We need a system for recovery/ reset password
we need a recovery system so incase we lose our password we are able to get our account back and it would make tutanota more reliable and gain more users knowing that if something happens to our account we can recover our email
Currently it is impossible to reset your Tutanota password as standard resets with sending an email to a separate email address are insecure and would open an attack vector to third parties (and to us) to take over your account.
Basically, for such a reset via email we would have to store your password in plain text on our servers, which would make all the encryption pointless. Instead, we go to great lengths to secure your password so that no one can access it. You can read more on our encryption process on our blog: https://tutanota.com/blog/posts/innovative-encryption
As we at Tutanota promise security and privacy, your password must be protected at all costs, and this is why up to now Tutanota did not support a standard password reset.
However, we understand how important it is to get back into your account in case you have lost/forgotten your password.
We have now started to implement a secure password reset that will enable YOU to reset your password, leaving us with no access and no possibility to take over your account.
This feature can be tracked here: https://github.com/tutao/tutanota/issues/233
If you like the security and privacy you get with Tutanota, please upgrade to Premium or donate here: https://tutanota.com/community#donate
Thank you very much,
your Tutanota Team
i need to log in !!! commented
I am sure I remember my password correctly, but I cannot sign in. I already used my mail for many open source services and now I can't use those. What a mess
i am finding it very hard to snig up to tutabota .com email am i a lone with this?
Does anybody know the possible release date? I just changed my password because of the problem with the app and I forgot it... It's been like 3 weeks without my emails and I feel desperate.
I'm unable to access my account, even though I've had a password manager manage my password. for some reason it's not allowing me access anymore!
I've now 'not' been able to access my main account for 5 days. Can you please unlock my Authy 2FA ? I need access to my account & I need it soon as I need to access work contacts etc.
My main account is premium but I'm locked out. Can someone please contact me at my secondary account (attached to this post).?
I emailed Tutanota team 3 days ago as I'm locked out of my account. My 2FA has been reset and i can't bypass this, despite the fact i still have my password. I need someone to deactivate my automatic Authy authenticator. I need access to my account. I've tried emailing Tutanota team from a different account and no response. Can anyone help with this?
I need to access my account.
When will the new password reset or recovery feature be active? I did not lose or change my password, but it no longer works for my account. I clicked the link in this thread to see the progress of the new feature but I don't see anything new.
You cannot add it soon enough! I was hacked and cannot access any of may accounts!!! I'm really screwed!!!
I am having a hard time logging in and found m password no longer works. I have not used it for a while and forgot it. How do I change my old one to a new password. Where do I go?
I created a new account and used a password I know I can remember and I logged out and tried to login and now it doesn’t work
I didn't loose my password.
I changed my OLD password for a NEW one, using the mobile app.
Now NEITHER password works.
That's all I know. Anything else is speculation.
I saved the old password, made a new one, and saved it. Possible error there, but I did careful copy and paste.
Using the android app beta, I noticed an unexpected event when I filled the change password form. I intended to paste the old password once and paste the new password twice to fill the form. In order to paste, I must first place the android cursor in the field by pressing and briefly holding my finger there.
When I did that, I selected text instead of placing the cursor where I wanted to paste. The text selected is intended as descriptive or instructional by design, and reads "New Password." (or something similar).
Now I can ask the question. Is this the best practice?
When I select text instead of merely placing the cursor prior to pasting the clipboard contents (new password), I the screen presents the android "context menu" option to copy.
I suspect that something happened after that that caused me to be locked out of my account.
I was able to use the change password dialog to submit an unknown password.
I have just recounted what I will call my "password change failure," a sort of story of the sequence of events to the best of my recollection.
Importantly, this is the second password change failure with very similar circumstances. I have two android devices, both with the beta apps, both password changes done on the android beta apps. I was changing passwords because of a puzzling inability to log on with the password I had been using. Couldn't even log on the web.
Beyond, that my memory is not certain, and details are cloudy.
So, please make sure the change password code is the way it should be. I understand users will mistakes, but twice? I think I unknowingly submitted an unknown password.
Please try to find a way to secure reset accounts.
I really wish that there was a recovery system, as I've lost the passwords for 2 accounts- my bad, but I don't use a password generator and I have so many to deal with and change...
The email address I will use below is one account I lost access to
¿Como puedo restablecer mi contraseña, he perdido el acceso, ayuda por favor.
Pussy Whipped commented
As long as this system NEVER requires me to volunteer a Legacy Texting capable mobile number to "verify" me I will not complain.
Legacy Texting is the OPPOSITE of privacy. I don't want to tie my accounts to me IRL.
Pussy Whipped commented
2FA backup codes seems sufficient
Paul Fisher commented
To be brutally honest, I consider the lack of password recovery a "pro" and not an "con". Totanota could implement a recovery key system similar to that used by the MEGA cloud storage service ... but I don't see the point. I keep encrypted files with my login details for 100+ accounts on a number of different devices. For those of you who want to forget your password and be able to recover it ... go back to gmail. Don't jeopardize MY security with YOUR lack of organization.
I opened a free account yesterday. I spent several minutes learning how to use the system. I spent several hours trying to "break" it. Today I paid for a premium account. My congratulations to the developers
I really miss this feature. It is the only thing that stops me from using this mail service as the main one. I can't rely on tutanota for important tasks if I have no chance of recovering my e-mail in case I forget or lose my password.
No ProtonMail does not offer password recovery either for a very good reason. Any time that function exists it means your email is not truly e2e and inaccessible to someone wanting your mail. They can simply make Tutanota reset it for them.
Please we need a system for recovery-reset password..