Multi-factor authentication is not a luxury anymore, it's a basic necessity for any service that truly puts a high value on privacy.
Our brand-new beta client now supports 2FA with U2F (eg YubiKey) as this is the most secure option and TOTP. More options will follow so let us know which you prefer! :) Please access the new client here: https://mail.tutanota.com/
You can find more details about our new client on our blog: https://tutanota.com/blog/posts/secure-mail-public-beta-release
You can find more details on 2FA in our FAQ: https://tutanota.uservoice.com/knowledgebase/articles/1201942-how-does-two-factor-authentication-2fa-work-in-t
Do you like the improvements of our brand-new beta client? Feel free to upgrade to Premium (it’s only 1 Euro per month) and support our developers! Thank you. :)
Is the YubiKey option only for paid plans? I can only see the option to add TOTP in my current free account.
This may seem strange, but backup codes (optional) could be a benefit, i know i know! but losing the password is one thing, your phone going kaput is another.
I have alternative methods of getting a password back, but that 2FA. there isn't any. I was all for setting it up, and have, but i realised even one accidental delete and i'm screwed.
So i'm turning it off atleast for now until some sort of 2FA code backup comes into play.
Also, in regards to security; a "last unsuccessful login attempt" with a date and time should be displayed in a corner, if there has been no unsuccessful attempts, it just says never.
Something easy to see as soon as you login.
In regards to 2FA, i rather like M$ authenticator notification, as rather than just writing in a code (or in M$ case, comparing it), you're getting notified of an attempted login.
Thanks for your feedback regarding the creation of the second factor! We already contacted you and resolved your issue.
Google Authenticator implementation is buggy as hell and not working for the iOS App in general ,and at least in my case, not in the browser as well. So I cannot access my mails anymore. Not sure who does need a unreliable email provider. My humble self certainly not!
U2F support has been included (though disabled by default) in Firefox Nightly about a month ago. Since Firefox 57 has reached beta state last week, with only a single preference to switch to enable U2F (about:config -> security.webauth.u2f -> true), would it be possible to add Firefox in the supported browser list ?
Please note that it works fine on Yubico's test site, and to authenticate to Github as well, so I can only assume that Tutanota client is not checking whether the feature is there but rather filters out some specific user-agents ...
Thank you very much.
@Anonymous: You must have enabled two factor authentication via TOTP. Please use the TOTP code to authenticate.
I can't log in anymore because it asks me 'Authenticator code'. Where do I get this code from?
Works like it should. Problem: i can't use iOS and Android client any more. So i think, we need device passwords -- than there would be no need for a new client?!
Happy to see that 2fa is supported. Keep up the great work. I am looking forward to you supporting u2f in Firefox as well.
I would love to upgrade to Premium. Why don't you guys accept bitcoin as payment for the upgrade?
Currently, you only accept credit cards or Paypal. Those that come here would like to stay private.
Google Authenticator / Free OTP
Google Authenticator please
How to prevend the 2nd factor to give away privacy?
I mean, google uses a phone number (that destroys your privacy) how does tutanote want to implement 2 factor auth?
Google Authenticator and Authy very useful, it would be nice if it matched
i suggest 2-factor Authentication with FIDO U2F Keys
>Planned for 2017
But specifically when? June 2017? Thanks.
yawn... it's like what... 2 years since you;re planning 2FA? nothing new in beta either. seriously...
is it possible to add in the IOS Apps.... to have a password for open the apps..?? Something alike the Apps PCloud drive (exemple)... I hope because I love tutanota email...
Yay, I will sign up as soon as you offer 2FA!