We may earn affiliate commissions for the recommended products. Learn more.

Tutanota review: when privacy is a must


Tutanota is a secure email service based in Germany. It's different from the likes of Gmail in that even though Google encrypts the stored messages on their servers, they hold the encryption keys. This means that the provider has all the access to your data at will. You can also check how many subpoenas or search warrants Google grants every year.

What distinguishes Tutanota is their privacy-first approach. This means that they have no access to your data, and theirs is one of the most discrete email communication services. Or so the developers claim, let's get into it and find out whether it's true in our Tutanota review.

⭐ Rating:
4.6
🥇 Overall rank:#2 out of #4
💵 Price:From $1.20/month
✂️ Free version:Yes
☁️ Storage space:-
🔥 Coupons:Get up to 20% OFF Tutanota!

Tutanota: main pros and cons

Visit Tutanota to learn more about the features

Tutanota features

Tutanota has a variety of additional features that might not be a deal maker just by themselves. However, when they add up, it can indeed be a contributing factor when deciding should you opt-in for this email provider. Here’s what set it apart from the competition:

  • Green email
  • Encrypted search
  • Zero-knowledge calendar
  • Secure connect
  • Email aliases

Green email

If you want your email to reflect your green attitude, Tutanota runs on 100% eco-friendly energy. It might not be a big deal to you if you compare that Google is the largest corporate renewable energy buyer in the world. However, the difference is that Tutanota is of much smaller size, and it’s commendable that they don’t cut any corners there. We shouldn’t ignore such initiatives. Business ethics rarely play a role when picking the best service providers.

The developers of Tutanota added an encrypted search index that decrypts items locally, and then enables you to search for particular keywords. Many other encrypted email services have dropped the search function altogether and have not implemented a convenient solution. It’s excellent that Tutanota adds a feature that most people already got used to, without compromising your privacy.

You might have used the search feature countless times on your Gmail account, without it ever occurring to you what the whole process means. The reality is that it’s easy for Google to implement a search function because your emails are on their servers. The indexing of each line of text is effortless in such a case. Also, it shows how easy would it be for them to retrieve your email contents.

Zero-knowledge calendar

The calendar is one of the most sensitive pieces of information that you could have. It accurately displays where you will be and what you will do. Understanding the risks involved, Tutanota developers came up with an encrypted calendar version built into their email client.

tutanota encrypted calendar

What’s particular about the Tutanota calendar is that even the notifications are encrypted, which helps against malicious agents scraping your data. The calendar is cloud-based, but only the encrypted data strings are stored, and it’s only retrieved locally. It also works on every device. Many other email services are still en-route to develop their proprietary takes on secure calendars.

Secure connect

If you’re running a website, and its topics are delicate, you might need to provide an option for your users to contact you privately. Secure Connect features enable you to embed a contact form that will be encrypted and will allow your users to reach out without compromising their privacy. It might not be useful for many users. Still, seeing how Tutanota is aiming to be the go-to choice for non-profit organizations, this feature is much needed.

Email aliases

You can hide your tracks and fool spamming bots by using aliases. You can configure this under your Extensions tab.

This interesting feature allows adding additional email addresses that all fall under your account. If your alias gets an email, it gets transferred to your primary mailbox. It may be handy if you’re covering your digital footprint by using several different addresses for safety reasons. It will help you not lose track of which accounts get what messages.

tutanota shared mailboxes

Inbox rules

Inbox Rules lets you organize the emails before they’ve even reached your mailbox. You can assign which user’s emails should go into what folders. You can include all sorts of filters and keywords to filter your messages and control your mailbox without letting it get overwhelmed with messages. It can also act as your spam filter. Add the domains that you don’t want to ever see again and poof! You’ll see them no more.

Tutanota security and privacy

I’ll go through the essential privacy and security features that Tutanota email brings to the table:

  • Tutanota encryption
  • Two-factor authentication
  • Privacy
  • Tutanota anonymity
  • Tutanota data centers

It will help you stack the service against the competitors if you’re deciding between this and some other service.

Tutanota encryption

Tutanota combines two methods of encryption, symmetric and asymmetric, to deliver one of the safest email services you could hope to find. If you want to get more technical, it’s AES 128 military-grade encryption combined with RSA 2048 to provide a secure combination to protect your communications.

It's implemented in such a way that when a user is sending an email to other Tutanota users, the encryption automates the key handling and key exchange procedure. It means that your private key acts as your Tutanota login password, which locally decrypts your emails on the device. Using something that’s called end-to-end encryption, even Tutanota don’t know what your emails contain. This even covers email subject lines – something rarely found on the market.

When sending emails to other provider’s clients, key exchange isn’t automated, and you’ll manually need to exchange private encryption keys with each other to establish a secure communication channel.

Also, Tutanota adds Transport Layer Security (TLS) encryption to push the safety to the max by securing the emails when they are in transit. According to a Security Headers report, it enforces the use of HTTPS when sending and receiving data packets.

In short, everything that could benefit from encryption is probably already implemented on Tutanota. You could not find any other service that would be such a powerhouse of safety measures done right.

Two-factor authentication

For account security, Tutanota offers two-factor authentication (2FA). Previously it was only possible to use 2FA only as a supplementary measure alongside Universal 2nd Factor (U2F).

In its current implementation, you can generate codes using Google Authenticator and a variety of other tools. It adds a layer of protection when authorizing logins to your Tutanota mailbox. In this case, should your password ever end up in the wrong hands, the perpetrator couldn’t get into your mailbox.

Here’s what options are available to set it up on your device:

  • Universal 2nd Factor
  • Authenticator app (time-based one-time passcodes or one time passwords)

U2F will require a separate hardware device, and it will only work in Chrome and Opera, with Firefox and Edge support planned in the pipeline. An authenticator app means you have to consider the safety of your mobile device because your email will be as safe as your phone.

Privacy

Although Tutanota is based in Germany, which is a 14 Eyes country, it isn’t all bad. Your data is protected by Bundesdatenschutzgesetz (BDSG), which is the German spin on the General Data Protection Regulation (GDPR). Although it sounds unnecessarily complicated, this means that your data is collected and used with your consent only.

Many mainstream providers like Google heavily monitor what you’re doing when you’re on their service. This also extends to your mailbox, which isn’t the best news for you if you value your privacy. Tutanota doesn’t serve you ads, and they don’t collect data on you.

Besides, Tutanota integrates privacy features that neutralize tracking attempts. For example, the client automatically blocks the loading of images, which is a common email tracking mechanism. Plus, emails you send go without header information because the client strips it to hide your originating IP address.

Tutanota anonymity

If you’re still wondering whether Tutanota is anonymous, you should remember that when logging in, only your passwords hash is being sent to their server to authorize your entry. Hashing is a one-way process only, so it’s impossible to re-create your password from it. In other words, Tutanota has no clue what your password is.

If you ever forget your password, they have implemented a randomly generated recovery code, which is shown during the creation of the account and from the settings screen when you create your account. It’s not possible to reset your email by sending the password to another email, for example.

Such security practices combined with safe encryption protocols means that with Tutanota, you should feel invisible.

Tutanota data centers

All of Tutanota’s data is in data centers all over Germany. For the server to make the cut, it has to be compliant to ISO/IEC 27001 information security standards. The standard requires the inspection of system infrastructure risks and vulnerabilities and the implementation of a suite of information management for the best possible blend between safety and privacy.

The only people that have access to their servers are administrators who must authenticate themselves before being allowed entry. Also, Tutanota’s infrastructure is under close monitoring to avoid disruptions in the service and to check for suspicious patterns in the network. It’s one of the services with the least downtime.

Tutanota pricing and plans

Tutanota pricing has similar tiers for individuals and businesses.

VersionPrice
Private Premium€1.20/month or €12/year
Private Teams€4.80/month or €48/year
Business Premium€2.40/month or €24/year
Business Teams€6.00/month or €60/year
Business Pro€8.40/month or €84/year

Let’s take a closer look at their pricing.

Tutanota Free

For private users, Tutanota is available as a free service with 1 GB of storage. This isn’t such a low amount as it would seem because of unencrypted email compression. Hence, with 1 GB on Tutanota, you get what would feel like 5 GB on Gmail. You’re also limited to one user, cannot set up other domain names, and you cannot search for emails older than four weeks. You’ll also have to make do with one calendar. It’s the most barebones version.

Tutanota Premium

Premium Tutanota client costs 1.20 EUR/month (or 12 EUR/year) and adds a custom domain option. You can add additional users, but it will cost you an extra 1.20 EUR/month (or 12 EUR/year per user). It also greatly expands on the search feature, allowing you to search for emails in an unlimited date range. With it, you can also set up multiple encrypted calendars, get five aliases that don’t require a separate login, and inbox rules feature. Plus, it unlocks support via email. It’s an option for individual users that need more features.

Tutanota Pro

Pro edition is the one that should be most relevant to small businesses or organizations. It costs 7.20 EUR/month with each additional user costing 3.60 EUR per mailbox. It adds 20 aliases and priority customer support. Additionally, it’s possible to add a custom domain logo, colors, and contact forms. The latter will cost an additional 24 EUR.

Tutanota Teams plan

You can also opt for the Teams plan for 4.80 EUR/month (or 48 EUR/year). Each user on top will cost an additional 2.40 EUR/month (or 24 EUR/year). Other features are the same as the Premium version, but it has a couple of more aces up its sleeve. For example, a storage cap is 10 GB, which should be enough for many emails, and you won’t have to clear it up as often. Plus, the Teams plan adds an option to share your encrypted calendars with other people.

Tutanota Custom plan

If you don’t like what’s in the pre-made packages, you can tweak them according to your needs. Do you think you don’t have enough storage? No problem! This is solvable by purchasing additional storage: 10 GB for 2.40 EUR/month, 100 GB for 12 EUR/month, 1 TB for 60 EUR/month.

tutanota pricing calculator

There are even more ways how you can tailor the service to yourself. With Whitelabel, you can customize how your service looks and works by adding or discarding features. It means that you will get only the bits and pieces that you need. It’s one of the most customer-friendly services, considering how much you can customize. You’ll pay as much as you want, and for the features that are useful to you.

Non-profit organizations can take advantage of an evergreen Tutanota deal. NPO’s based in Austria, Belgium, Canada, France, Germany, Italy, the Netherlands, or Switzerland can get Tutanota’s business account for free. Public schools and non-profits in other countries can get a hefty 50% discount on their subscription. The only caveat is that Tutanota (weirdly) doesn’t support anonymous payment options like cryptocurrencies.

Ease of use and setup

Primarily, Tutanota is a web client-based email service. However, they have open-source apps for Android and iOS devices. Plus, they have recently rolled out the applications for Windows, macOS, and Linux. Here’s a short overview of the offerings.

Web browser client

Tutanota’s web client is something you may expect from most email service providers. You get a clean-looking user interface, much of which you can customize according to your needs and preferences.

tutanota main tab

The particularity of Tutanota is that you get three different tabs for Emails, the Calendar, and Contacts. The latter you can import using vCard 3.0. Essentially, it enables you to keep everything you want in one place. All the items are encrypted, so you should be calm about your data safety.

Encrypted search, 2FA, and spam rules configurations are possible. If you’re a power user, you should stick to this mode. You can even save encrypted IP addresses in your sessions’ audit log. Every other method to log into Tutanota pales in comparison to their web client.

Mobile apps

Tutanota apps for iOS and Android enable you to get all the features that should be familiar from the web client. The apps come with push notifications, swipe gestures (depending on your device), and full-text search. Automatic synchronization between your mobile devices and desktop clients is possible, but keep in mind that desktop won’t have an offline mode.

Tutanota on mobile

It’s nice that the developer thought about users who have phones with a black notch in the upper part of their screen. Tutanota apps adjust to those in need, and you will not be losing functionality, no matter what kind of device you prefer.

Besides, you get encrypted search and 2FA. It makes it easier to connect through your mobile devices, without compromising your device’s safety.

Desktop apps

First published in 2018, the desktop apps of Tutanota were available only as beta versions. However, in 2021, they finally released full-fledged applications for Windows, macOS, and Linux.

All of their desktop applications offer the same features as the web browser client, including two-factor authentication, an encrypted mailbox, an encrypted calendar, and out-of-office notifications.

Tutanota desktop client version

Also, the apps look like a mirror image of the web browser, so you get the same looks together with the features.

Customer support

Customer support inquiries will only be accepted if you’re writing directly via your Tutanota email. It may create some problems if you cannot log into the service in the first place. It’s also strange that they have no dedicated customer support tab on their email page. To contact customer support, you’ll need to go to their “How can we help you?” page.

From there, you can enter your question. If the suggested replies don’t provide a useful solution, you’ll have the option to contact customer support. Mind you, this applies only to Premium users. If you’re using the Free version – no customer support for you.

They also suggest their managed Tutanota subreddit, where many users are exchanging tips and hints. Plus, its mods are Tutanota employees, so you should be able to find someone who will be able to help you.

Having only email contact forms and scraps of social media isn’t an optimal customer support solution. This is something that the Tutanota developers should look into. It’s one of the areas that could use some improvements.

Tutanota alternatives

ProtonMail

ProtonMail is one of the most popular secure email providers. Just like Tutanota, it also has a free version with 500 MB of storage. There are also some search limitations that are absent in Tutanota. Still, otherwise, you’re getting a top-notch secure email service and possibly a bundle deal with a VPN subscription. To find out more, read our comparison: Tutanota vs Protonmail.

HushMail

HushMail integrated end-to-end encryption just like Tutanota. The Canada-based provider has also tweaked their apps to the max, adding verification via Face ID, and more. It’s also possible to have back and forth secure communication just like with Tutanota. Hushmail also has a secure esignatures feature. If you need this feature integrated within the client, you will find it only on Hushmail.

CounterMail

CounterMail is a true alternative to the Tutanota mail if you still need encrypted email services. They’re using RAM-only servers that don’t keep any identifiable information. The developers have combined symmetrical and asymmetrical encryption methods to keep you as safe as possible. They’re using OpenPGP encryption standard which is just as strong as AES 256 that Tutanota uses.

ZohoMail

ZohoMail is a secure email service that you probably haven’t ever heard of. However, this has nothing to do with its quality. The company behind it has a long history with various password managers and other security products. With the free version, you get end-to-end encryption with 5 GB of storage. Plus, your Zoho Mail account is useful for their other services like password managers, cloud storage, and the like. Learn more

Tutanota: the bottom line

Tutanota is more than spectacular when it comes to privacy and security options. End-to-end encryption, zero-knowledge email service and additional security layers ensure information privacy. Tutanota allows using encrypted and safe emails intuitively, just like you would be using a common one. Plus, it adds extra features that are useful on a day to day basis like calendars.

They’re able to deliver a full-fledged service for free. If you opt to pay just a tiny bit of money every month, this service has almost everything Gmail offers minus the data collection. The developer clearly shows a privacy-focused attitude, which is a rare thing to find nowadays – I wholeheartedly recommend it.

The biggest drawback of Tutanota is its limited customer support. Email-only inquiries and community forum options don’t sit as the only options in a premium email service resume.

If you’re interested about other secure email providers, check out our top list here.


More secure email provider reviews

ProtonMail review: best secure email service in 2024

Zoho Mail review: perfect business email service

Fastmail review: is it worth paying for?


FAQ

Comments

Lisa
prefix 2 years ago
Seems odd that Tutanota would limit mass emailing if they are trying to be the go-to for non profits, to whom they offer discounts and I think I might have read in another review that they have expressed this goal. I am looking at it for a nonprofit application and one commenter noted being sanctioned for sending to their family email group of seven. I routinely send communications to groups of 30+
Chris Sink
prefix 2 years ago
I would advise against a paid account at Tutanota. They took my money for the year, then disabled my account this month, long before the bill was due in February, for not logging in within six months! Who does that with a paid account?! Tutanota!
Onceafireman
prefix 3 years ago
I used to be a Tutanota Premium user. However, I ultimately switched to Mailfence. I have encouraged many of my five siblings to make the switch from Google to the free version of Tutanota. Try it for as long as they like, then get a premium account if it suits them. After getting 4 of the 5 siblings to switch, we recently had a problem with Tutanota thinking they were spamming. There are seven of us in the email (counting my mom), so this certainly doesn’t constitute spamming. I have come to the conclusion that Tutanota is having some very poor business practices in trying to get free subscribers to pay for a premium account. The one sibling that has a premium account is the only one that did not get a notice about spamming, or “exceeded the limit” and it would be a day or two before they could resume emailing again. I do not recommend Tutanota for free or paid subscriptions because of this devious way of manipulating people.
bobby hoe
prefix 2 years ago
your comment is very helpful in allowing prospective users to think twice about subscribing Tutanota Premium user plan. Google mail is very poor service which it allows regularly hackers to get into your file without being detected. Even if Gmail offered premium service, I would decline its offer becoz of past hacking experience and past hackers using "ZERO DAY" program to get into your Gmail account undetected and leave without a trace! Also want to add that Yahoo mail also have devious way of forcing it users to upgrade to $12 per month fee if you want to physically contact them by telephone. If Yahoo users have problems with account, they forced to send queries by email with snapshot problem to programmers to solve account problems. Overall, Tutanota, has its dark side issues which they refuse to divulge or acknowledge upfront about all the pros vs cons in their email service. your comment was very helpful.
Chris
prefix 3 years ago
You briefly mention that it’s possible to search your mails. Could you elaborate on how well this works, especially when connecting via IMAP. Or wait, you can’t connect via IMAP, right? So how does the search work in practice? I need to be able to quickly find any email from any time by typing in a keyword on my mobile. Not even non-privacy oriented email providers can do that, due to limitations of the IMAP protocol. Exceptions are, I think, Gmail and fastmail. What about tutanota?
Justinas Mazūra
prefix 3 years ago
The way it works is that your data is indexed and stored locally on your device. For example, in your browser or on a cache of your mobile app. The index is then cross-referenced with your search queries.
In my experience, it works well enough, but the search terms have to be almost exact math. Otherwise, the index doesn’t return the needed results.
Jay Dub
prefix 3 years ago
How can I remain anonymous to Tutanota if I use a credit card? They would then have record of who I am .
Prince Cooper
prefix 2 years ago
They accept crypto payments too now.
Justinas Mazūra
prefix 3 years ago
Good point. I’d say the solution to this would be using a prepaid credit card. They are available in most gas stations or regular shops. That way, your identity would remain hidden.
abcd
prefix 3 years ago
There is a mistake in this review. Tutanota does not support SMS codes as 2FA.
https://tutanota.com/faq/
Does Tutanota support two-factor authentication (2FA)?
Yes, Tutanota supports two-factor authentication with U2F and TOTP.

https://tutanota.com/blog/posts/2fa-tutanota-supports-two-factor-authentication/
SMS code (not supported because not secure enough)
Justinas Mazūra
prefix 3 years ago
Hi, thank you for bringing this up to my attention. I’ve already updated the review.
GurlySushy
prefix 3 years ago
When I’m using tutanota when do messages expire? I’m thinking I may need to create some backups in case something goes wrong. Or maybe even switch providers, not sure if I want my messages to expire.
Justinas Mazūra
prefix 3 years ago
Hi, currently Tutanota messages do not expire
Vanessa Metz
prefix 3 years ago
Do you have some tutorials on how to set up different 2FA apps with various services? I’m commenting here because I wanted to find out how to setup authy with tutanota. I’m trying to switch from the Google authenticator app. I’m not sure if there’s anything really wrong with it, but just the Google brand attached to it is reason enough for concern.
Justinas Mazūra
prefix 3 years ago
Hello, Vanessa. You can find everything you need to know here.
Norris Gardner
prefix 3 years ago
Hi. I already have a Gmail account that is was when registering to a lot of services, but I’d like to try out Tutanota as well. Is it possible to do that? How to connect a tutanota email to gmail? I assume that some security compromises will be made, but I just wanna see how tutanota feels without ditching gmail entirely.
Justinas Mazūra
prefix 3 years ago
Hi Norris,
Unfortunately as of this moment, it’s not really possible to do that. There’s no import/export function, so you cannot export your Gmail emails and import them to Tutanota.
It’s also not possible to retrieve emails from other email clients because that way they couldn’t guarantee end-to-end encryption.
Caroline Morison
prefix 3 years ago
I really like what Tutanota is doing in terms of security and privacy. I’d like to utilize their service with one of my own businesses. I’ve been reading a lot of articles here on Cybernews and I’m afraid of my emails being leaked because of some miscofigurations or whatever. So if possible – how to set up custom domains with tutanota?
Justinas Mazūra
prefix 3 years ago
Hi Caroline,
Go to Settings > Global settings > Custom email domains > and add your custom domain there
Fisacker
prefix 3 years ago
in your honest opinion which is better protonmail or tutanota email services? i’m trying to degoogle and at the moment i’m at a crossroad when choosing between these two. i really like the calendar feature on tutanota, but to be honest i wasn’t using the google calendar much so i’m not sure if i’ll use this one either. not a problem with the services, it’s me. while protonmail also makes a vpn so i know that they are serious about security.
Justinas Mazūra
prefix 3 years ago
Hi, if you’re still having doubts I’d suggest you check our comparison. It will definitely make your selection easier ?
Awayet
prefix 4 years ago
Hello. Does the free version of Tutanota have some other limitations? How many emails can tutanota email send a day? Because so far I like what I’m reading, but I use an email extensively in my line of work, so I don’t want to come upon some unexpected surprises when choosing Tutanota. Otherwise seems great, perhaps I’ll get the paid version.
Justinas Mazūra
prefix 3 years ago
Hi, the free Tutanota version allows about 300 emails a day. Keep in mind, that if your business plans to use newsletters, the service also has some other strict policies on mass-sending. You’re prohibited to send more than 100 emails per hour. Also, they don’t allow sending emails that advertise a referral system. It’s in their terms of service.
tojipa
prefix 4 years ago
Also, you know an encrypted email provider is really good when they are constantly getting DDos attacked. Seems like certain powerful entities don’t want people using encrypted email.

https://tutanota.com/blog/posts/ddos-attack-tutanota/
tojipa
prefix 4 years ago
Good review but the all the pricing info is wrong.

Premium email (what most users would use) only costs €1.20 per month (or €12 yearly), not €12 per month.
Teams email costs €4.80 per month (or €48 yearly), not €48 per month.
Pro email costs €7.20 per month (or €72 yearly), not €72 per month.

The pricing is really good value for such a high standard of service.
Please correct.
Justinas Mazūra
prefix 4 years ago
Hey, thanks for your comment!
I’ve already corrected the pricing information. It should be fine now ?
Leave a Reply

Your email address will not be published. Required fields are markedmarked