Multi-factor authentication is not a luxury anymore, it's a basic necessity for any service that truly puts a high value on privacy.
Our brand-new beta client now supports 2FA with U2F (eg YubiKey) as this is the most secure option and TOTP. More options will follow so let us know which you prefer! :) Please access the new client here: https://mail.tutanota.com/
You can find more details about our new client on our blog: https://tutanota.com/blog/posts/secure-mail-public-beta-release
You can find more details on 2FA in our FAQ: https://tutanota.uservoice.com/knowledgebase/articles/1201942-how-does-two-factor-authentication-2fa-work-in-t
Do you like the improvements of our brand-new beta client? Feel free to upgrade to Premium (it’s only 1 Euro per month) and support our developers! Thank you. :)
We are in July, which is technically past the first part of the year. any update. I can't switch to your service until I can use my yubikey.
Looking forward to this feature.
Is there an update on MFA?
please do sms authentification
Please give various options for 2FA as I would not want to use Google Authenticator. You've already got option to link signup with the device hardware, maybe adding SMS works for those who don't mind receiving cell notifications - there's a raft of options you could offer. What's important is the ability to REMOVE any device that has previously been granted access (this is an option in settings to remove iOS device, but doesn't yet exist for any browser sessions) and to use 2FA for signup on any new device by default. Remember security will be determined by weakest link in the system, so on a shared or group email, whichever recipient has a weak password, or has not been forced to configure 2FA will compromise the group as a whole.
How are the plans for 2FA going?
Hamish MacEwan commented
Big preference for Yubikey/FIDO support. Or BitID, http://bitid.bitcoin.blue/
I note the objection to using a cellphone number for 2-step Authentication, from the other commenters writing here. Good point - what is the alternative ?
Yeah, 2-step Authenticaiton was the only thing that kept me in gmail recently.
Until I found that gmail was not forwarding my business docs to most of my clients and this began to bankrupt me.
So when tuta gets 2-step I will switch completely.
Suggest that teh second step is the choice between a call / SMS to my handy / cell / mobile phone, or a call to my landline.
How will this work internationally ? (I.e. who pays for the call, if I am in the US for example and the call/SMS originates in Europe ?).
Alex T. commented
There's like a little more than a month left before the first half of 2016 is over.
Any status update on 2-FA?
Google Authenticator/Authy with SMS backup please.
Hi, any update on 2factor auth? Thanks!
Can't wait for 2FA! will definitely switch over much more to tutanota after that, maybe even exclusively for work related emails.
Alexander Meister commented
2FA with PGP Message and Public Key, use PGP private key and decrypt the message
SMS and if that's too costly google author would be my preference
YubiKey / FreeOTP would be great!
Integration with Duo Mobile would be nice.
Andrew Law commented
I would like to vote for Google Authenticator please.
I would really like 2FA to be inplemented. Especially Ubikey. I use ubikey for LastPass & a boatload of other accounts I have. Ubikey would be really useful as there is no need multiple 2FA items/apps.
Please support U2F protocol