may earn a small commission from some purchases made through our site. However, any affiliate earnings do not affect how we review services.

Tutanota Review

Tutanota is a great secure email provider, made even better when you consider it has a solid free plan. Its interface is easy to navigate and security is excellent. Note, though, that customizing it can get expensive quickly, as you can read in this full Tutanota review.

Jacob Roach
By Jacob Roach (Writer)
— Last Updated: 2021-02-04T16:38:32+00:00

Tutanota is a small, open-source email provider based out of Germany. Launched in 2011, the service has been fighting an uphill battle against the old guard, with services like ProtonMail and Hushmail founded decades prior (read our ProtonMail review as well as our Tutanota vs ProtonMail comparison). In that fight, though, this provider has established itself as one of the safest email platforms on the market. 

In this Tutanota review, we’re going to talk about our experience after spending some time with the service. As a Tutanota user, we tested everything from security to settings to make sure it was up to snuff. Thankfully, it was. 

For individuals looking for a free way to protect their emails, Tutanota is a great option. It’s cheap for businesses, too, though only in its base configuration. As we’ll explain throughout this review, the ways you can customize your plan can get expensive quickly.

Strengths & Weaknesses


  • Excellent security
  • Zero-knowledge model
  • Encrypted calendars
  • Responsive web app
  • Whitelabel support
  • Protected “Secure Connect” forms


  • Add-ons can get expensive
  • Shared storage
  • No tiered discounts on multi-user plans


85 % – Very Good

Tutanota has more features than most other secure email services, but as we’ll get to in the next section, you’ll pay for those features. Still, the service accounts for the basics and even includes a few unique features across plans.

Secure… Calendars?

By far the most unique feature is secure calendars. The number of calendars you can have varies based on your plan (free users have access to one), but it doesn’t cost anything to use this feature. 

In short, secure calendars are, well, secure. Using the same end-to-end encryption, you can protect your appointments, reminders and more, as well as share them with other Tutanota users.


Although it’s a great feature to have around, these calendars aren’t as decked out with options as something like Google Calendar. The calendar feature is still in active development, with options like “calendar search” and “events from email” coming soon. 

Whitelabeling and Secure Connect

On business plans, for an extra fee, you can whitelabel your email service with your business’ logo, colors, meta tags and more. Whitelabeling certainly isn’t a feature unique to Tutanota, but it’s nice to have around if you want more control over your encrypted email service.

Much more interesting is “secure connect.” If you run a website and want visitors to contact you over an encrypted channel, “secure connect” is for you. It’s basically a form for your website, just one that’s end-to-end encrypted. Using the same secure email servers as your personal emails, visitors on your website can contact you through a “secure connect” form.

The problem, though, is that it’s expensive. Like nearly all of Tutanota’s features, you’re charged extra for “secure connect.” You’re just charged a lot more for this feature, compared to its other features. Each form runs 240 euros (around $270) per year, and if you’re paying monthly, it costs 24 euros (around $27) each month. CounterMail offers a similar feature and it’s free, however, Tutanota’s version is better (read our CounterMail review).

Sending Emails to Non-Users

Although it’d be great to get all of your friends to use Tutanota, that’s probably not going to happen. Thankfully, you can easily send messages to non-Tutanota users. When composing a message, if you put a non-Tutanota email in the “to” box, a password field will appear. Set a password, make sure your recipient knows it and click “send.”


Tutanota creates a new mailbox for that recipient, which they can access with the password you set. The inbox doesn’t have all of the settings of a full account, but it offers a way for non-users to communicate with subscribers over an encrypted channel.

Native Apps for Windows, macOS and Linux

Although unexciting, Tutanota has native apps for Windows, macOS and Linux. No matter how safe the service is, there are inherent flaws with web-based email. Tutanota gives you the option to use a desktop application purpose-built for the service, with no need to fuss around with IMAP or POP protocols. If you’re on mobile, there are apps for Android and iOS, too.

Tutanota Features Overview

EncryptionRSA, AES
End-to-End Encryption
Zero Knowledge
Custom Domain Support
Supported PlatformsAndroid, iOS, Web
Open Source
Free Plan
Email SupportPaid users only
Live Chat Support
Phone Support


70 % – Decent

Tutanota takes an interesting approach to pricing. Technically, there are four plans split between private and business use. The “plans” are better defined as “bundles,” though. You can build on the free plan with more storage, more email aliases and other features.

Everything starts with the free plan, though, and Tutanota’s offering is solid (Hushmail could use a few pointers on this front). The free version includes 1GB of storage for a single user, and you can only use a email address. You’re also limited to a single calendar and can’t use the full power of search in your inbox. 

Up a tier at the Premium plan, you gain the ability to add users to your account (same price as the base subscription per user) as well as email support and expanded search functionality. The oddball is the Teams plan. It includes two user accounts, 10GB of storage and calendar sharing, but it comes with only two user accounts and is limited in its stock form. 

Most of the plans are limited in their stock form, really. For instance, aliases top out at five, even on Teams. You can purchase more, but for a significant price. An additional 100 email aliases will run you the same price as a Teams subscription per year. 

Business Plans and Extras

Above Teams is the Pro plan. It’s expensive and, like Teams, comes with only two users in its base configuration. It has some extra goodies, though, including custom domain login, contact forms and full whitelabeling. However, at nearly twice the price of the Teams plan, Pro is hard to justify, even for large businesses. 

Tutanota isn’t expensive, but with all of the add-ons, it can be, especially considering there aren’t any tiered discounts for multi-user plans. Beyond that, though, there are too many stipulations for each configuration. You’re limited in email aliases, your storage is shared between all users and the prices are only displayed in euros, so you’re up to the mercy of the current exchange rate. 

There’s a silver lining for nonprofits, though. Schools and nonprofits receive a 50-percent discount for each user. If you’re operating a nonprofit in Austria, Belgium, Canada, France, Germany, Italy, the Netherlands or Sweden, you can apply for a free nonprofit account, too. 

As for refunds, you can get your money back if you cancel early. Tutanota doesn’t have a full refund policy, though. Rather, you’ll receive a prorated refund if you cancel your subscription prior to the end of the billing cycle. 

Ease of Use

90 % – Excellent

Signing up for Tutanota is a breeze, with a large “sign up” button living in the top menu of the website. After clicking it, you’ll be brought to a checkout page with the various plans available. Once you’ve chosen one, enter your new email address, set a password and you’ll be on your way.


You’ll get a recovery code after, which you should mark down. Tutanota doesn’t see or store your password (which we’ll discuss more in the “security” and “privacy” sections), so the recovery code is the only way to access your account if you forget your password. 

Inside the web application, Tutanota has a standard setup. There are some categories on the left side, you can find your contacts and calendar in the top-right corner, and the settings button is nestled in the bottom-left corner. It’s a standard layout, but it works well. In fact, it works better than most other secure email providers.


The web interface feels very responsive, with little to no lag when jumping between different screens. Thankfully, the same is true for the desktop clients. Everything has its place, and those placements work. When it comes down to it, though, the actual feeling of using Tutanota is far better than other email providers. 

Digging Into the Settings

Tutanota is dense with settings. From changing spam rules for specific email addresses to storing your encrypted IP in audit logs, there’s a setting for just about everything. 

Furthermore, you can upgrade your account from the settings panel. It isn’t an advertisement or checkout page. Rather, you can increase your storage, add email aliases and more, all without leaving your inbox.


What’s great about the settings is that they’re complex yet accessible. Because Tutanota feels so responsive, the settings are much more inviting, even if they’re advanced.


95 % – Excellent

When it comes to security, Tutanota pulls out all the stops. Depending on your recipient, the service uses either symmetric encryption with AES-128 or asymmetric encryption with RSA-2048 (read our description of encryption to learn more about those). 

If you’re sending emails between two Tutanota users, asymmetric encryption is used. The password you set when sending to non-users is for symmetric encryption. 

Your emails are safe, but like other email platforms, there are some things that aren’t encrypted, including the email address of the sender and recipient (read our guide on email security for more). However, unlike OpenPGP providers, Tutanota encrypts the subject line of emails, as well as attachment names. 

Encryption happens locally on your device, making Tutanota a true end-to-end encrypted service. In transit, your emails are protected with an SSL/TLS tunnel abiding by the best standards, including perfect forward secrecy.

Zero-Knowledge Model and Password Security

Beyond encrypted emails, Tutanota protects your account, too. In short, if a process can happen locally on your device, it will, free of servers you can’t control. For your password, there’s a zero-knowledge model in place. Instead of using your raw password, it sends a version that’s been hashed and salted, which is used to authenticate your account. 

Just like your password, Tutanota can’t see your private encryption key, either. Instead of generating the key on its servers, the key is generated locally when you create an account, then encrypted with your password. In practice, this means Tutanota doesn’t have access to your private key and thus can’t decrypt your messages. 

Beyond these behind-the-scenes protections, there are other ways to protect your account. With support for the best 2FA apps and U2F two-factor authentication, you can lock down your account as much as you want. The platform is open source, too, so there have been a lot of eyes on the source code. 


100 % – Excellent

There’s not much to talk about when it comes to privacy. Tutanota has a zero-knowledge model, but it’s better described as host-proof hosting. Put simply, even if it wanted to collect information about you, there are too many safeguards in place to allow that to happen. 

As for what data it collects, the service stores your new email address and payment information. That’s it. Tutanota also monitors IP addresses for the purposes of diagnostics. However, all IP addresses are put through an anonymization process, so it’s not considered a piece of personal information. 

Although there isn’t much to talk about here, that’s a good thing. Tutanota’s approach to privacy is summed up perfectly in the “cookies” section of the privacy policy. In an age where even the most privacy-friendly services are using at the very least Google Analytics, this section simply states: “We do not use cookies.”

The Verdict

Tutanota gets a lot right, with a wide range of features, top-notch security and a wonderfully optimized interface. The problem is the price for certain configurations. For individual users, it’s a no-brainer, with the generous free plan at the ready. Businesses may need more add-ons, and although Tutanota affords you that flexibility, it does so at a significant cost, depending on your configuration. 

We want to point out, though, that while the extras can get expensive quickly, the business plans themselves are dirt cheap. If you’re working with a small team and don’t need a lot of extras, you should definitely consider this service. 

What do you think, though? Are you going to sign up for a free account? Let us know in the comments below and, as always, thanks for reading.

Tutanota FAQ

  • Tutanota offers a free plan that includes full encryption for your emails at a single address, as well as 1GB of storage. The paid version comes with some extras, including custom domain support and email aliases.
  • The name comes from the Latin words “tuta” and “nota,” which roughly translates to “safe note.”
  • Tutanota is a privately owned company based in Germany. Currently, it has fewer than 10 employees managing millions of users across the world.
Was this post helpful?

9 thoughts on “Tutanota”

  1. I do not recommend Tutanota at all, at least not an unpaid account. Firstly, I would repeatedly receive spam emails from supposed tutanota admin asking for verification of my account. When I would go to verify, the links very often were broken. I also was often unable to log into my account. Additionally, I would receive emails twice. Secondly, I could not search through my archived emails (which is only an option through premium). All of these inconveniences were worth it, however, as moving away from Gmail and mainstream online services is very important to me. Eventually, however, my email was hacked and as I was going to change my password, I was kicked out of the system and have not been able to log back in since. I have records of the original recovery code and have tried to use it to reset my password, but to no avail. There is no way I could have updated my recover code because I didn’t even know this was an option until this fiasco arose. The Tutanota time has done very little to help me or compensate in any way. They are very difficult to reach and pretty inaccessible. I have switched over to protonmail with which I am very happy. I would recommend avoiding this service.

  2. I also do not recommend Tutanota. Their customer service for a paid account is terrible. I was charged for the white label service after I’d already disabled it, so I emailed them about it on a Thursday. They did not respond until the Monday after. When I inquired why they were taking so long to respond to my email via Twitter, they responded snarkily that it was the weekend. I Tweeted at them again on Tuesday asking for a refund and cancellation, they gave me an even more rude response saying “How would we know which account you are talking about? The only way to claim a refund is to email us directly. Thanks.” I was only refunded for the white label service. Not the account. Link to the Twitter thread:

  3. I’ve been using both Protonmail and Tutanota for about a year, and I feel much better using Tutanota. As for user-friendliness, the ability to search the body text of my emails is a huge plus for Tutanota.

    Also, as an activist who has come under heavy surveillance and occasionally communicates with high-profile lawyers, activist strategists, and so on, knowing Tutanota is as secure as possible feels great.

  4. I’ve been using Tutanota for about a year, after moving from Startmail, a Netherlands based security focused service. While Tuta is obviously not as fully developed as spyware like Gmail, I have been completely satisfied with the pro account so far.

    This thing is speedy. Compared to Startmail as a standard, Tuta is lightning fast. The calendar function is something Startmail didn’t even have; Tuta’s is spartan but works great and, as mentioned, is buttoned up securely.
    I had to use K-9 for Linux on Startmail to see my email on my mobile device. Tuta works native like a dream on my Android phone, displays fast with no weird visual anomalies.

    There are refinements I would like to see sooner rather than later (like mail sub-folders) but all things considered, I am really glad I switched from Startmail and I plan to hang in with Tuta to give them time to develop the platform more fully.

    Just a thought on the support: my experience was very different. 24 hour max to respond, with very personable and helpful guidance. I found nothing lacking in their support offerings.

    All in all, I would recommend a pro account, which is a good value for a great product that really does put you and your personal privacy first in their platform principles.

  5. If you sign up for a free account and don’t use it for 6 months, then the account is cancelled and the e-mail address is blocked for further use FOREVER. There is no option for the original holder of the e-mail address to restore and use the e-mail address even if they have all original access (password and recovery code). The terms are not made clear enough in the original sign up process.

  6. general terms and conditions
    substance 4.5
    Tutao has the right to use services of third parties for the service provision at any time and in any amount.
    Now say again: ”best privacy service”…

  7. I used to be a Tutanota Premium user. However, I ultimately switched to Mailfence. I have encouraged many of my five siblings to make the switch from Google to the free version of Tutanota. Try it for as long as they like, then get a premium account if it suits them. After getting 4 of the 5 siblings to switch, we recently had a problem with Tutanota thinking they were spamming. There are seven of us in the email (counting my mom), so this certainly doesn’t constitute spamming. I have come to the conclusion that Tutanota is having some very bad business practices in trying to get free subscribers to pay for a premium account. The one sibling that has a premium account is the only one that did not get a notice about spamming, or “exceeded the limit” and it would be a day or two before they could resume emailing again. I do not recommend Tutanota for free or paid subscriptions because of this devious way of manipulating people.

  8. Have been using Tutanota and Proton for four years. The former’s arrogance and lack of customer support was just too much. There’s basically no tech help unless you’re paying outrageous yearly fees, and any free support entails joining Farcebook, Twitter, or reddit. Recently went to check my Tutanota mail only to get a full page popup whining and crying that my browser was “outdated or not supported” …it worked fine last week …and it works fine for 99% of other sites I visit; so it’s 99-1 nothing wrong with my browser.

    On the other hand, Proton tech help is excellent, giving the same service to free as to pay accounts; you even get follow up messages a couple of days later asking if the issue was resolved. Proton even offers a free version of their VPN. And they’ve never complained about any browsers.

    So goodbye Tutanota, even your free version is overpriced.

Leave a Reply
Your email address will not be published.