtonMail also supports these browsers and other more obscure browsers, including Pale Moon, IceCat, and SeaMonkey.
The winner: Tutanota is the winner in terms of device support since it offers native apps for desktop clients, which may be easier for subscribers who don’t want to use a third-party client.
If something goes wrong with your email service or you forget your password, you need to get in touch with customer service. Fortunately, there is direct support for customers with both Tutanota and ProtonMail.
Tutanota offers every user support regardless of whether you have a free account or a paid subscription plan. You can contact the customer support team via email or even contact them via telephone. However, the level of support changes based on your Tutanota mail plan; for example, free users get less dedicated support than paying customers.
ProtonMail also offers support to all of its users. Customers and free users can contact the email provider by email and expect a relatively fast response. Of course, like with most services, customers on the professional plan get a lot more support in comparison to the basic support on offer to free subscribers.
The winner: It’s a draw between the two services in terms of customer support since both cater to their users’ needs.