While Tutanota doesn’t use PGP, you can use a password for encrypting emails, and Tutanota external recipients can access the entire email thread via the shared password, while recipients of encrypted messages from Proton Mail are limited to just seeing one message.
Not only that, but because Tutanota doesn’t use PGP, it encrypts not just the bodies and attachments of emails but also the subject line, which can contain very sensitive information. Additionally, the encryption protocols used in Tutanota enable Tutanota to easily upgrade to new algorithms and add support for Prefect Forward Secrecy.
It also allows Tutanota to encrypt things such as the entire address book and calendar metadata like calendar notifications. Meanwhile, Proton Mail doesn’t do that.
Additionally, Tutanota is working on a research project to replace the current algorithms with quantum-secure ones, and their post-quantum prototype is already able to support Perfect Forward Secrecy.
Most of the people in my life and most of the people in general don’t even know what PGP is. Even if they do, it’s much easier and more user-friendly for non-technical people to use a password for decrypting emails, with the benefit that the subject line will be encrypted too, not only the email body and attachments.
Tutanota developed their own open-source alternative to reCAPTCHA, while Proton Mail uses a closed-source third-party implementation.
Tutanota has published their app on F-Droid, and it comes with a notification implementation that doesn’t rely on Google, whereas with Proton, you can only get it from the Play Store or from their GitHub repository (I have noticed that their GitHub releases are usually behind Play Store releases), and even if you obtain their app from GitHub, you will not have notifications, even though people asked for this for YEARS and Proton said that they’re working on this YEARS ago.
Tutanota is an absolute godsend for those who need anonymity and use Tor, and here is why:
Proton always asks for a phone number or an email address when trying to register over Tor.
The Skiff Mail app didn’t work for me at all when using Tor.
Meanwhile, Tutanota is my go-to email provider when I want to create an anonymous identity because it works every time. The worst thing that I remember happening is that I got a suspension and had to wait some hours to be able to use my Tutanota account, but I experienced that a long time ago.
- You can use Monero to pay for Tutanota, whereas with something like Proton, you can only use Bitcoin or cash (other options aren’t private).
The only private method that of payment that mailbox.org has is cash by mail and guess how many people use or will use that.
- Tutanota has open-source desktop clients, unlike mailbox.org and Proton.
“But you can use a bridge”
Yes you can but here are the drawbacks:
By using a bridge, all data is stored unencrypted in the third-party email client. Tutanota aims for a solution where all data is always stored securely encrypted, even on your own devices. Their desktop clients do exactly that and make the data also available when offline.
IMAP and SMTP are not the most efficient protocols, especially when it comes to push notifications or attachments to emails (which are encoded into the body).
By improving their desktop clients, they serve you much better than by spending time developing and maintaining three bridges for Linux, Windows, and macOS.
Proton doesn’t offer Proton Mail Bridge on the free plan so you’re stuck in the web browser if you don’t pay.
When creating a Tutanota account, there is an option to generate a password, which is a 6-word diceware passphrase, and I find this really useful.
With Tutanota, you can use your security keys normally.
With Proton, you have to use both TOTP and FIDO2 or U2F.
Mailbox.org supports two factor authentication for their webmail only. You can use either TOTP or a YubiKey via the YubiCloud. Web standards such as WebAuthn are not yet supported.
Tutanota uses 100% renewable electricity for all its servers as well as its offices.
Special offer for NPOs.
With all of this I don’t see why Tutanota is at the very bottom of email recommendations and options like Proton and mailbox.org are at the very top because of PGP.
I would like the PG team to elaborate on why exactly Tutanota is at the bottom of the recommendations page and why exactly options that use PGP are at the very top, like they’re superior because of it (even though I think that it’s the opposite, but that’s just me).
I used this article by Tutanota as a foundation for this post: Protonmail vs. Tutanota: Email comparison
Edit: I added some more things.