ProtonMail review: have we found the most secure email provider in 2020?

ProtonMail review

One way to keep your emails secure is to use an encrypted email account. And it’s actually easier and cheaper to set one up than you might think.

Table of Contents

ProtonMail is the world’s largest secure email service. It offers end-to-end encryption and lots of other great security features to keep your communications private. Even the company hosting your emails has no way of reading them, so you can rest assured that they can’t be read by third parties either. 

But for all this talk, how secure is ProtonMail? Are there any loopholes? And how much does it cost to sign up? Luckily we’ve tested it out for you and can tell you everything you need to know about ProtonMail.

PROS

  • End-to-end encrypted email.
  • All data stored on secure servers in Switzerland
  • Excellent app for Android and Apple
  • Generous free version available
  • Upgrading to the paid service is still pretty cheap

CONS

  • Even premium version has limits on daily messages
  • Customer service isn’t fantastic
  • Email search function could do with improving

ProtonMail security and privacy

If you’re looking into getting a secure email account, chances are your main priority is security and privacy. So let’s start there.

ProtonMail offers end-to-end encryption to keep your emails completely secure. This means that the contents of your emails are disguised to prevent anyone other than the sender and the intended recipient being able to read it.

And because of the way ProtonMail encrypts your data, it means that not even the people who work for ProtonMail can view your emails. So you can rest assured that no one will be snooping through your inbox or successfully intercepting your correspondence.

Should I be concerned about email security?

You may be reading this and wondering if you really need to worry about moving your email to a more secure server. And the answer is, it’s definitely worth thinking about, particularly if you send, receive or store a lot of sensitive data.

If you’ve got an email account with a mainstream provider, chances are it doesn’t use end-to-end encryption. The big difference between a secure email service like ProtonMail and a standard email service such as Gmail or Outlook is that it provides a lot more security and privacy for its users.

We’ll break down all of ProtonMail’s security measures in much more detail throughout this review. But the most important feature ProtonMail offers is end-to-end email encryption, which means even the company won’t be able to read your communications.

Other more mainstream email services, such as Gmail, Outlook and Yahoo, use Transport Layer Security (TLS) instead. This encrypts emails while they’re in transit so that, if they’re intercepted on their way to the inbox of the intended recipient, the hacker won’t be able to read the contents.

However, while your individual emails might be reasonably safe from hackers when travelling to and from your inbox, the overall protection of a standard email account may not be quite as strong as you’d like. After all, while ProtonMail’s encryption prevents even its own staff from being able to read your emails, most mainstream email services can access emails sent to its customers.

And as if this wasn’t enough to make you think about switching email accounts, your email provider might not be the only company looking at the contents of your inbox. Third parties might be given permission to access your emails. And while this is usually for advertising purposes, you still don’t know for sure who, if anyone, is reading through your emails.

Rather than humans accessing your inbox, it’s far more likely to be bots that extract keywords from your conversations and use them to target ads for you to see. And even though this may seem annoying rather than dangerous, it’s still an invasion of your privacy. And of course there’s still a risk that your email could be hacked. The way most standard email accounts are set up means that there are vulnerabilities that could be exploited by hackers.

It’s not just the contents of your inbox that you need to worry about. If third parties can see your emails, it’s likely they’ll also be able to find out personal information about you that’s tied to your account, such as your name, phone number and IP address. They may also be able to access your calendar if you have one synced up with your emails.

But the way ProtonMail’s accounts are set up leaves very little risk of anyone being able to access your account or any of the information tied to it.

Is ProtonMail safe?

ProtonMail is one of the safest email providers we’ve tested. It offers end-to-end encryption to ensure that your correspondence is completely secure.

It’s based in Switzerland, which has some of the strictest data privacy laws in the world. So, even if you live outside Switzerland, so long as you have a ProtonMail account, it’ll be protected by Swiss privacy laws and will therefore be outside of US, EU and UK jurisdiction.

And ProtonMail stores your data in an incredibly secure location, rather than uploading anything onto the cloud, where it might be at risk of being hacked.

ProtonMail encryption

As we mentioned above, ProtonMail offers end-to-end encryption for a much more secure service. But how does ProtonMail work? Let’s break it down.

End-to-end encryption (using OpenPGP) is a really secure way of preventing third parties from being able to access data while it’s being transferred between systems or devices. If your email service uses end-to-end encryption, it means that your data is encrypted throughout the entire communication process. So, only you and the person you’re sending the email to will be able to access the information.

ProtonMail also stores all your emails in an encrypted format, which means that even the developers in charge of the email service won’t be able to read the messages in your inbox or outbox.

You can also send end-to-end encrypted emails to non-ProtonMail users. This works by sending a link to your intended recipient which loads an encrypted message onto their browser. They’ll then be able to decrypt your email using a passphrase you can share with them.

To do this, you will have to enable the Encrypt for Outside option. When you compose an email, click the lock icon on the bottom left of the screen and set a password (and password hint, if necessary).

If you didn’t set a password for you email, it will be encrypted using regular TLS, assuming the receiver’s server allows it. The same goes for emails sent to you by non-ProtonMail users.

Two-factor authentication

ProtonMail also adds an additional layer of protection in the form of two-factor authentication. This means that, if someone manages to steal your password, they won’t be able to get into your account unless they also have access to your mobile phone.

For this reason, you’ll need to make sure you’ll always have access to your mobile phone whenever you want to login to your email account before opting to add this in.

In order to enable two-factor authentication, you’ll have to install an authenticator app on your mobile phone. We’d recommend one of the following:

Once you’ve got two-factor authentication set up, you’ll use the unique six-digit code from your authenticator app to login to your mailbox. And you won’t be able to access your account until you’ve entered that code.

ProtonMail anonymity

Another great thing about ProtonMail is the fact that it allows you complete anonymity if you want it. You don’t even need to input any personal data when you create your account, so your privacy will be completely protected.

And by default, ProtonMail doesn’t track IP addresses, so there’s no information that an outsider could use to tie you to that account. That way, you know your emails are completely private.

ProtonMail’s self-destructing messages

You can even set an optional expiration time on any emails sent from your ProtonMail account. This means that your email will be automatically deleted from the recipient’s inbox once it has expired.

This not only works for emails sent to other ProtonMail users, but also for ones sent to recipients using other email providers. It works in a similar way to SnapChat by removing messages once the allotted time has passed.

Is Switzerland the safest place for your emails?

If you know anything about cyber security, you’ll likely have heard that Switzerland is one of the safest places for data to be hosted.

This is because the Swiss Federal Data Protection Act (DPA) and the Swiss Federal Data Protection Ordinance (DPO) offers some of the strongest privacy protection in the world for both companies and individuals.

And because ProtonMail is based in Switzerland, this places it outside of US and UK jurisdiction. This means that nothing short of a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme Court would lead to ProtonMail releasing the very limited information it will have stored. So it’s very unlikely anyone will ever be able to read through your emails.

ProtonMail data centres

When it comes to storing your data, ProtonMail’s security sounds rather like something out of a James Bond film. Instead of storing data in the cloud, as a lot of email service providers do, ProtonMail controls its server hardware at several secure locations in Switzerland.

Its main data center is under 1,000 meters of granite rock in a heavily guarded bunker built to survive a nuclear attack. So, even if there’s an apocalypse, a nuclear attack or a natural disaster, your emails will still be safe.

And if, by some miracle, someone manages to break in and steal the hardware, everything is protected by so many layers that it’d be impossible for anyone to be able to decrypt the data they’d managed to steal.

ProtonMail plans and pricing

You might well imagine that storing your emails in a heavily guarded bunker under 1,000 meters of granite rock would cost you quite a bit of money. But ProtonMail actually offers a free plan that gives you all these security benefits.

The free plan does limit the number of emails you can receive per day. But the limit is fairly generous and if it’s not enough for you, there are other very reasonably priced plans that increase your daily allowance.

So which plan is right for you and how much do they cost? Let’s have a closer look:

ProtonMail Free

ProtonMail’s free account comes with 500MB of storage. Which isn’t loads, but it’s probably enough if you delete your emails regularly and you don’t receive a lot of large files like hi-res images and videos. And it shows you how much of your memory you’re using up so you’ll always know when you need to start deleting things to free up space.

It caps your limit at 150 emails a day, which is a large enough allowance to suit most people. But if you find this isn’t quite enough for you, you can upgrade to one of the paid plans anytime you like. More on those a little further down.

The only other drawback you may find with the free version of ProtonMail is the limited customer support. There are, as you might expect, lots of FAQs on the website to help you resolve basic issues and there’s an online form and a customer support email address if you need more help. But the paid plans come with more dedicated support, which is much more useful if you have issues with ProtonMail’s service.

But aside from that, ProtonMail’s free service offers a really secure email service with only a few slight drawbacks. And because you can upgrade at any time, if you’re not sure what limit you need, it might be worth starting off with the free version and upgrading to a paid plan if it doesn’t suit your needs.

So, to reiterate, ProtonMail’s free account comes with:

  • 500MB storage
  • 150 messages a day
  • Limited customer support

ProtonMail Plus: €4.00 a month

Rather than calling it a subscription fee, ProtonMail likes to refer to the monthly cost of its paid plans as a “donation” to help the company continue to provide a secure email service to its customers. But however ProtonMail wants to dress it up, you pay an annual or monthly cost to use its premium services.

Having said that, its prices are pretty reasonable. ProtonMail Plus works out at just €4 a month. And for that, you get a lot more features than the free version offers.

The biggest difference is the limits on storage and number of emails allowed goes up considerably once you upgrade to ProtonMail Plus. You’ll now have a much more generous 5GB of storage and you can send up to 1,000 emails every day, rather than the daily limit of 150 offered in the free version.

You can also have up to five email aliases and you can create your own domain name. So rather than having to stick with @protonmail.com, you can truly personalise your email address.

And the Plus account also gives you priority access to ProtonMail’s customer support.

So, to sum up, the ProtonMail Plus account offers:

  • 5GB storage
  • 1,000 messages a day
  • Labels, custom filters and folders
  • The option to send encrypted messages to external recipients
  • The ability to create your own domain (for example: [email protected])
  • Up to 5 email aliases
  • Priority customer support

ProtonMail Visionary: €24.00 a month

As the name and price would suggest, ProtonMail Visionary comes with a lot of storage and some helpful extra features that’ll no doubt come in handy for anyone who needs to send a lot of secure emails.

ProtonMail Visionary offers a whopping 20GB of storage and lets you set up as many as 50 email aliases with as many as 10 domain names.

It also has no limits on the number of emails you can send per day. However, ProtonMail doesn’t let you send bulk emails. This is to prevent you from sending spam or unsolicited emails. Which, to be honest, seems fair enough.

The full list of ProtonMail Visionary features are as follows:

  • 20GB storage
  • Up to 50 email aliases
  • Support for up to 10 domains
  • Multi-user support (6 total)
  • No sending limits, except bulk, spam or unsolicited emails
  • Labels, custom filters, and folders
  • The ability to send encrypted messages to external recipients
  • Early access to new features
  • Access to ProtonVPN

ProtonMail Professional: €6.25 a month per user

If you’re looking into improving email security on behalf of a business, the ProtonMail Professional account could be the perfect solution.

You can create a domain name for your company and add accounts for each of your employees. It’s all fairly easy and straightforward to set up, and ProtonMail can help you migrate your current email system over to ProtonMail. Simply contact [email protected] for more information and assistance.

Is ProtonMail easy to use?

ProtonMail is really easy to set up and very straightforward to use. We’ll walk you through the features, layout and mobile app to help you decide if it’s the right service for you.

How to set up a ProtonMail account

It’s really easy to set up a ProtonMail account. All you need to do is visit the ProtonMail sign up page, select the plan you want and follow the instructions.

One of the best things about it is you don’t have to put in any personal information so you can retain your anonymity. The site does suggest that you add a recovery email in case you forget your password, but you don’t have to.

ProtonMail design and layout

Unless this is your first ever email account, you’ll find ProtonMail’s layout very familiar and easy to navigate. The inbox looks very similar to anything you might be used to with Gmail, Outlook or Yahoo, and it’s really easy to find all the basic functions like creating new messages, adding contacts and accessing your draft emails.

New emails are shown in bold and you can choose to allow notifications on your desktop or mobile phone app so you’ll be alerted as soon as you get a new message.

The paid versions also let you create custom folders, filters and labels to help you organize your emails. Meanwhile, the free version still lets you create basic folders and labels that you can color-code to help you find things easily.

ProtonMail app

As well as a really user-friendly desktop version, ProtonMail also has a really useful app that’s available on Apple and Android devices.

We tested out the Android version and found it fast, smooth and easy to use. At the time of writing, the ProtonMail app has been downloaded over 1 million times on the Google Play Store and has received more than 28,000 reviews with an average rating of 4.5 stars. Meanwhile, the ProtonMail app for Apple users has 4.2 stars and has roughly 1,500 reviews. So it’s safe to say the app is pretty popular with its users.

ProtonCalendar

Like most mainstream email services, ProtonMail also offers a fully integrated calendar app. But unlike other calendar apps, ProtonCalendar has end-to-end encryption to keep your schedule completely secure.

Everything from the event title, description and location to the people you’ve invited are encrypted on your device. That means that no third party (not even ProtonMail) can see the details of your events. Only you will know your plans.

The ProtonCalendar app itself is really easy to use on both mobile and desktop. And, like with the email service, you can allow notifications so you won’t miss any of your meetings or events.

ProtonMail performance

Despite all the layers of strict security, we actually found ProtonMail pretty speedy. It sends and receives emails with hardly any lag. And uploading and downloading documents doesn’t seem to take any longer than it does on mainstream email services, like Gmail.

While we can’t know for sure whether it starts to lag once you’ve got thousands of emails in your inbox, early signs are that the extra security doesn’t noticeably slow things down.

Problems with ProtonMail  

Of course no email service is perfect and ProtonMail is certainly not without its faults. So here’s what we didn’t love about ProtonMail.

ProtonMail customer support

ProtonMail doesn’t offer much in the way of customer support. If you opt for the free version, all you really have access to is the online FAQs. Or you can email [email protected] if you need help with a specific problem.

There’s also an online form you can fill in. Apparently the only way you can actually speak to someone is by filling this in and requesting a call-back. Which isn’t ideal if you just want to speak to someone about an urgent issue.

ProtonMail subject lines

The search function isn’t brilliant on ProtonMail. While it does have a useful search box that allows you to input the sender, the time period it was sent and some keywords from the email, it doesn’t always surface what you’re looking for.

But then again, email search engines are usually pretty poor. And if you’re used to fruitlessly searching for specific emails on Gmail or Outlook, you probably won’t find ProtonMail’s search noticeably worse.

protonmail advanced search menu

ProtonMail alternatives

While ProtonMail might be the most well-known secure email service, it’s certainly not the only one. In fact, there are quite a few alternatives that are worth considering.

ProtonMail vs Tutanota

Tutanota is arguably even more secure than ProtonMail as it offers complete end-to-end encryption on emails, including subject lines. It also offers a more generous free version with up to 1GB of storage instead of ProtonMail’s 500MB.

However, ProtonMail offers more customisation, from setting auto-responses to importing themes to make your inbox look exactly the way you want it.

Overall, the two are fairly evenly matched, although if we had to choose, we’d probably opt for ProtonMail for the added customisation. It also has better customer support, which is really useful if you ever have an issue.

Winner: ProtonMail (just)

ProtonMail vs Fastmail

Fastmail promises to keep your data safe from third parties and boasts full transparency with its data practices. However, unlike ProtonMail, it doesn’t deliver end-to-end encryption, so it’s not as secure.

Also, there’s no free version and the price of a Fastmail account starts at $3 a month. For those reasons alone, ProtonMail is definitely the better choice.

Winner: ProtonMail

ProtonMail vs Gmail

Gmail is incredibly popular and offers a reasonable amount of security. But ProtonMail offers a lot more. With its end-to-end encryption, no one can access your messages except you and your intended recipient, not even the people who work at ProtonMail.

Gmail, meanwhile, can not only view your data, but can actually share it with third party companies who can then send you targeted ads.

Having said all that, Gmail, does have its good points. For one thing, it’s owned by Google, so its app and desktop version are really easy to use and it offers much more in the way of customer support. But for us, there’s no contest: if you’re even slightly concerned about your online privacy, ProtonMail is a much safer choice.

Winner: ProtonMail

ProtonMail: the bottom line

Nowadays, we should all be thinking about online data protection, and switching to a secure email service is a really important step in helping you to keep your online information private.

ProtonMail is really simple, easy to use and it offers end-to-end encryption, so you’ll have real peace of mind, knowing that your emails can’t be read by anyone other than you and whoever you’re emailing.

Want to know more? Check out our complete guide to secure email providers.

Related articles:

Leave a Reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Subscribe for Security Tips and CyberNews Updates