All-round encryption, no tracking, open source - there are lots of factors that make Tutanota the most secure email provider in the world. Explore Tutanota's security features in detail and learn how its various security measures protect your sensitive data.
When evaluating the security and privacy of any online service, always ask yourself the following questions:
Who pays for it? The users or the advertisers? If the answer is "the advertisers", the service can never offer a truly secure and private solution. Its top priority is the advertisers’ interest by helping them to identify target audiences based on users’ data and to serve them ads. Protecting users' privacy always comes second with such a business model.
Who controls the tech stack? This is a very technical but crucially important question. If a service uses third-party 'tech' such as Dovecot, Roundcube, Google reCaptcha or Google Push, you know for sure that security and privacy cannot be its core priority as the provider knowingly leaks information to others - without warning the users about this. This is another reason why you should choose a service that is open source and doesn’t rely on integrations with closed-source software.
What data is encrypted end-to-end (E2E)? Many providers claim that their service provides secure email and that the data stored with them is 'encrypted'. What makes this question so important is how is the data encrypted? Because only when data is encrypted end-to-end, it is truly inaccessible to the online service as well as to other third parties. Only then the service can be considered as offering secure email. That's why simply "encrypting" data is not sufficient, the data must be encrypted end-to-end.
Many email services, even secure ones, use third-party tech like Dovecot, Roundcube and others to build their own products. Every time a so called secure service uses third-party applications, it becomes more difficult to secure said service. The reason is simple: Every service included in the code executes code. Any services' security can't get better than that of its dependencies. Every dependency to third party code must be maintained and security updates need to be applied immediately. In addition, every third-party service can potentially track the users, send data to its own servers etc. That’s why we at Tutanota only use open source code that we have vested ourselves before using it. This way we make sure ourselves that the open source tools Tutanota does use are secure: We regularly run security reviews of these tools as well as of our own clients, for instance when we pushed our desktop clients out of beta.
Of course, we at Tutanota can't re-invent the wheel either. But we have built our entire clients - web, Android, iOS, and all desktop clients - on our own. Plus, we have a strong focus on security in our whole development workflow. All developers share the same DNA: privacy and security first.
One main differentiation of Tutanota is that we build all major parts of Tutanota ourselves, even outside of the core email functionality such as our captcha, our push notification service on Android and more.
Only with open source - of our own clients and of the software that Tutanota depends on - tech-savvy people can audit the code and verify that Tutanota is doing what we promise: Securing your private emails to the maximum.
Check here why we recommend to choose our secure desktop clients for Linux, Windows and macOS and why it is so important that we have built our own open source captcha as well as an alternative to Google Push on Android.
We follow the concept of “security first”.
When offering a secure email service, people trust that your security is bullet-proof. To us, this means that there can never be a compromise when it comes to security. Security must be baked into the code so that you can easily add usability on top of that - not the other way around.
This concept of "security first" has led to several development decisions that today guarantee the top-notch security of Tutanota:
We do not use PGP, but a slightly different implementation of AES and RSA, which lets us encrypt much more data (subject lines) as well as encrypt all other features that we add to Tutanota such as contacts and calendars - which are all 100% encrypted. Plus, we can easily upgrade to post-quantum secure algorithms and enable perfect forward secrecy.
We do not search through your data on the server because it is encrypted there. Instead Tutanota builds an encrypted search index, which is stored locally on your device or in your browser and searched there. This enables you to search through your entire emails (sender, recipient, subject line, body, attachment) locally while protecting your privacy.
We do not offer IMAP as it would only work if we sent decrypted data to your device. Instead we have built our own open source desktop clients, which store your data encrypted. The desktop clients are also signed so that everyone can verify that the client is running exactly the same code as the code published on GitHub.
When you create a secure email address with Tutanota, you can be sure that your data is kept secure.
Encrypted mailbox, calendar, contacts.
From the start, we at Tutanota made sure that as much data as possible is E2E encrypted. Tutanota was the world's first end-to-end encrypted email provider and, to this day, it is the email service that encrypts more data than any other.
Tutanota encrypts all data by default: Email, calendars, contacts. The end-to-end encryption provided by Tutanota ensures that your data is secure and private, even if it falls into the wrong hands.
Tutanota's servers only store the encrypted data, and the decryption key is only available to the user. This ensures that even if your internet connection was intercepted or in the extremely unlikely scenario that someone were to hack our servers, your data remains secure.
With its built-in encryption Tutanota makes security easily accessible to private users and businesses all over the world. To decrypt your data, you simply login to your secure email address with your password, that’s it. You can easily login via a web browser, via the Tutanota apps for Android and iOS, or via the Tutanota desktop clients for Windows, macOS and Linux.
How to send a secure email to anyone.
Tutanota lets you send secure emails (E2E encrypted) to anyone with a shared password. This means that the message is encrypted on the sender's device and can only be decrypted by the recipient's device. You can easily exchange sensitive conversations or files online, knowing that all data sent via Tutanota is securely encrypted end-to-end. You can easily send encrypted emails to external recipients by defining a password. The password is valid for all emails that you exchange with this person, there’s no need to define a new password for each email like with other secure providers.
Tutanota comes with an end-to-end encrypted calendar that lets you schedule and store all your appointments confidentially. Our calendar is an outstanding achievement because not only all data is encrypted, but also the reminders are E2E encrypted. Even the time when a notification is sent to the user is obscured from our servers so that we remain in the dark about all our users’ appointments.
Securing the email protocol
When sending emails with Tutanota, you have clearly chosen the most secure option as Tutanota allows to automatically encrypt emails end-to-end.
However, sometimes you might want to send and receive unencrypted emails to and from contacts that don’t use Tutanota, when sharing a password with them would be inconvenient. It is much harder to secure these emails because in such a case the email provider can only encrypt the transmission - not the data itself. Besides that, other services are involved, like the recipient’s email provider, which need to make sure that the transmission is completed securely.
To secure unencrypted emails as well as possible, we adhere to the highest possible standards of the SMTP email protocol.
Tutanota supports MTA-STS. This standard should be supported by all email services by now because it is to an email what strict HTTPS is to a website: It enforces transport encryption (TLS) whenever TLS is possible.
Tutanota also supports SPF, DKIM and DMARC. These three protocols are necessary to harden the infrastructure against intrusion from phishing and spam emails.
Tutanota uses strict CSP (Content Security Policy), an HTML sanitizer for showing unknown content (in emails) to prevent XSS-attacks, and, by default, does not load external content from other servers (pictures and videos in emails). The user can choose to have external content shown with a single click or tap, if they trust the sender.
Check here to see how well Tutanota scores on Securityheaders.io.
Tutanota never transmits your password to the server.
When you login to your secure mailbox, Tutanota hashes and salts your password before transmitting the hash to our servers. It is impossible to derive the actual password from this hash, so no one can know your password, not even we at Tutanota. To protect your password, we use bcrypt and SHA256.
Tutanota also provides two-factor authentication (2FA) to add an extra layer of security. To secure your login credentials, you can use TOTP or U2F. We recommend using U2F with a security device as this is the most secure form of two-factor authentication. This ensures that only the authorized user can access their account.
Tutanota uses a zero-knowledge architecture, which means that the user's data is never stored in plain text on Tutanota's servers. Tutanota's servers only store the encrypted data, and the decryption key is only available to the user. This ensures that even if Tutanota's servers are hacked, the data remains secure.
The European GDPR requires companies to secure emails containing sensitive data of EU citizens. Businesses are required to safeguard personal data, even when in transit.
You can now save time and money by hosting all your business emails encrypted on Tutanota's secure servers. With Tutanota, there is no need to use a plugin or a complicated encryption software on top of a bloated enterprise email solution that used to be a good fit for businesses a decade ago.
Email encryption guarantees GDPR compliance, and Tutanota offers the most secure email solution for businesses with full GDPR-compliance.
Tutanota follows the principles of data minimization & privacy by design.
We are responsible for the protection of your personal data, and we take this responsibility very seriously. Therefore:
Tutanota is based on the data privacy principles of "data minimization" and "privacy by design".
All user data is stored end-to-end encrypted in Tutanota (except for metadata such as email addresses of senders and recipients of emails as this information is needed by the email protocol to deliver the email to the correct address).
We have technical and organizational measures in place which protect your data to the maximum extent.
Tutanota provides an Order Processing Agreement with legally binding data protection guarantees to help you demonstrate your compliance with GDPR.
Please read our full privacy statement for details.
Our built-in encryption and the fact that we enable you to send an encrypted email to any recipient in the world make Tutanota a perfect fit when looking for the best secure email for your business. Tutanota helps you easily send sensitive personal data end-to-end encrypted, thus, making sure that your company is GDPR-compliant.
Read on our blog to find out how Tutanota can help your business achieve GDPR-compliance.
Germany has one of the strictest data protection laws.
Data privacy regulations in the European Union (EU) are among the strictest in the world, and among all European member states, Germany has one of the strongest policies: the Federal Data Protection Act (Bundesdatenschutzgesetz). The EU General Data Protection Regulation (GDPR) was in large parts designed based on the German Federal Data Protection Act.
This law protects users of internet services. It puts the user in charge of what should be done with their data: Companies (=we) are not allowed to collect any personal information without express permission from an individual (=you), (e.g. name, date of birth, IP address).
In addition, in Germany there is no law that could force us to submit to a gag order or to implement a backdoor.
Tutanota stores all data encrypted in highly secure data centers in Germany.
All data in Tutanota is stored end-to-end encrypted on our own servers in ISO 27001 certified data centers in Germany.
No one has access to our servers except our permanent administrators, who need to pass multiple-factor-authentication before gaining access. All productive systems are monitored 24/7 for unauthorized access and extraordinary activity.
Tutanota is an anonymous email service that does not track you.
Our business model is different from most email services: Due to the encryption, we can not scan your emails. We do not track you. We do not send targeted advertisements to your mailbox. This means that your data is not used for any other purpose than to provide email and calendar services. This ensures that your data is never shared with third-party advertisers or other entities, which could compromise your privacy.
By default, Tutanota does not log IP addresses when you login or when you send an email. Upon registration you do not need to provide any personal data (e.g. no phone number is required), even when you register via the Tor browser. Tutanota strips the IP addresses from the mail headers in the emails sent, so that your location remains unknown. Despite all these protections, you might still want to keep your IP address hidden even from us, which is why we will never add a VPN or a browser to our offer. Offering a VPN does not make any sense. Because if we did, we as the email provider would still be able to find out the users’ original IP addresses, if the connection were to be made via this VPN. For privacy reasons, it is better to keep the two services separated.
Tutanota is an email service built with privacy at its heart.
Companies love email for marketing campaigns. Because email by default does not respect your privacy. When you receive a marketing newsletter, the email usually loads external content (e.g. images, videos). In this instance you are being tracked: IP address, browser you are using, and more information is being transmitted to the sender.
Tutanota offers an email service that automatically protects from those tracking methods:
Tutanota blocks images by default. No external content is loaded when you open an email unless you actively allow this.
Tutanota strips all header information (IP address) from emails sent to protect your privacy.
Tutanota warns you when the technical sender differs from the from sender. To fake the from sender is a typical method used in phishing attacks. On our blog you can find more tips on how to prevent email phishing.
Check if anyone has accessed your encrypted Tutanota mailbox.
Tutanota lets you check active and closed sessions as an opt-in feature. This allows you to verify that no one but yourself has logged into your account. Closed sessions are automatically deleted after one week. Tutanota’s session handling also enables you to close sessions remotely. When you lose your mobile phone and you are still logged in with the Tutanota app, you can close this session from any other device. By closing the session remotely, you make sure that no one can access your secure emails on the lost phone.
IP addresses of open and closed sessions are always stored encrypted and automatically deleted after one week. Due to the encryption only you can access this information. We at Tutanota have absolutely no access to this information.
Free and open source emails for everyone.
Tutanota focuses on security and privacy. To us, open source is essential to achieve both. We have published the Tutanota web client, the Tutanota desktop clients as well as the Android and iOS apps as open source software on GitHub.
This way everyone can check the code and verify that there are no bugs or security vulnerabilities in the code base. By being open source potential issues can be noticed and fixed much faster than it is the case with closed source applications.
Tutanota is different from most email providers: When we first started developing Tutanota, we started with the encryption protocol. While most services first build a product and then try to add security on top, we did it the other way around: Security came first, and it always comes first in all our development decisions.
This is why Tutanota excels in security and privacy. With its end-to-end encryption, two-factor authentication, open source code, and zero-knowledge architecture we ensure that your data is secure and private, whether you use Tutanota as your business email of choice or as a private user.