-
Pros
- Encrypts entire messages, including subject and headers
- Code is entirely open source
- Free tier has no message limits
- Full-fledged calendar
- Secure search of encrypted messages
-
Cons
- Email alias system limited
- Searching encrypted messages can hog disk space
Tuta Mail Specs
| Non-PGP Encryption | |
| PGP Encryption | |
| Supports Rich Text Messages | |
| Two-Factor Authentication |
Email was invented by academics to promote the free flow of information. They didn’t give any serious thought to preventing the wrong kind of access. Those early emails were about as private as thumbtacking a note to your addressee on the lab bulletin board. Gmail and other modern email systems at least apply basic HTTPS encryption, but they don’t truly protect your privacy. For email that nobody but you and your correspondents can read, you need a dedicated email encryption service like Tuta Mail (formerly Tutanota). It’s a serious contender, though our Editors’ Choice winner Proton Mail does an even better job. If you want encryption without changing your email address and without cost, PreVeil is our other Editors’ Choice winner.
How Much Does Tuta Mail Cost?
Tuta Mail is free for personal use, though you must accept a few limitations. The free edition lets you send and receive all the secure messages you want, and it includes a secure calendar. Searching encrypted email is limited—with the free edition, you can only search messages up to a month old. Paying 36 euros per year for a Revolutionary subscription ($38.65 as of this writing) removes that search limitation, lets you have multiple calendars, and adds features including filtering rules and 15 alias email addresses (more about those later). It also raises the storage for your messages from 1GB to 20GB.
If you love the program and want more, a Legend-level subscription costs 96 euros per year ($103.08 at present). This upgrade doesn’t add features; rather, it raises limits. Storage goes from 20GB to 500GB, and you get 30 email aliases rather than 15. Those savvy enough to make use of custom domains can manage 10, compared with three for the lower paid tier. And you get priority support.
Preveil and Virtru are totally free, while SecureMyEmail is slightly cheaper than Tuta Mail at $29.99 per year. StartMail will run you $59.88, and Private-Mail costs $69.99 per year. Proton Mail costs $47.88 per year at the Plus level, or $119.88 annually for Unlimited, which gets you all of Proton’s products including the award-winning Proton VPN.
Proton Mail and Private-Mail each offer free tiers, with limitations. With a free Proton Mail subscription you can send 150 messages per day, with 500MB of storage for your inbox. There’s also a limit on folders and tags. A free Private-Mail account comes with just 100MB of inbox storage, plus 100MB of storage for encrypted files. Paying for Private-Mail raises these limits and enables the use of identities (parallel to Tuta Mail’s alias feature). With any of these products, you’re wise to start with a free subscription and convert to a paid account only after you’re sure it’s a fit.
Encrypt Everything, Openly
Every encrypted email service must store your messages in encrypted form, only applying decryption when you need to view them. The encryption system must be zero-knowledge, meaning that even if the Department of Justice crashes in waving subpoenas, the provider can’t view or share your data. The process of sending and receiving emails is encrypted as well. But that’s just the beginning when you're using Tuta Mail.
(Credit: Tuta Mail/PCMag)Tuta Mail encrypts all stored contact information, except when it’s being used to direct a message to a contact. It even encrypts the headers and subject lines of your messages.
An encryption system that relies on a top-secret proprietary algorithm is a ticking time bomb. If some clever hacker reverse engineers the algorithm, that system is suddenly wide open. A truly secure system performs its protective tasks even when everyone knows exactly how it works. Tuta Mail’s various algorithms are open source, meaning anyone can view and review exactly how they work. Putting more eyes on the code makes it less likely that any security flaws slip past.
Unusual Email Search
With Gmail, Yahoo, and other non-encrypted email systems, you can easily search and find old messages. When did I send that invoice? Do I have a reply showing that it was received? This sort of search is typically a server-side operation, so it doesn’t matter what device triggers the search.
Here’s the catch: In a proper zero-knowledge encryption system, there’s no way to see message content on the server, much less search it. Secure search is necessarily a local affair, and it’s not easy. Tuta Mail creates a local encrypted index of your emails and uses that index to perform your searches. The service warns that the index files can be large.
(Credit: Tuta Mail/PCMag)While the server doesn’t participate in search or indexing, the process of building the index requires a lot of back-and-forth with the server. Busy servers cost money, which is why Tuta Mail’s free edition indexes only the past month’s messages. With a premium subscription, you can search your entire store of messages.
Getting Started With Tuta Mail
Preveil and Virtru Email Protection for Gmail work with your existing email—in fact, Virtru only works with Gmail addresses. Most secure email products instead require that you spin up a pristine new account for your encrypted messaging. Tuta Mail falls into the latter camp. To sign up, you simply choose your username. The signup page lets you know if the name you’ve typed is available. For example, I found that I couldn’t get neil@Tuta.com—some other Neil got there first! But I had no trouble choosing neilr or neilj.
After you create your account, Tuta Mail displays a lengthy recovery code and advises you to store it in a safe place. If you forget your password or lose your multi-factor authentication device, you can regain access to your account with the code.
(Credit: Tuta Mail/PCMag)Note that with a free account, you don’t give any information at all to Tuta Mail. No address, no credit card, no emergency email contact. You’re as anonymous as can be. As noted, you can upgrade that free account to Premium once you’ve confirmed that you like the system. If you jump straight to signing up for a Premium account, the onboarding process naturally requires a credit card number.
Hands On With Tuta Mail
Once you’ve logged in, Tuta Mail looks much like any other web-based email system. You see the typical list of folders (Inbox, Drafts, Sent, Trash, and so on) at the left, with the contents of the selected folder in the middle and a preview of the selected message at the right. A thin strip at the left edge holds a menu of icons representing help, settings, and more.
Dark mode is all the rage these days, and Tuta Mail goes with the flow. By default, it matches the system light or dark theme, but you can tweak a setting to force it one way or the other.
(Credit: Tuta Mail/PCMag)As with most encrypted email systems, sending a message to another user of the system is a snap. When you’ve entered the email address (or selected it from your Contacts), the app reports, “This message will be sent end-to-end encrypted.” Like most encrypted email servers, Tuta Mail offers a full WYSIWYG editor. Private-Mail is an exception; its encryption system strips out all formatting. You compose your Tuta Mail message, add any attachments, and send it off. It’s just like using any webmail system, except that your communication is encrypted seven ways from Sunday.
Encrypted email systems have different ways of handling messages outside their own network. With PreVeil, the recipient must set up a free account to read the messages. Proton Mail and StartMail use a simplified encryption system for outside messages, one that requires you to convey a password to the recipient using a channel other than email. Tuta Mail falls in the latter group, but it makes the process as easy and secure as possible.
(Credit: Tuta Mail/PCMag)The app requests a password when you compose a message to an outside address. Before sending the message, you transmit that password using a text, a phone call, an encrypted Signal message, or whatever means suits you best. Tuta Mail stores the password securely along with the Contact card for the recipient.
Your correspondent receives a notification that an encrypted message is available, with a link to view it online. The link opens what is, in effect, a stripped-down version of Tuta Mail. The full WYSIWYG editor is available for secure responses, as are the Inbox, Drafts, Sent, and Trash folders. But that’s the extent of it.
(Credit: Tuta Mail/PCMag)If you’re going to use Tuta Mail with a friend regularly, you’ll have a better time if they sign up for a free account. Clicking the share icon in the left-rail menu brings up a boilerplate message explaining Tuta Mail, with a link to sign up. You can send the message as-is or edit it to make it more personal.
Proton Mail and StartMail use Pretty Good Privacy (PGP) for their message encryption. With these two, you can send secure email to any PGP user after an initial key exchange. Tuta Mail does use PKI (Public Key Infrastructure) encryption, but the PGP implementation doesn’t permit the total end-to-end encryption that Tuta Mail’s designers require. In truth, I doubt many consumers have the skills to connect an email encryption system to another implementation of PGP.
Multi-Factor Authentication
There’s no point in going to the trouble of using an encrypted email system if you don’t take care to secure your account. For starters, your password should be lengthy and unguessable. Just use your password manager to generate a random password like I=d%j5@3{Rn]MIv1WA09.
It’s conceivable, though, that even a super-tough password could be exposed, perhaps in a data breach. Like Private-Mail, Proton Mail, and StartMail, Tuta Mail offers multi-factor authentication. For maximum security, you should dig in and link Tuta Mail with Google Authenticator or a compatible authentication app. To register your app, click the Settings gear in the skinny left-rail menu, then select Login from the list of settings choices. Click the plus sign below the second-factor authentication label. Snap the QR code with your app or enter the secret key, and then you enter the resulting six-digit code back in Tuta Mail. From then on, logging in requires both your master password and a code from the app.
You can also choose to authenticate using a hardware security key. Doing so is a simple matter of inserting the key in a USB slot and touching its button. This lets Tuta Mail memorize the key’s details and use it for authentication going forward. If you want to use this type of authentication with your mobile devices, you’ll need a security key with mobile capabilities, such as the Yubikey 5Ci.
(Credit: Tuta Mail/PCMag)Tuta Mail lets you configure multiple security keys and enable both types of multi-factor authentication at once. In that case, it first asks for the security key but accepts the six-digit code if you cancel security key authentication. Whichever multi-factor option you choose, the application strongly advises that you record the new recovery key generated at this time so you can regain access if you lose your second factor.
A Full-Fledged Calendar
Every ordinary webmail service seems to come with a calendar. It makes sense, in a way. If you get an emailed meeting invitation, it's awfully convenient to put it on your calendar with just a click. Tuta Mail has a built-in calendar, too, and it's encrypted to protect your schedule from snoops. Do you really need protection from calendar snoops? Probably not, but having a calendar with your email is very handy, and since the email is encrypted, so is the calendar.
Even a free Tuta Mail account comes with a calendar. Your paid account lets you create multiple calendars. Paying customers gain the option to share calendars on a read-only, read-write, or fully managed basis.
(Credit: Tuta Mail/PCMag)If you’re moving from another calendar system, Tuta Mail can import from various standard calendar-sharing formats. It supports all-day events, repeating appointments, and all the features you’d expect.
Private-Mail also includes a calendar, which works fine on a single device. However, we found the machinations required to sync the calendar across multiple devices to be beyond the skills of the average user.
Email Aliases and Inbox Rules
Your paid Tuta Mail account lets you define up to 15 email aliases at the Revolutionary level or 30 at the Legend level. These are alternate addresses that all feed into your Inbox. At first, I figured this to be a kind of temporary email address system, but it’s not practical for that purpose.
A true disposable email address (DEA) system like ManyMe or Burner Mail lets you generate a new email address for every online interaction. The online merchant or other contact never sees your true email address. And if you start getting spam on one of your DEAs, you can just disable it.
(Credit: Tuta Mail/PCMag)With Tuta Mail, you choose your own email aliases. As with selecting your main Tuta email, these must be unique within the system. Once chosen, they’re locked in. Even if you disable an alias, it still counts against your total. The company suggests using aliases to do things like separate work and home emails, or have emails triggered by a newsletter go to a newsletter-specific alias.
The similar feature in Private-Mail limits you to five email identities, or 20 if you spring for the very expensive Pro edition. StartMail lets you create unlimited random or custom identities, with the option to set an expiry time from an hour to a month.
(Credit: Tuta Mail/PCMag)Inbox rules are another premium feature. You can create rules to divert messages to specific folders based on words found in the subject line or header, or based on who’s in the Sender, To, Cc, or Bcc fields. For example, I created a rule to send any message with “webinar” in the subject directly to trash. Really, I doubt many will use this feature.
Other Platforms
On the desktop, Tuta Mail functions entirely within the browser, so it doesn’t matter whether you’re using macOS or Windows. There is also an Android app and an iPhone app.
When I installed the app on an Android device and went to log in, I worried a bit about multi-factor authentication. The Yubikey I used wasn’t one of the modern ones with NFC connectivity, and my test Android definitely doesn’t have a big old USB slot. I needn’t have worried. The app asked for the six-digit Google Authenticator code, but also allowed me to authenticate by approving the new device from an existing Tuta Mail session.
(Credit: Tuta Mail/PCMag)On Android, the app looks and acts almost exactly like the web-based version, with reasonable accommodations. The list of messages in the selected folder becomes the main view, with the folder list and left-rail menu available at the tap of an icon. Tapping a message opens it so you can view or reply. Even the settings are almost all the same (though you can’t configure the use of a security key for authentication). The iOS edition likewise matches the web-based version as closely as possible.
Verdict: Tuta Mail Is Worth a Try
For seriously end-to-end encrypted email, Tuta Mail is a fine choice. You can spin up a free account to see how it suits you and only pay if you find you want premium features. Even then, it costs less than most competitors. You pay a little more for Proton Mail, but you also get more. For example, Proton Mail offers actual temporary email addresses and can optionally link to Proton’s award-winning VPN and other apps. PreVeil, by contrast, doesn’t cost a thing, and doesn’t make you switch to a new email address. These two are our Editors’ Choice picks for encrypted email, but Tuta Mail is definitely worth consideration.