For those in the know and protective of their privacy, Tutanota and ProtonMail are the industry leaders in âsecure emailâ. Both have an excellent reputation built on guarding user emails from prying eyes â even their own eyes.
So which one is better. Letâs take a side-by-side look at Tutanota vs. ProtonMail to see which one is better in generalâor better for you.
Tutanota vs ProtonMail: security and privacy
Both services offer excellent security and privacy â itâs their entire selling point. Both offer end-to-end encryption that even they donât have the keys to decrypt.
Tutanota encrypts more spaces within its ecosystem, but we give a slight edge to ProtonMail. ProtonMail has a restrictive spam filter, complete anonymity, and RSA 256-bit encryption compared to Tutanotaâs 128-bit protocol. ProtonMail also benefits from Switzerlandâs excellent attention to privacy.
| Tutanota | ProtonMail | |
| Rating | 4.6 â â â â | 4.9 â â â â |
| Encryption | RSA 2048-bit, AES 128-bit, no PGP, encrypted subject lines, calendars, and address books, perfect forward security | RSA 2048-bit, AES 256-bit, OpenPGP |
| Anonymity | IP addresses stored, but hidden | No IP address stored |
| Privacy | Protected by German law, 14 Eyes, company commitment | Protected by Swiss law, company commitment |
| Spam Filtering | Restrictive | Permissive |
| Website | Tutanota.com | Protonmail.com |
Winner:
Encryption
Tutanota offers end-to-end symmetrical encryptionâRSA 2048-bit for user-to-user emails, AES 128-bit for user-to-non-user emails. The service uses the same algorithms as PGP, but encrypts subject lines as well as the email body above that. Even Tutanota canât decrypt your messages. It also offers perfect forward security, meaning hacking a past session doesnât give a cybercriminal access to future sessions. Tutanota also encrypts your address book and your calendar.
ProtonMail also uses end-to-end symmetrical encryptionâRSA 2048-bit for user-to-user emails, AES 256-bit for user-to-non-user emails. It uses OpenPGP, an industry-standard email encryption algorithm that has several weaknesses mentioned aboveâno encryption of subject lines, and no perfect forward security. Like Tutanota, ProtonMailâs encryption prevents even ProtonMail itself from decrypting it and reading your messages.
Anonymity
Tutanota strips IP address information from its messages, making it impossible for anyone to trace the message back to the user, at least using the IP.
Meanwhile, ProtonMail offers complete anonymity to its users, too. In addition to end-to-end encryption, it also strips messages of IP addresses.
Privacy
Tutanota is a German company. Germany is one of the âFourteen Eyesâ alliance of intelligence-sharing countries, but emails that pass through Tutanota are protected by the German Federal Data Protection Act, which prohibits the use or collection of personal data without express permission or a law that specifically allows it.
ProtonMail is headquartered in Switzerland, with servers hidden under a kilometer of granite, safe even from a nuclear blast. Famously neutral and independent, Switzerland has some of the best privacy laws in the world, and ProtonMailâs parent company is very privacy-focused.
Spam filtering
Tutanota offers an intelligent spam filter with parameters users can use to identify spam and filter out unwanted messages. While they are constantly making improvements, user feedback tends to identify Tutanotaâs spam filter as too restrictive.
Meanwhile, ProtonMail uses a smart spam detection system that automatically puts your incoming messages in an inbox or spam folder. Sometimes itâs bound to misplace your emails, so you can use a whitelister as a method to bypass the blocks if they seem too strict for you.
Tutanota vs ProtonMail: features
Different features will be valuable to different users. ProtonMail has the advantage of ProtonVPN in its priciest plan, but weâre giving this close race to Tutanota thanks to the availability of encrypted calendars in every plan, even the free plan.
| Feature | Tutanota | ProtonMail |
|---|---|---|
| AutoResponder | Yes (paid plan) | Yes (paid plan) |
| Custom Domains | Yes (paid plan) | Yes (paid plan) |
| Secure Form Code | Yes (pricey add-on) | No |
| VPN Subscription | No | Yes (highest plan only) |
| Custom CSS | No | Yes |
| Secure Calendar | Yes (free) | Beta only |
Winner: Tutanota
Features that both secure emails have
For paying users, both Tutanota and ProtonMail offer an autoresponder and custom domain aliases. When it comes to secure calendars, Tutanota gives it for free while ProtonMail is still in the beta stage of this solution. Therefore, this micro-battle goes to the former secure email.
Unique features
The most interesting feature is Tutanota’s SecureConnect. It allows you to implant Tutanota code into your website to create a contact form with the same security and privacy as Tutanota itself. This is a niche feature, and an expensive add-on not included in any plan. Companies that want to receive secure messages from their website visitors, however, may find SecureConnect invaluable.
What separates ProtonMail from Tutanota is its VPN subscription. It’s becoming more common to see secure email providers offer other online security solutions, such as password managers or file encryptors. In this case, ProtonMail’s Visionary plan includes a subscription to ProtonVPN, which privacy-minded users should consider anyway.
Some of ProtonMail’s paid plans also include ProtonMail Bridge, an app that runs in the background and automatically encrypts or decrypts messages in applications that support IATP or SMTP. This is probably of limited use to most users, just like the CSS customization functionality.
Getting back to more widely-used features, we find that Tutanota has a native desktop application. In contrast, ProtonMail can only be accessed by webmail or using a third-party email client.
Tutanota vs ProtonMail: pricing
While the free plan is more restrictive and the packages more expensive, we still give this one to ProtonMail. The a la carte model of Tutanota leads to sticker shock and analysis paralysis â once you start adding features, your plan gets complicated and pricey. Despite the higher price tags, ProtonMail offers valuable features within each package that more than justifies the cost.
| Version | Tutanota | ProtonMail |
|---|---|---|
| Free | $0.00 | $0.00 |
| Premium | $14.10/year | $48.00/year |
| Teams | $56.40/year | $75.00/year |
| Check Pricing | Check Pricing |
Winner: ProtonMail
Value for the price
Tutanota offers a free plan with 1 GB of storage. It also offers a âŹ1.20/month Premium plan, a âŹ4.80/month Teams plan, and a âŹ7.20/month Pro plan. Slight discounts are available for annual plans. It is worth noting, however, that Tutanota uses an a la carte approach, with services able to be added. This allows the users to customize their plan, but popular features can quickly erase the savings enjoyed by Tutanota users.
ProtonMail offers a free plan with 500 MB of storage and a limit of 150 emails per day. The paid plans range from âŹ5/month for Plus, âŹ8/month per user (up to 5,000 users) for Professional, and âŹ30/month for Visionary. While these prices are higher and the menus fixed, both the Professional and Visionary plans offer powerful and comprehensive feature packages. Visionary, for example, includes a free subscription to ProtonVPN. Tutanota doesnât offer anything close to this value, even in the Pro plan.
Tutanota vs ProtonMail: storage and attachments
With no advantage in attachment size, this match goes to ProtonMail based on storage. Yes, the free plan offers less data, but the data offered to the paid plans run circles around Tutanotaâs data allowance.
| Tutanota | ProtonMail | |
|---|---|---|
| Free Storage | 1 GB | 500 MB |
| Paid Storage | Up to 10 GB | Up to 20 GB |
| Attachment Limit | 25 MB | 25 MB |
Winner: ProtonMail
Data allowances
Tutanota offers 1 GB of storage for the Free and Premium plans, 10 GB of storage for the Teams and Professional plans. Tutanota limits attachments to 25 MB.
ProtonMail offers 500 MB of storage for their Free plan, 5 GB of storage for the Plus plan, 5 GB per user for each user (up to 5,000 users) for the Professional plan, and 20 GB of storage for the Visionary plan. ProtonMail also limits attachments to 25 MB.
Tutanota vs ProtonMail: ease-of-use
Both Tutanota and ProtonMail are reasonably easy to use. The winner, however, is ProtonMail. We were impressed by its ease of setup, useful settings, and third-party integrations.
| Tutanota | ProtonMail | |
|---|---|---|
| Setup | Three steps, TOS acceptance, 64-digit recovery code | Two steps, verification |
| Interface | Responsive | Feature-rich |
| Performance and speed | Fast and strong | Fast and strong |
| App integrations | Native desktop app, no integrations | Many popular integrations |
Winner: ProtonMail
Setup
Setting up a Tutanota starts by clicking the âSign Upâ button in the upper right-hand corner of every page. You will be presented with an assortment of plans to choose from. If you select the âFreeâ plan, a window pops up notifying you that Tutanota limits users to one free plan each.
The next page asks you to create your username (i.e. your email address) and create and confirm your password. Two checkboxes verify your age (16+ per German law) and your acceptance of the terms of service.
The next page takes you to your recovery code, a 64-digit code that authorizes you to change your password and second factor. Save it carefully, or the loss of your credentials could lock you out of your account, permanently! Youâre then taken into a login page and can access your new inbox.
The ProtonMail setup process is lightning-quick and easy. Upon clicking the âSign Upâ button, on every page next to the âSign Inâ button, you will be taken to a page with dropdown menus from which to select your plan. The âPlusâ plan is automatically unfurled, but you can easily select âFreeâ above it, âProfessionalâ or âVisionaryâ below it.
Once you select your plan, you will be directed to a simple, one-page setup screen, asking for your new username, password with dual confirmation, and recovery email. Click âCreate Account,â and you will be taken to a verification page, where you can choose Captcha, SMS, email, or phone verification. Captcha is probably the quickest. Verify your account, and thatâs it! Youâre ready to start customizing your inbox.
User-friendliness
Tutanota is remarkably easy to use. It resembles many other email inboxes, making it intuitive and easy to navigate. The interface is also elegant â itâs responsive and fun to use.
ProtonMail doesn’t lose out on this front – it’s also very user-friendly and intuitive. It loses some points, however, from a home screen that includes a huge prompt to upgrade your account. ProtonMail has a lot more settings, though, including custom CSS import.
Performance and speed
Tutanota sends and delivers mail quickly and reliably. Service was interrupted during a 2020 DDoS attack, but overall performance is excellent.
ProtonMail also exhibits excellent speed and performance, with no noticeable delays or interruptions in service. ProtonMail also offers excellent attachment upload speed and transfer. However, the Preview Panel is a little slow to load, since this is the step at which the message gets decrypted in ProtonMail.
App integrations
Tutanotaâs proprietary encryption has the side-effect of negating the ability to integrate it with third-party email clients. This may not matter to many users, since Tutanota includes a native desktop app, but people who love Microsoft Outlook or Apple Mail may be disappointed.
ProtonMail integrates with the most popular third-party email clients, including Microsoft Outlook, Apple Mail, and Mozilla Thunderbird.
Tutanota vs ProtonMail: customer support
ProtonMail is the clear winner. By offering a larger subreddit, a more useful knowledge base, and direct email support even to free users, it far surpasses Tutanota in terms of user support.
| Tutanota | ProtonMail | |
|---|---|---|
| Knowledge base | Decent | Excellent |
| Subreddit | Big | Massive |
| Email support | Paid plans only | All plans (escalated service with paid plans) |
Winner: ProtonMail
Knowledbases and email support
Tutanota offers a Subreddit and a user knowledge base. It also has direct email support, but only for paid users.
ProtonMail offers direct email support, even for free users. Free accounts supposedly have âlimited support,â meaning longer wait times can probably be expected, but itâs better than nothing. It also has a larger Subreddit, as well as a knowledge base that is much easier to search and navigate.
Verdict
| Category | Tutanota | ProtonMail |
|---|---|---|
| Privacy and Security | â | â |
| Features | â | â |
| Pricing | â | â |
| Storage and Attachments | â | â |
| Ease of Use | â | â |
| Customer Support | â | â |
Winner:
Both Tutanota and ProtonMail are excellent mail applications, but ProtonMail stood out in many categories. While we give Tutanota the slight edge on feature selection, we slightly preferred ProtonMail for privacy, security, pricing, storage, attachments, and ease of use. Where ProtonMail really outshines Tutanota is customer support, which matters more than people sometimes give credit for.
It was a close race, but our pick in the Tutanota vs. ProtonMail side-by-side comparison sweepstakes: ProtonMail!
FAQ
Is Tutanota better than ProtonMail?
Tutanota is dead set focused on maintaining your privacy, while ProtonMail is more interested in private email service. It means that they’re trying to be easy to use and comfortable services, while Tutanota sacrifices convenience for anonymity.
Can ProtonMail be traced?
For people on the outside, there’s no way to track ProtonMail. However, if you get in trouble with law enforcement, they will cooperate. ProtonMail is not a neutral service. The service developers clearly state that they do not want to be a criminal’s email provider. Which means that you can potentially become traced.
Is Tutanota open-source?
Tutanota doesn’t use third-party code on the principle that it would be hard to make sure the privacy claims. Their source code is fully documented on GitHub, so if you want to make sure how some elements work, you can do it.
Which service is better supported: Tutanota or ProtonMail?
Tutanota developers used their own encryption, while ProtonMail uses OpenPGP. So, interaction with other clients should be more comfortable with ProtonMail. Meaning that it smoothly works with other non-ProtonMail accounts. With Tutanota, both users will have the easiest time only with other Tutanota users.
Forget about Swiss laws etc.. in my opinion the biggest concern about ProtonMail is the request for a phone number to create the account. What is really fishy is that although they say they don’t link the phone with the account, you have to take that for granted, and I frankly don’t like it. Seems like a trap. I tried to use temp phone sms services, and surprise!!! A nice mssg telling me that those phones were already used. So they are actually storing (don’t matter if hashed or not) phone numbers. So I think trust anonymity with ProtonMail is an act of faith.
ProtonMail is doing some clever marketing with its location in Switzerland and its data center. However, the truth is that Switzerland is not 100% neutral and that requests for information from authorities are also possible there, forcing providers to cooperate.
In the case of web-based clients, which also store users’ private keys and are primarily based on JavaScript, there are also a lot of starting points here. On the one hand, JavaScript is vulnerable to timing attacks. On the other hand, malicious / manipulated browser plug-ins can also be abused (regardless of this, they always read along anyway). Finally, the provider itself can be forced to deliver manipulated code to users to be monitored. This does not make the services insecure per se – but they offer little real protection against actors with great power (states, their intelligence services, etc.).
But the truth is also that a data center in a first-strike-proof data center offers good protection against a nuclear attack and hardware theft – but adds no value in terms of cybersecurity. Today, such attacks typically occur from the outside by attackers or from the inside by “agents” at the software level.
Putting all the facts on the table, ProtonMail still currently offers the better deal compared to Tutanota. In my opinion, however, there is only one reason for this: ProtonMail offers the possibility to import existing mailboxes. This possibility does not yet exist with Tutanota. For anyone who wants to change, but exactly that – an import of existing mails – is enormously important.
In my opinion, all other facts speak against Protonmail. Even if you take into account the cooperation of Germany with foreign intelligence services and the increasing surveillance mentality. But this is only my personal opinion.
I’m looking at Tutanota’s site right now, and it clearly has an option for storage all the way up to 1TB, and it’s cheaper than Proton.
Don’t get me wrong, Proton is a good service, but the comparisons between these services I’m seeing done make much sense. Tutanota clearly wins from a pricing standpoint. I can have two users with 5GB of storage for literally half the cost of Proton Mail. Granted, I do think Protonmail has the better UI, but they also lack a calendar for the free tier. How in the world did it win on pricing and storage?
Fixed:
Privacy and Security â â
Features â â
Pricing â â
Storage and Attachments â â
Ease of Use â â
Customer Support â â
I use both Protonmail and Tutanota. One feature Protonmail outshines Tutanota is that it has the disappearing email function. For communication nowadays, we don’t need to keep all content. So, Protonmail is better in this race.
In my opinion this article is lacking comparison of two very important things:
1) Two-factor authentication
Tutanota supports U2F (Security Key) and TOTP (authenticator app). ProtonMail supports only TOTP.
A U2F key is a true physical factor. As long as you keep them physically secure, they can’t be digitally intercepted or redirected. And unlike most two-factor methods, U2F keys are phishing-proof because they only work once you’ve registered them with a site. This is very important because phishing is one of the biggest threat. Additionally the U2F implementation by Tutanota is very good – you have to touch the security key every time you log in.
2) Password reset procedure, which is a very popular attack vector.
Tutanota has better password reset procedure than ProtonMail.
Tutanota comes with a 64-digit recovery code that enables you to reset your password yourself making sure that no one can abuse the password reset feature to gain access to your email account. (You can’t recover the password by email or by sms.)
https://tutanota.com/blog/posts/secure-password-reset
In ProtonMail the user decides about password reset options. User can add a recovery email or in ProtonMail V4 in beta a recovery phone number. This mens that you don’t have a password reset option or your ProtonMail email is as safe as your recovery email or you are at risk of sim swap.
https://protonmail.com/support/knowledge-base/reset-password/
Because of the above for people who want a very secure email account Tutanota with U2F key is an obvious choice. In my opinion security of an email account depends more on 2FA options and password recovery procedure than on other factors.
Tutanota is also an excellent choice as an recovery email for important online accounts. If online accounts which you have are very important you should choose Tutanota Premium account so you can activate notification emails about new messages in your Tutanota inbox. It is also a good idea not to share your recovery email with anybody.
Hi Paul, Can you please have a look at the below? It doesn’t make any sense to me.
Tutanota ProtonMail
Spam Filtering Permissive Restrictive
Tutanota offers an intelligent spam filter with parameters users can use to identify spam and filter out unwanted messages. While they are constantly making improvements, user feedback tends to identify Tutanotaâs spam filter as too restrictive.
ProtonMail offers an intelligent spam filter with parameters users can use to identify spam and filter out unwanted messages. While they are constantly making improvements, user feedback tends to identify Tutanotaâs spam filter as too restrictive. Users may have to whitelist emails they do want to see.
Hi, thank you for your comment. Weâve revisited these findings.
I am wanting to leave Gmail and Yahoo for security/privacy reasons. I have Verizon/AOL email. It is sometimes “down” – fails to load my emails. But I get no spam, and storage is huge. (I’m not tech savvy, so I can’t tell you what the error is when it won’t load. Sorry about that.) I want email that works, is secure, and won’t allow lots of spam. Gmail puts a couple ads at the top, which is no big deal. It’s Tutanota what you would recommend?
Both ProtonMail and Tutanota have excellent measures against spam. So, if you’re worried about that the most, you’ll have comparable experience, whichever you pick.
In a recent support go-round with protonmail I found out that they machine read incoming emails and attachments from non-secure email sources and will blacklist an email despite the sender’s email address being on the receiver’s white list. They completely ignore the receiver’s white list.
The only and enough dissadvantage Protonmail has for me is that there are many chineses inside. That fact is enough for me to dispose its service.
Protonmail free is very restricted. They only allow you to send to 10 recipients/day. And one cc or bcc mail counts as 10 unique messages. So not very suited if you email to a lot of people. They have a secret formula to boost your reputation, so you can send more, which is basically: pay.
Hi, John. This is incorrect. Yes, they limit bulk sending, but the cap doesnât disappear when you opt-in for paid plans. Itâs in their terms of service.
This article seems to skip over a lot of ProtonMail’s flaws while being very critical about small issues with Tutanota. The conclusions drawn also don’t seem to line up with the data presented in the article.
Tutanota is 1/4 the price of ProtonMail, but the verdict is that ProtonMail wins on Pricing?
The article clearly discusses how Tutanota is more privacy focused and makes better use of encryption, but the verdict is that ProtonMail wins on Privacy and Security?
Something seems fishy.
Email providers based in Switzerland tend to make Swiss privacy sound like a big deal. Swiss privacy is not a feature that you should count upon. During the 2009 financial crisis Swiss banks wanted bail out protection and the US government wanted information about citizens with offshore accounts. They both got what they wanted. The US Department of Justice website details this arraignment in the article âU.S. Discloses Terms of Agreement with Swiss Government Regarding UBSâ, August 19, 2009. The article is at https://www.justice.gov/opa/pr/us-discloses-terms-agreement-swiss-government-regarding-ubs.
The article states âThe Swiss government will then direct UBS to initiate procedures which could result in the turning over of information on thousands of accounts to the IRS.â The article also states âIn addition, the Swiss Government has agreed to review and process additional requests for information from other banks regarding their account holdersâ. The DOJ website also has individual case resolutions published. Several US citizens were sentenced to Federal Prison because of these actions.
Swiss privacy is nice, but it works better when it is financially beneficial.
In this article, under the heading âSpam Filteringâ there are the statements: âuser feedback tends to identify Tutanotaâs spam filter as not restrictive enoughâ, AND âuser feedback tends to identify Tutanotaâs spam filter as too restrictiveâ.
This article under the heading âAnonymityâ, states âTutanota stores IP address information with its messagesâ. In the cybernews article âTutanota review: when privacy is a mustâ, it states âTutanota strips the IP address from your email header, hiding your location. The whole inbox is encrypted, and the service provider does not log the IPâs of its users.â Are both of these statements accurate, and if so what is being stored?
You concluded Protonmail was the pricing leader, but with Tutanotaâs premium plan costing âŹ1.20/month and Protonmailâs Plus Plan costing âŹ5/month, it is difficult to see how you came to this conclusion. While additional features might cost more, this is true for both providers. The top Protonmail plan comes in at âŹ30/month which is far more than Tutanota email with 3rd party VPN.
I have a paid Protonmail account and a free Tutanota account. Two differences that seem different to me are the support for contact groups, and support for encrypted email to outside (non-encrypted email accounts).
Proton paid accounts support contact groups, so you can send email to a preconfigured contact group. Tutanota does not have this feature.
Both providers have an âencrypt for outsideâ capability allowing you to compose a message and deliver it as a hyperlink that can be opened / exposed with a password. This prevents the recipientâs email provider, google, yahoo, etc. from reading your message. The difference is Protonmailâs implementation requires a âpassword per messageâ while Tutanotaâs implementation supports âpasswords by contactâ. The difference has a huge impact on usability. Protonmailâs implementation requires you to communicate the password to the recipient, manually record the password in some sort of journal, and enter this password every time you send an encrypt for outside message. Tutanotaâs implementation requires you to communicate the password to the recipient, but it records that password with the contact information which you can use for all future emails until you change the password.
Tutanotaâs âpassword per contactâ is also more flexible. If you have a contact âBenâ whose password is âchocolateâ and a contact âJerryâ whose password is âvanillaâ you can send an âencrypt for outsideâ with Tutanota to Ben and Jerry and they each open the message with their own passwords. With Protonmail you would have no password that would work with both recipients, so you can only send separate messages or use the same password for everyone.
Tutanotaâs âencrypt for outsideâ could use some improvement (allowing the recipients to choose their own passwords and store them on the Tutanota server would be an obvious improvement), but even with its flaws it is usable. The usability of Protonmailâs âencrypt for outsideâ is fatally flawed.