One way to keep your emails secure is to use an encrypted email account. And it’s actually easier and cheaper to set one up than you might think.
ProtonMail is the world’s largest secure email service. It offers end-to-end encryption and lots of other great security features to keep your communications private. Even the company hosting your emails has no way of reading them, so you can rest assured that they can’t be read by third parties either.
But for all this talk, how secure is ProtonMail? Are there any loopholes? And how much does it cost to sign up? Luckily we’ve tested it out for you and can tell you everything you need to know about it in our ProtonMail review.
Protonmail: main pros & cons
- No-logs policy
- Encrypted messages to anyone
- CSV contact import
- Self-destructing emails
- Over 20 account languages
- Visionary plan is expensive
- Web client feels outdated
- POP3 not supported
Is ProtonMail safe and secure?
If you’re looking into getting a secure email account, chances are your main priority is security and privacy.
So here are the central Protonmail privacy and security features:
- End-to-end encryption
- Based in Switzerland with some of the strictest privacy laws
- Stores your data in secure data centers
With Protonmail, the contents of your emails are safe from unintended recipients’ eyes. And because of the way ProtonMail encrypts your data, it means that not even the people who work for ProtonMail can view your emails. So, you can rest assured that no one will be snooping through your inbox or successfully intercepting your correspondence.
Rather than humans accessing your inbox, it’s far more likely to be bots that extract keywords from your conversations and use them to target ads for you to see. And even though this may seem annoying rather than dangerous, it’s still an invasion of your privacy. Here’s how Protonmail can help you out.
As we mentioned above, ProtonMail offers end-to-end encryption for a much more secure service. But how does ProtonMail work? Let’s break it down.
End-to-end encryption is a really secure way of preventing third parties from being able to access data while it’s being transferred between systems or devices. If your email service uses end-to-end encryption, it means that your data is encrypted throughout the entire communication process. So, only you and the person you’re sending the email to will be able to access the information.
ProtonMail also stores all your emails in an encrypted format, which means that even the developers in charge of the email service won’t be able to read the messages in your inbox or outbox.
You can also send end-to-end encrypted emails to non-ProtonMail users. This works by sending a link to your intended recipient which loads an encrypted message onto their browser. They’ll then be able to decrypt your email using a passphrase you can share with them.
To do this, you will have to enable the Encrypt for Outside option. When you compose an email, click the lock icon on the bottom left of the screen and set a password (and password hint, if necessary).
If you didn’t set a password for your email, it will be encrypted using regular TLS, assuming the receiver’s server allows it. The same goes for emails sent to you by non-ProtonMail users.
PGP (or Pretty Good Privacy) is encryption software for email communications. Generally, it’s a secure method to encrypt your emails but it might be too complex to set up manually. ProtonMail has a built-in PGP encryption that you can use with zero technical expertise.
Between ProtonMail users, PGP has to be enabled. Once you do, PGP will encrypt all the emails that you exchange. If you want to communicate with the external accounts, you can allow PGP for outside users.
It works by generating two pairs of public and private keys. When you send an email, the sender exchanges a public key with the recipient, which they can decrypt with their private keys. That way you can be sure that only the intended recipient gets the message.
ProtonMail also adds an additional layer of protection in the form of two-factor authentication. This means that, if someone manages to steal your password, they won’t be able to get into your account unless they also have access to your mobile phone.
For this reason, you’ll need to make sure you’ll always have access to your mobile phone whenever you want to login to your email account before opting to add this in.
In order to enable two-factor authentication, you’ll have to install an authenticator app on your mobile phone. We’d recommend one of the following:
Once you’ve got two-factor authentication set up, you’ll use the unique six-digit code from your authenticator app to login to your mailbox. And you won’t be able to access your account until you’ve entered that code.
Another great thing about ProtonMail is the fact that it allows you to complete anonymity if you want it. You don’t even need to input any personal data when you create your account, so your privacy will be completely protected.
And by default, ProtonMail doesn’t track IP addresses, so there’s no information that an outsider could use to tie you to that account. That way, you know your emails are completely private.
ProtonMail’s self-destructing messages
You can even set an optional expiration time on any emails sent from your ProtonMail account. This means that your email will be automatically deleted from the recipient’s inbox once it has expired.
This not only works for emails sent to other ProtonMail users, but also for ones sent to recipients using other email providers. It works in a similar way to Snapchat by removing messages once the allotted time has passed.
ProtonMail data centers
When it comes to storing your data, ProtonMail’s security sounds rather like something out of a James Bond film. ProtonMail controls its server hardware at several secure locations in Switzerland. Its main data center is under 1,000 meters of granite rock in a heavily guarded bunker built to survive a nuclear attack.
If you know anything about cybersecurity, you’ll likely have heard that Switzerland is one of the safest places for data to be hosted. This is because the Swiss Federal Data Protection Act (DPA) and the Swiss Federal Data Protection Ordinance (DPO) offers some of the strongest privacy protection in the world for both companies and individuals.
And because ProtonMail is based in Switzerland, this places it outside of US and UK jurisdiction. This means that nothing short of a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme Court would lead to ProtonMail releasing the very limited information it will have stored. So it’s very unlikely anyone will ever be able to read through your emails.
Protection against batch GCD attacks
Since ProtonMail relies on public key infrastructure, individual instances are near impossible to crack. However, there are cases of acquiring large volumes of public keys and deriving private keys. It works with the assumption that an algorithm’s randomness isn’t that random, and with a large pool of data, it could be possible to reverse engineer a password.
However, ProtonMail checked their measure on their whole database of accounts. Among it, it identified only 90 public keys belonging to spam accounts. This test goes to show that ProtonMail remains secure even to advanced measures of encryption cracking.
Protonmail features overview
Protonmail has a variety of features that you might not so easily find in other service providers:
- Custom labels
- Short domain addresses
- Migration tools
- Free VPN
Here’s what you can expect from each of them.
If you value productivity, organizing your mailbox can be tedious if the service developers didn’t care for user experience. Many service providers have folder options to group emails, but it may not be enough. To increase their service’s flexibility, Protonmail has custom labels that you can add separately from folders. The best part is that you can add emails to labels, and it will not interfere with your folders categorization. Should you decide to remove a label from email, it will not change their folder. Also, if you no longer need a label, you can delete it without second thoughts – it will not delete any emails.
Short domain addresses
If you find the protonmail.com domain daunting, why not make it shorter? You can receive emails to your associated inbox by keeping your mailbox name and switching out the domain name. For example, if your email address is firstname.lastname@example.org, you can swap out protonmail.com and instead use pm.me domain email@example.com. All users can receive pm.me emails, but replying from pm.me addresses is only reserved for premium users. Plus, this address does not count towards the total limit of addresses you can create with a single account.
If you’re hesitant to jump into the other service because you’d have to start from scratch, this might be a severe drawback. It’s especially true for business users who cannot spend the valuable resources at copy-pasting their contacts in the mailboxes one by one. For this reason, Protonmail has developed a proprietary app that allows you to export and import your data from other inboxes like Gmail, Outlook, or Yahoo. The feature is only for Plus, Professional, Visionary, and Lifetime accounts.
When you register for a Protonmail, you also get a free ProtonVPN account. This service enables private and secure internet access through their Virtual Private Network of intermediary servers. It means that you’re not browsing the web directly but through the guise of an IP address of one of their servers. Thus, it’s one of the best ways to protect your anonymity and privacy when browsing the web. ProtonVPN is popular among people who value their privacy, and it’s a great pairing to your encrypted email account.
ProtonMail plans and pricing
You might well imagine that storing your emails in a heavily guarded bunker under 1,000 meters of granite rock would cost you quite a bit of money. But ProtonMail actually offers a free plan that gives you all these security benefits.
The free plan does limit the number of emails you can receive per day. But the limit is fairly generous and if it’s not enough for you, there are other very reasonably priced plans that increase your daily allowance.
So which plan is right for you and how much do they cost? Let’s have a closer look:
ProtonMail’s free account comes with 500MB of storage. This isn’t loads, but it’s probably enough if you delete your emails regularly and you don’t receive a lot of large files like hi-res images and videos. And it shows you how much of your memory you’re using up so you’ll always know when you need to start deleting things to free up space.
It caps your limit at 150 emails a day, which is a large enough allowance to suit most people. But if you find this isn’t quite enough for you, you can upgrade to one of the paid plans anytime you like. More on those a little further down.
The only other drawback you may find with the free version of ProtonMail is the limited customer support. There are, as you might expect, lots of FAQs on the website to help you resolve basic issues and there’s an online form and a customer support email address if you need more help. But the paid plans come with more dedicated support, which is much more useful if you have issues with ProtonMail’s service.
But aside from that, ProtonMail’s free service offers a really secure email service with only a few slight drawbacks. And because you can upgrade at any time, if you’re not sure what limit you need, it might be worth starting off with the free version and upgrading to a paid plan if it doesn’t suit your needs.
So, to reiterate, ProtonMail’s free account comes with:
150 messages a day
Limited customer support
ProtonMail Plus: $4.00 a month
Rather than calling it a subscription fee, ProtonMail likes to refer to the monthly cost of its paid plans as a “donation” to help the company continue to provide a secure email service to its customers. But however ProtonMail wants to dress it up, you pay an annual or monthly cost to use its premium services.
Having said that, its prices are pretty reasonable. ProtonMail Plus works out at just $4 a month. And for that, you get a lot more features than the free version offers.
The biggest difference is the limits on storage and the number of emails allowed goes up considerably once you upgrade to ProtonMail Plus. You’ll now have a much more generous 5GB of storage and you can send up to 1,000 emails every day, rather than the daily limit of 150 offered in the free version.
You can also have up to five email aliases and you can create your own domain name. So rather than having to stick with @protonmail.com, you can truly personalize your email address.
And the Plus account also gives you priority access to ProtonMail’s customer support.
So, to sum up, the ProtonMail Plus account offers:
1,000 messages a day
Labels, custom filters, and folders
The option to send encrypted messages to external recipients
The ability to create your own domain (for example firstname.lastname@example.org)
Up to 5 email aliases
Priority customer support
ProtonMail Visionary: $24.00 a month
As the name and price would suggest, ProtonMail Visionary comes with a lot of storage and some helpful extra features that’ll no doubt come in handy for anyone who needs to send a lot of secure emails.
ProtonMail Visionary offers a whopping 20GB of storage and lets you set up as many as 50 email aliases with as many as 10 domain names.
It also has no limits on the number of emails you can send per day. However, ProtonMail doesn’t let you send bulk emails. This is to prevent you from sending spam or unsolicited emails. Which, to be honest, seems fair enough.
The full list of ProtonMail Visionary features are as follows:
Up to 50 email aliases
Support for up to 10 domains
Multi-user support (6 total)
No sending limits, except bulk, spam, or unsolicited emails
Labels, custom filters, and folders
The ability to send encrypted messages to external recipients
Early access to new features
Access to ProtonVPN
ProtonMail Professional: $6.25 a month per user
If you’re looking into improving email security on behalf of a business, the ProtonMail Professional account could be the perfect solution.
You can create a domain name for your company and add accounts for each of your employees. It’s all fairly easy and straightforward to set up, and ProtonMail can help you migrate your current email system over to ProtonMail. Simply contact email@example.com for more information and assistance.
Is ProtonMail easy to use?
How to set up a ProtonMail account
It’s really easy to set up a ProtonMail account. All you need to do is visit the ProtonMail sign-up page, select the plan you want, and follow the instructions.
One of the best things about it is you don’t have to put in any personal information so you can retain your anonymity. The site does suggest that you add a recovery email in case you forget your password, but you don’t have to.
ProtonMail design and layout
Unless this is your first ever email account, you’ll find ProtonMail’s layout very familiar and easy to navigate. The inbox looks very similar to anything you might be used to with Gmail, Outlook or Yahoo, and it’s really easy to find all the basic functions like creating new messages, adding contacts, and accessing your draft emails.
New emails are shown in bold and you can choose to allow notifications on your desktop or mobile phone app so you’ll be alerted as soon as you get a new message.
The paid versions also let you create custom folders, filters, and labels to help you organize your emails.
Meanwhile, the free version still lets you create basic folders and labels that you can color-code to help you find things easily.
As well as a really user-friendly desktop version, ProtonMail also has a really useful app that’s available on Apple and Android devices.
We tested out the Android version and found it fast, smooth, and easy to use. At the time of writing, the ProtonMail app has been downloaded over 1 million times on the Google Play Store and has received more than 28,000 reviews with an average rating of 4.5 stars. Meanwhile, the ProtonMail app for Apple users has 4.2 stars and has roughly 1,500 reviews. So it’s safe to say the app is pretty popular with its users.
Like most mainstream email services, ProtonMail also offers a fully integrated calendar app. But unlike other calendar apps, ProtonCalendar has end-to-end encryption to keep your schedule completely secure.
Everything from the event title, description, and location to the people you’ve invited are encrypted on your device. That means that no third party (not even ProtonMail) can see the details of your events. Only you will know your plans.
The ProtonCalendar app itself is really easy to use on both mobile and desktop. And, like with the email service, you can allow notifications so you won’t miss any of your meetings or events.
Despite all the layers of strict security, we actually found ProtonMail pretty speedy. It sends and receives emails with hardly any lag. And uploading and downloading documents doesn’t seem to take any longer than it does on mainstream email services, like Gmail.
While we can’t know for sure whether it starts to lag once you’ve got thousands of emails in your inbox, early signs are that the extra security doesn’t noticeably slow things down.
Problems with ProtonMail
1. ProtonMail customer support
ProtonMail doesn’t offer much in the way of customer support. If you opt for the free version, all you really have access to is the online FAQs. Or you can email firstname.lastname@example.org if you need help with a specific problem.
There’s also an online form you can fill in. Apparently the only way you can actually speak to someone is by filling this in and requesting a call-back. Which isn’t ideal if you just want to speak to someone about an urgent issue.
2. ProtonMail search function
The search function isn’t brilliant on ProtonMail. While it does have a useful search box that allows you to input the sender, the time period it was sent, and some keywords from the email, it doesn’t always surface what you’re looking for.
But then again, email search engines are usually pretty poor. And if you’re used to fruitlessly searching for specific emails on Gmail or Outlook, you probably won’t find ProtonMail’s search noticeably worse.
ProtonMail vs Tutanota
Tutanota is arguably even more secure than ProtonMail as it offers complete end-to-end encryption on emails, including subject lines. It also offers a more generous free version with up to 1GB of storage instead of ProtonMail’s 500MB.
However, ProtonMail offers more customization, from setting auto-responses to importing themes to make your inbox look exactly the way you want it.
Overall, the two are fairly evenly matched, although if we had to choose, we’d probably opt for ProtonMail for the added customization. It also has better customer support, which is really useful if you ever have an issue. Check our full comparison between ProtonMail and Tutanota for the details.
Winner: ProtonMail (just)
ProtonMail vs Fastmail
Fastmail promises to keep your data safe from third parties and boasts full transparency with its data practices. However, unlike ProtonMail, it doesn’t deliver end-to-end encryption, so it’s not as secure.
Also, there’s no free version and the price of a Fastmail account starts at $3 a month. For those reasons alone, ProtonMail is definitely the better choice. Check out our Fastmail review for more information.
ProtonMail vs Gmail
Gmail is incredibly popular and offers a reasonable amount of security. But ProtonMail offers a lot more. With its end-to-end encryption, no one can access your messages except you and your intended recipient, not even the people who work at ProtonMail.
Gmail, meanwhile, can not only view your data but can actually share it with third party companies who can then send you targeted ads.
Having said all that, Gmail does have its good points. For one thing, it’s owned by Google, so its app and desktop version are really easy to use and it offers much more in the way of customer support. But for us, there’s no contest: if you’re even slightly concerned about your online privacy, ProtonMail is a much safer choice.
ProtonMail review: the bottom line
If you’ve got an email account with a mainstream provider, chances are it doesn’t use end-to-end encryption. As you’ve seen from our ProtonMail review, the big difference between a secure email service like ProtonMail and a standard email service such as Gmail or Outlook is that it provides a lot more security and privacy for its users.
ProtonMail is really simple, easy to use and it offers end-to-end encryption, so you’ll have real peace of mind, knowing that your emails can’t be read by anyone other than you and whoever you’re emailing. There’s no coincidence that the protagonist from Netflix TV series Mr. Robot is seen using this service in Season 1, and it was also featured in the movie “Knives Out” for sending ransom notes. Protonmail is just that secure.
Is Protonmail safer than Gmail?
Encryption is the king when it comes to your data safety. All data stored on the ProtonMail is encrypted, hackers don’t have the necessary tools to decrypt the data. Furthermore, ProtonMail employees cannot read the contents of your messages due to the same reasons. It applies even to the messages that came from outside. Gmail has logs of every your IP login and can access every single email in your mailbox.
Can Protonmail hand over my data to law authorities?
In cases when law enforcement asks ProtonMail for your data, there is little that they can do. First of all, ProtonMail encrypts the emails, they cannot decrypt them at will. Moreover, they won’t act on data requests unless approved by the appropriate Swiss authority. Suppose you don’t provide detailed account information. In that case, there’s not much to go on that would tie your identity to the email account.
Can you switch between paid and free ProtonMail versions?
Yes, ProtonMail allows switching between the free and paid versions. Before downgrading, you’ll have to make sure that you give up previously set up premium functions. This includes custom domains and addresses. Once you do that, you’ll be able to reset it to the basic free version. If you want again to set up custom domains, you’ll have to subscribe anew.
What is ProtonMail Bridge?
ProtonMail Bridge is a Premium user’s feature that allows encrypting ingoing and outgoing emails. The best part is that you can integrate it with your current mailboxes like Outlook or Thunderbird. The requirement is that it should support IMAP and SMTP protocols. With the Bridge app, you can also download all offline copies of your emails to your device.
What is ProtonMail Plus?
ProtonMail sees all its paying customers as its Plus customers. Every other plan such as Visionary, Professional, etc. falls into the same category. This gives more financial support for the developers who improve the service. Plus, as a user, you get more expanded functionality with the client.