I suggest you ...

2-factor Authentication

Multi-factor authentication is not a luxury anymore, it's a basic necessity for any service that truly puts a high value on privacy.

1,426 votes
Sign in
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
completed  ·  AdminTutanota Support (Feedback Manager, Tutanota) responded  · 

Our brand-new beta client now supports 2FA with U2F (eg YubiKey) as this is the most secure option and TOTP. More options will follow so let us know which you prefer! :) Please access the new client here: https://mail.tutanota.com/

You can find more details about our new client on our blog: https://tutanota.com/blog/posts/secure-mail-public-beta-release

You can find more details on 2FA in our FAQ: https://tutanota.uservoice.com/knowledgebase/articles/1201942-how-does-two-factor-authentication-2fa-work-in-t

Do you like the improvements of our brand-new beta client? Feel free to upgrade to Premium (it’s only 1 Euro per month) and support our developers! Thank you. :)


Sign in
Sign in with: facebook google
Signed in as (Sign out)
  • ederlf commented  ·   ·  Flag as inappropriate

    Is the YubiKey option only for paid plans? I can only see the option to add TOTP in my current free account.

  • PeekAQuestion commented  ·   ·  Flag as inappropriate

    This may seem strange, but backup codes (optional) could be a benefit, i know i know! but losing the password is one thing, your phone going kaput is another.

    I have alternative methods of getting a password back, but that 2FA. there isn't any. I was all for setting it up, and have, but i realised even one accidental delete and i'm screwed.

    So i'm turning it off atleast for now until some sort of 2FA code backup comes into play.

    Also, in regards to security; a "last unsuccessful login attempt" with a date and time should be displayed in a corner, if there has been no unsuccessful attempts, it just says never.

    Something easy to see as soon as you login.

    In regards to 2FA, i rather like M$ authenticator notification, as rather than just writing in a code (or in M$ case, comparing it), you're getting notified of an attempted login.

  • sizeof(void) commented  ·   ·  Flag as inappropriate

    Google Authenticator implementation is buggy as hell and not working for the iOS App in general ,and at least in my case, not in the browser as well. So I cannot access my mails anymore. Not sure who does need a unreliable email provider. My humble self certainly not!

  • Gabriel commented  ·   ·  Flag as inappropriate


    U2F support has been included (though disabled by default) in Firefox Nightly about a month ago. Since Firefox 57 has reached beta state last week, with only a single preference to switch to enable U2F (about:config -> security.webauth.u2f -> true), would it be possible to add Firefox in the supported browser list ?

    Please note that it works fine on Yubico's test site, and to authenticate to Github as well, so I can only assume that Tutanota client is not checking whether the feature is there but rather filters out some specific user-agents ...

    Thank you very much.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I can't log in anymore because it asks me 'Authenticator code'. Where do I get this code from?

  • Anonymous commented  ·   ·  Flag as inappropriate

    Works like it should. Problem: i can't use iOS and Android client any more. So i think, we need device passwords -- than there would be no need for a new client?!

  • Anonymous commented  ·   ·  Flag as inappropriate

    Happy to see that 2fa is supported. Keep up the great work. I am looking forward to you supporting u2f in Firefox as well.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I would love to upgrade to Premium. Why don't you guys accept bitcoin as payment for the upgrade?

    Currently, you only accept credit cards or Paypal. Those that come here would like to stay private.


  • Anonymous commented  ·   ·  Flag as inappropriate

    How to prevend the 2nd factor to give away privacy?

    I mean, google uses a phone number (that destroys your privacy) how does tutanote want to implement 2 factor auth?

    just curioes,

  • Alper commented  ·   ·  Flag as inappropriate

    Google Authenticator and Authy very useful, it would be nice if it matched

  • mf commented  ·   ·  Flag as inappropriate

    yawn... it's like what... 2 years since you;re planning 2FA? nothing new in beta either. seriously...

  • Anonymous commented  ·   ·  Flag as inappropriate

    is it possible to add in the IOS Apps.... to have a password for open the apps..?? Something alike the Apps PCloud drive (exemple)... I hope because I love tutanota email...

← Previous 1 3 4 5 6 7

Feedback and Knowledge Base