How does two-factor-authentication (2FA) work in Tutanota?

Please note: 2FA is only available via the new Tutanota client: https://mail.tutanota.com
At the moment you cannot use 2FA for the Tutanota Android & iOS apps. Support of 2FA in the apps will be added in the coming months.

It is not required to set up 2FA on your account, but it is recommended if you'd like the peace of mind that comes with the additional security.

Registering your second factor


You can connect your second factor with Tutanota in "Settings" -> "Login". As admin you can setup second factors for your users in "Settings" -> "User management".

Tutanota currently supports the following second factor types:
  • Security keys (U2F), e.g. Yubikey. U2F is currently supported by Chrome and Opera.
  • TOTP with an authenticator app such as Google Authenticator, Authy etc.
  • We plan to support more second factor types. Please let us know via social media which ones you prefer!
Second factors can be added by administrators and "normal" users, but removed only by admins.

Note: If you lose your second factor, you will no longer be able to login to your account. To prevent this, you can add multiple second factors and additionally note down the recovery code shown to you when adding a second factor.

Authenticating with your second factor


During login you have to authenticate with one of your second factors. Instead, you may also accept that session from another logged in client. If your browser does not support the second factor you had registered, you can only accept the session from another client.

How to reset your second factor if you lose it


You can reset the second factors if you have noted down your personal recovery code. You can view and also update your recovery code in "Settings" -> "Login".

If you have lost your second factor, click on "More" -> "Lost account access" on the login page. There you will have to enter your recovery code as well as your password to delete all your second factors.

English

  1. Is Tutanota for free?
  2. What does the name "Tutanota" stand for?
  3. How to use Tutanota?
  4. Where does the encryption process take place?
  5. What is encrypted and what can you read?
  6. Can I use Tutanota anonymously? Do you log IP addresses?
  7. Where are the Tutanota servers located?
  8. How do I reset my password if I lose it?
  9. Is Tutanota certified?
  10. Where are my keys generated and how is my private key secured?
  11. Tutanota uses only one password. Do you have access to it?
  12. What hashing function is used for the password?
  13. How do I choose a strong password?
  14. What encryption algorithms does Tutanota use?
  15. Why does Tutanota not use pgp?
  16. Which browsers does Tutanota support?
  17. What browsers can an external recipient use for receiving confidential emails?
  18. Where can I get the Tutanota app?
  19. Is Tutanota open source?
  20. Is my address book within Tutanota encrypted?
  21. How secure are my Tutanota emails?
  22. The development goes on. What comes next?
  23. What is the maximum size for emails and attachments?
  24. Can I retrieve my Tutanota emails via IMAP to another email client?
  25. How are my emails encrypted with Tutanota?
  26. As an external recipient, can I re-access my emails later?
  27. How do I send an encrypted email to another Tutanota user?
  28. How do I send an encrypted email to an external recipient?
  29. How do I set emails to external recipients to unencrypted by default?
  30. How can I add alias mail addresses to Tutanota?
  31. Do you delete inactive accounts / recycle email addresses?
  32. I have received an abusive email (spam, phishing) from one of your domains. What should I do?
  33. How can I use my custom (own) domain with Tutanota?
  34. Logging: What do you log and for how long are logs kept
  35. Special offers for non-profit organizations
  36. How can I use Tutanota in my organization or company with my custom (own) domain?
  37. How can I configure spam detection rules (configuration of spam blacklist and whitelist)?
  38. Are there email limits to protect Tutanota from being abused by spammers?
  39. How does two-factor-authentication (2FA) work in Tutanota?
  40. Whitelabel: How can I get the Tutanota login at my custom (own) domain and configure colors and my logo?

Feedback and Knowledge Base