When sending an encrypted message to an external recipient, to someone who does not use Tutanota, you have to exchange a password once. The sender enters a password before sending the email. Once set the password will be automatically saved along with the contact in your Tutanota address book. Next time, you simply specify the recipient and Tutanota automatically enters the password. The password needs to be exchanged via a second channel.
The external recipient
Note: The link within the notification email contains a salt which is needed for decryption along with the password. Thus, someone who wants to intercept your encrypted messages needs the exact link and the password. (An old link gets deactivated as soon as you send a new email to the same email address.)
- receives a notification email with a link to Tutanota (browser opens up),
- enters the exchanged password,
- can read the automatically decrypted email, reply confidentially, export all exchanged messages and save them locally.