Tutanota uses only one password. Do you have access to it?

No. When a password is used for authentication (login), it is not necessary that it is known to the server you want to authenticate with. It is enough that the server has a fingerprint (hash) of your password. With Tutanota your hash for authentication is calculated by your browser and only the hash is being sent. Your password never travels the Internet in plain text and it is never seen by our server. As hashes are non-invertible, the server is unable to reconstruct your password from the hash. In this way the server is not able to decrypt your message, while still able to log you in.

English

  1. Is Tutanota for free?
  2. What does the name "Tutanota" stand for?
  3. How to use Tutanota?
  4. Where does the encryption process take place?
  5. What is encrypted and what can you read?
  6. Can I use Tutanota anonymously? Do you log IP addresses?
  7. Where are the Tutanota servers located?
  8. What happens if I lose my password? Can you reset it?
  9. Is Tutanota certified?
  10. Where are my keys generated and how is my private key secured?
  11. Tutanota uses only one password. Do you have access to it?
  12. What hashing function is used for the password?
  13. How do I choose a strong password?
  14. What encryption algorithms does Tutanota use?
  15. Why does Tutanota not use pgp?
  16. Which browsers does Tutanota support?
  17. What browsers can an external recipient use for receiving confidential emails?
  18. Where can I get the Tutanota app?
  19. Is Tutanota open source?
  20. Is my address book within Tutanota encrypted?
  21. How secure are my Tutanota emails?
  22. The development goes on. What comes next?
  23. What is the maximum size for emails and attachments?
  24. Can I retrieve my Tutanota emails via IMAP to another email client?
  25. How are my emails encrypted with Tutanota?
  26. As an external recipient, can I re-access my emails later?
  27. How do I send an encrypted email to another Tutanota user?
  28. How do I send an encrypted email to an external recipient?
  29. How do I set emails to external recipients to unencrypted by default?
  30. How can I add alias mail addresses to Tutanota?
  31. Do you delete inactive accounts / recycle email addresses?
  32. I have received an abusive email (spam, phishing) from one of your domains. What should I do?
  33. How can I use my custom (own) domain with Tutanota?
  34. Logging: What do you log and for how long are logs kept
  35. Special offers for non-profit organizations
  36. How can I use Tutanota in my organization or company with my custom (own) domain?
  37. How can I configure spam detection rules (configuration of spam blacklist and whitelist)?
  38. Are there email limits to protect Tutanota from being abused by spammers?
  39. How does two-factor-authentication (2FA) work in Tutanota?
  40. Whitelabel: How can I get the Tutanota login at my custom (own) domain and configure colors and my logo?

Feedback and Knowledge Base