Secure your emails, secure your online identity
For most people, email accounts are the gate to your online identity: Amazon, Facebook, Twitter - all of these services are linked to your email account. And, unfortunately, all of these services provide a password reset feature via email.
This poses a severe threat to your entire online identity: Should malicious attackers gain access to your email login, they can request a simple password reset for lots of services, thus, taking over your entire online identity.
In this quick guide, we explain how you can keep your email account safe from malicious attackers with three easy steps, whether you are a normal internet user or a prominent target.
How to keep your emails safe from hackers?
- Choose a strong password.
- Use two-factor authentication (2FA).
- Choose an email service without password reset via email.
1. Choose a strong password
The most important part of securing your email account is securing your login data. For this, you need to choose a strong password. Tutanota is one of the few services that allows an unlimited length of passwords. Upon sign-up, Tutanota also checks whether your password is strong enough so that it can't be broken by brute-force attacks.
2. Use two-factor authentication (2FA)
Once you have chosen a strong password, enable 2FA to protect your login to the maximum. Tutanota supports U2F (second factor with a hardware token) and TOTP (second factor with an authenticator app). Tutanota does not support second factors via SMS as these are considered not secure enough.
We strongly recommend to use U2F (a hardware token such as YubiKey) as this is the most secure option.
3. Choose an email service without password reset via email
As already explained, password resets via email are one of the biggest threats to your online security. This reset feature makes it very easy to take over your accounts with a targeted attack, such as a smartly crafted phishing email.
Tutanota does not offer an email reset feature as we strive to keep your account secure under all circumstances.
To make sure you never lose access to your secure Tutanota mailbox, please write down your recovery code and store it somewhere safe.
All data encrypted everywhere
1. Tutanota encrypts emails and contacts automatically
Tutanota is the most secure email service because it takes your security into consideration at all ends. Tutanota encrypts your entire mailbox - emails and contacts - automatically on all devices. Wherever you use Tutanota, your private data is always secure.
2. Dedicated desktop apps to guarantee security
Tutanota does not support IMAP/Pop3 because emails retrieved via IMAP/Pop3 would be stored unencrypted on your device. Instead, Tutanota offers dedicated and open source desktop clients for Windows, Linux and Mac OS. Tutanota also comes with open source apps for Android and iOS. The Tutanota desktop clients and mobile apps work just as easy as Tutanota's encrypted webmail client, which enables you to access to your encrypted mailbox securely wherever you are.
3. End-to-end encrypted emails made easy
Tutanota does not only store all your data encrypted, it is most famous for offering a very easy option to send end-to-end encrypted emails to any email address in the world. This is very important because normal emails can be intercepted and read by third parties as easily as a postcard can be read by others. Whenever your email contains sensitive data that should not be published in the newspapers tomorrow, we recommend to encrypt your emails end-to-end.
4. Encrypted search to protect your privacy
Most services handle search on the server because they do not encrypt your data. This is insecure because it requires for the data to be accessible by a server that you as the user have no control over. Instead, Tutanota searches your encrypted data locally on your device. This innovative feature stores an encrypted search index on your device, which cannot be accessed by us or by any other third party.
5. DANE support to prevent man-in-the-middle attacks
As a forerunner in email security, Tutanota was one of the first email providers to implement DANE support. The technology DANE is an SSL extension that makes websites independent of Certificate Authorities and prevents man-in-the-middle attacks. Read here how to install the DANE browser plugins.
Register your own encrypted mail account now. When switching to Tutanota, you'll find that securing your emails is much easier than expected. Read here why it's time to leave Google behind and be sure to check our security comparison between GMX and Tutanota.
Recommended for further reading: How to prevent email phishing attacks. Here's how to keep your mailbox safe.