ProtonMail Review

protonmail review

Table of Contents

Our opinion

ProtonMail is a decent end-to-end encrypted email service that a majority of users could benefit from. While it’s far from a perfect email client, the perks you get with a free account and the security that comes alone with it is very attractive. It’s an excellent choice for people who want more security, business associates, and anyone who fears hacking or wiretapping. Everyone has different needs and ProtonMail could very well be lackluster for you– the only way to find out is to sign up for a free account and try it out. It’s definitely one of the best encrypted email services out there.

Quick links:

More information about ProtonMail and encrypted email services further in the article.

The typical free email account is acceptable for most people. However, those that need to have protected and secured communications need an email service provider with a bit more bells and whistles. This is where ProtonMail comes in.

ProtonMail is a free open-source email provider that has a big focus on encryption. For individuals who need the most private email secure service possible, ProtonMail could be an excellent choice. But what exactly makes it so special?

There aren’t many Protonmail reviews out there, so we’ll take on the task. In this very in-depth review, we’ll be breaking down what ProtonMail is, its history, its pros and cons, all of its features, and some commonly asked questions about the Swiss email platform.

About ProtonMail 

ProtonMail is a secure email service provider from Switzerland. It’s often touted as the safest and most secure email client in the world, and that not even powerful organisations can infiltrate it. Whether or not this is true is subject to debate, but ProtonMail is pretty handy if you need a little extra security for your email. It’s one of the most well-known email-based security services out there.

More and more people are becoming interested in encrypted email. As large corporations that provide email services to the general public continue to suffer from hacking and leaked sensitive information, the average person is more interested in added security than ever before. A recent research study from Advanced Market Analytics noted how premium email services like ProtonMail could be the next big thing.

“If we see Market by Pricing Option, the sub-segment i.e. Annual License will boost the Paid Email Service market,” the study noted, “Additionally, the rising demand from SMEs and various industry verticals gives enough cushion to market growth. If we see Market by Platform, the sub-segment i.e. Desktop will boost the Paid Email Service market. Additionally, the rising demand from SMEs and various industry verticals gives enough cushion to market growth. If we see Market by Email Service, the sub-segment i.e. Email Newsletter will boost the Paid Email Service market. Additionally, the rising demand from SMEs and various industry verticals gives enough cushion to market growth.”

Pros & Cons of ProtonMail

Pros

  • Two-factor authentication.
  • Password-protected and encrypted emails can be sent to any email address.
  • End-to-end encrypted email services.
  • Password-protect encrypted messages to non-users.
  • Message expiration for added security.
  • Extremely easy to use.
  • The short email domain (user@pm.me) can be used for receiving messages.
  • Uses a no-logs policy.
  • The client is available in twenty different languages.
  • Extremely easy and quick to make an account and start using the client immediately.
  • Images and rich text formatting are supported for encrypted emails.
  • Keyboard shortcut-friendly.
  • The premium services offer more space, email aliases, better support, laveling features, customized filtering features, auto-reply, a highly email limit, and built-in VPN services.
  • You can download PGP keys.
  • Importing CSV contact lists is easy.
  • There are ample encryption options available.
  • You can set up when your emails will expire.
  • Usable on any device or browser.
  • No-access email storage for added security.
  • Uses PGP encryption.
  • It’s free to use, and premium plans are fairly inexpensive for what you get.

Cons

  • There are limits on daily messages, even with a premium account. Free encrypted email accounts are limited to 150 message every day and 50 emails every hour.
  • The labeling and folder features for the free account are very limited– you only get three.
  • Free accounts don’t get IMAP or POP access.
  • Custom support from ProtonMail is known for being pretty limited.
  • It’s not possible to change ProtonMail’s default signature with a free account.
  • The web interface can sometimes be slow and laggy.
  • There aren’t many features in the way of search and ordering emails.
  • While it can be integrated with third-party email clients, the result is a little sloppy.
  • While the free, Plus ($57 a year), and Professional ($90 a year) plans are relatively affordable, the Visionary plan is very expensive at $345 a year.

Another possible con of ProtonMail involves a slightly more thorough explanation. This year, the company announced that it will be using alternative routing methods to circumvent censorship. This practice would largely depend on third-party infrastructure and networks to ensure more privacy– something that larger email service providers are often not invested in. And at its core, Proton Technologies hones in on privacy more than anything. So why would the company move to utilize technologies that could possibly lead to transparency between IP addresses and third party enterprises?

“The new tool, which will be deployed over the next few weeks in the ProtonMail desktop and mobile apps, is designed to sidestep any blocks imposed by network administrators, internet service providers (ISPs), or governments. However, given that blocking a service often involves blocking the company behind its infrastructure, Proton said that it’s having to turn to alternative infrastructure providers to ensure that its users are always able to connect — even if that means relying on technology from its archenemy Google. While this doesn’t mean that ProtonMail users’ actual data will be at risk, it could mean that some information — such as IP address and knowledge of their attempt to connect to ProtonMail — will become visible via those third parties. It’s worth noting here that Proton is also developing other non-email products, including an encrypted calendar and cloud storage service, which will also leverage this new routing service.

Paul Sawers wrote in a writeup on the move for Venture Beat

This is somewhat disappointing– however, Proton has noted in the wake of this move that they would only use Google infrastructure for very rare situations and that actual connections will not be directed through Google.

The History of ProtonMail 

ProtonMail was launched into public beta in 2014. The company was technically founded in 2013 in Geneva, Switzerland by a ground of scientists. Notably, Dr. Andy Yen (the CEO and founder) and Dr. Bart Butler (CTO) were the key visionaries of the company. Currently, ProtonMail and its servers are located in Switzerland, where user privacy laws are very strict and user data can be better protected.

Initially, ProtonMail received its funding from a crowdfunding campaign. The company is also sustained by its different paid membership plans. In 2015, the company receive $2 million from Charles River Ventures and the Fondation Genevoise pour l’Innovation Technologique.

ProtonMail experienced a number of DDoS attacks in 2015, which made the service unavailable to its users. In response, the company made noteon Twitter that they would be looking for new data centers. The company suffered from more DDoS attacks in 2018 but recovered.

At its roots, ProtonMail is dedicated to providing user security and data privacy. 

“We are scientists, engineers, and developers drawn together by a shared vision of protecting civil liberties online. This is why we created ProtonMail, an easy to use secure email service with built-in end-to-end encryption and state of the art security features. Our goal is to build an internet that respects privacy and is secure against cyberattacks. We are committed to developing and widely distributing the tools necessary to protect your data online. Our team combines deep mathematical and technical knowledge from the world’s top research institutions with expertise in building easy to use user interfaces. Together, we are building the encrypted communication technologies of the future.”

ProtonMail’s About section on their website

ProtonMail has also bee featured in the entertainment world. The email client was featured in three different seasons of the American hacker drama series Mr. Robot, as well as the 2019 film Knives Out. ProtonMail did not pay for these appearances as advertising.

Earlier in 2020, ProtonMail was widely discussed when the Russian government banned its encrypted email service.

“Russian communications watchdog Roskomnadzor said ProtonMail, which uses end-to-end encryption to protect user data, had been used to send fake, anonymous bomb threats. Such threats have frequently led to mass evacuations of public buildings across Russia. Roskomnadzor said that ProtonMail had refused to provide Russian authorities with information on the owners of email accounts allegedly associated with fake bomb threats. It said these had been sent via ProtonMail since last year and that incidence had increased this month after a similar service, Smartmail.com, was blocked. Protonmail denied having received any requests for assistance from Russian authorities and said the block would do nothing to stop bomb hoaxes but rather only limit ordinary Russians’ access to privacy in communications.”

a writeup on the incident from the Reuters staff

In a statement on the incident, ProtonMail noted that blocking access to an email platform won’t solve the issue of threats.

“Officially, the block was put in place because bomb threats have been sent to numerous Russian cities via ProtonMail. Blocking access to ProtonMail is an ineffective and inappropriate response to the reported threats. It will not prevent cybercriminals from sending threats with another email service and will not be effective if the perpetrators are located outside of Russia. The cybercriminals will also likely be able to bypass the block using Tor or a VPN, and they will almost certainly have this technical capability. However, the block does deny regular, law-abiding citizens of Russia access to secure email and privacy. That’s why we condemn this block as a misguided measure that only serves to harm ordinary people.”

the statement

It’s clear that ProtonMail as a company is dedicated to protecting the integrity of its platform and the ability of ordinary people to have safe, secure, and untracked email services.

ProtonMail has been in the news (at least in the tech world) in recent months, but not for anything particularly good. The platform was caught in a battle with Apple this year. Accordingly to spokespeople for the company, ProtonMail revealed to its customers that they were forced to monetize their mostly free ProtonMail app due to Apple’s demand for in-app purchases, even though the enterprise had approved ProtonMail’s app two years previous. When Apple caught wind of the email that was sent to customers, they threatened to remove their app and block all of their updates.  Back in October, The Verge interviewed CEO Andy Yen about recent developments with ProtonMail.

“There’s a lot of fear in the space right now; people are completely petrified to say anything. For the first two years we were in the App Store, that was fine, no issues there. But a common practice we see … as you start getting significant uptake in uploads and downloads, they start looking at your situation more carefully, and then as any good Mafia extortion goes, they come to shake you down for some money. We didn’t offer a paid version in the App Store, it was free to download … it wasn’t like Epic where you had an alternative payment option, you couldn’t pay at all. Out of the blue, one day they said you have to add in-app purchases to stay in the App Store. They stumbled upon something in the app that mentioned there were paid plans, they went to the website and saw there was a subscription you could purchase, and then turned around and demanded we add IAP. There’s nothing you can say to that. They are judge, jury, and executioner on their platform, and you can take it or leave it. You can’t get any sort of fair hearing to determine whether it’s justifiable or not justifiable, anything they say goes. We simply complied in order to save our business.”

Yen told The Verge

It’s clear that Yen and the ProtonMail team have standards at the forefront of their minds when it comes to running ProtonMail. It’s admirable, to say the least. But what exactly are the features of ProtonMail that make it such a valuable asset to use?

ProtonMail Features

ProtonMail has a wide range of features that add to its appeal.

End-to-End encryption

This is, of course, the biggest benefit to using a Protonmail email account. With this type of encryption, messages are encrypted 24/7 and are stored on ProtonMail’s servers in that encrypted format. They are then transmitted in that encrypted format between the company’s servers and user device. Message sent between two ProtonMail users are transmitted, fully encrypted, within the company’s secure network. The risk of message interception is virtually gone.

PGP support

PGP is a well-tested and trusted way to protect email communications with end-to-end encryption technology. Often difficult to use, Protonmail offers full PGP support and integration.

Two-factor authentication

Two-factor authentication is used to protect login information for a variety of reputable internet services and adds an additional layer of security. This feature requires users to verify their identity using a 6 digit code that can be accessed by a supplementary third-part email account. Users will then have to enter that code in their ProtonMail browser to enter their email account. This is just another layer of security that ProtonMail uses to ensure that user information is protected.

Zero access to user data

The professionals at ProtonMail will never be able to access your encrypted data. With this zero access architecture ensures that data is encrypted in a very specific way that makes it unusable to anyone in the company. This is done by encrypting messages on the client side with encryption keys that ProtonMail cannot access. Not only do they make it a point to ensure that they don’t want to access their client’s messages, but they technically can’t.

Open source cryptography

Uses meticulously tested and well-trust encryption algorithms, ProtonMail is able to secure implementations of AES, OpenPGP, and RSA. The cryptographic libraries used are completely open source. This is a good feature, as open source libraries make it possible to guarantee that encryption algorithms are intact with no back door’s. This software has been vetted in the past and is an excellent choice for implementing privacy.

Own mail server hardware in Switzerland

Switzerland as a country has some of the most intense internet privacy laws on the planet, so it makes sense that Protonmail would host their server hardware in the country. All user data from ProtonMail is thus protected by the Swiss Federal Data Protection Act (DPA) and the Swiss Federal Data Protection Ordinance (DPO). Specifically, these regulations protect individuals and corporations who use email. And since Protonmail is based outside of the U.S. and Europe’s government jurisdiction, only the Cantonal Court of Geneva or the Swiss Federal Supreme Court could force the company to release what little user information Protonmail even stores.

No tracking

The platform is fully confidential and does not track of log any identifiable information. Competitors in email services tend implement tracking. Metadata including IP addresses are not used in the login process. That means no targeted ads and security pain points.

Self-destructing messages

This can be seen as both a pro and a con. However, for extremely sensitive email content, it’s a godsend. All ProtonMail messages eventually self-destruct, though users can easily set their own automatic deletion timeframes.

SSL secured connections

As with any decent email client, SSL secured connections are always implemented. Using Swiss SSL, ProtonMail secures communications between the company’s servers and user devices.

ProtonMail users can communicate with non-ProtonMail users

This is a pretty big deal for obvious reasons. What’s the point of an email client that can’t connect with other email clients, regardless of security? Luckily, ProtonMail users can communicate with non-ProtonMail users via the email client.

ProtonMail Bridge

ProtonMail Bridge is an app that is available to any and all paid users. It makes it possible to integrate one’s Protonmail account with email clients, such as Outlook, Apple Mail, Thunderbird, etc. It runs in the device’s background by encrypting and decrypting messages as they are sent from the user. It’s also compatible with clients that utilize IMAP and SMTP protocols.

ProtonContacts

With a platform as security-centered as Protonmail, one would expect there to be virtually no method to save contacts. This is where ProtonContacts comes in. This contacts manager is fully encrypted and is touted as the first of its kind. It uses zero access encryption along with digital signature verification to ensure that contact information on user accounts are safe.

ProtonCalendar

Another new and handy feature of ProtonMail is ProtonCalendar. Like the rest of ProtonMail’s features, it is fully encrypted. This tool can be used to keep track of plans and appointments, all while keeping data safe. Users can set dates with titles, descriptions, location, and participants. All of which are safe from third-party access that is not authorized.

ProtonMail apps

ProtonMail offers Android and iOS applications for their email client that are easily downloaded from a user’s respective app store. Full encrypted and with all the bells and whistles of the desktop version, these apps make email security quite simple and easy to use. Plus, the design of the apps is very aesthetically pleasing and user-friendly.

How to Create a ProtonMail Account

Setting up a ProtonMail account is very simple. Head over to ProtonMail’s setup page and select your account preference.

For the free account, you’ll be offered 500 MB of storage, 150 messages per day, and limited support. For the Plus account, you’ll be offered 5 GB of storage, 1000 messages per day, up to 5 email aliases, and Priority Customer Support. For the Visionary account, you’ll get 20 GB of storage, up to 50 email aliases, support for 10 domains, multi-user support for six people, no sending limits, early access to new features, and access to ProtonVPN.

Click the SELECT PLAN button. You’ll then be taken to a signup page where you will choose your username, password, and recovery email. You’ll then be taken to a page where you’ll need to verify that you’re human, either through CAPTCHA, email, or SMS. You’ll also have the opportunity to donate to the company here. Click COMPLETE SETUP.

And that’s it! You’ll wait on a loading screen for a moment before arriving at your inbox.

ProtonMail Business

ProtonMail offers a few different account types– free, Plus, Professional, and Visionary. However, they also offer a ProtonMail business plan. This plan is designed to be used by a large number of users.

It’s no secret that small businesses make up a majority of cyberattack survivors. They’re often poorly secured, easy to target, and not too difficult to rob. Emails, in particularly, are a huge target. That’s why a Protonmail business plan is so attractive.

With a Protonmail business account, you can secure your company’s email with unique encryption technology. You’ll receive your own business domain (not user@protonmail.com) and the peace of mind in knowing that your information is safely encrypted on Swiss servers. Encryption is easy with no plugins required, PGP encryption is applied with ease to the email clients you use, and it can work on a browser or mobile device.

Just as well, having ProtonMail as your business email client will be quite impressive to your clientele. Especially if you work in a business where email must be HIPPA or GDPR compliant. Currently, over 10,000 businesses use Protonmail for their business. 

It’s worth noting that ProtonMail Business and Plus are very different plans. Plus is designed for individual users. Business, which is only accessible with a Professional plan, is ideal for organizations both small and large. It offers unlimited emails and priority support that casual users won’t get.

ProtonMail vs Gmail

It’s no secret that Gmail is a very popular platform that is used by many people around the world. However, ProtonMail offers so much more in the way of privacy. Its end-to-end encryption makes it possible for no one to access your messages except you and your email recipient. The people who work at ProtonMail can’t even see what you’re sending. That’s a serious layer of protection. Gmail, on the other hand, can view your data and share it with third-party businesses, all for the purpose of sending you targeted ads.

Gmail can be good enough for most people. It’s easy to use and it’s free, and the customer support is definitely better than ProtonMail’s. However, there’s no way to look around how superior ProtonMail is in terms of online privacy and security.

ProtonMail Alternatives

As the premium email client renaissance grows, ProtonMail is facing a lot of new competitors. Some of the company’s top alternatives include:

  • Tutanota
  • StartMail
  • Zoho Mail
  • Disroot
  • Mailbox.org
  • Mailfence
  • Cock.li
  • FastMail

ProtonVPN

protonvpn

ProtonVPN is a great add-on to ProtonMail. This high-speed Swiss VPN will further protect your privacy and is availoable for virtually all operating systems. Proton’s VPN sends user internet traffic through an encrypted VPN tunnel, which keeps passwords and sensitive data safe, even with the shadiest internet connections. It’ll also keep your browsing history private.

The platform, according to the company itself, was designed to protect journalists and activists. “We created ProtonVPN to protect the journalists and activists who use ProtonMail,” the ProtonVPN product page reads, “ProtonVPN breaks down the barriers of Internet censorship, allowing you to access any website or content.”

ProtonVPN also has some unique features that separate it from other VPNs. It offers a secure core, meaning that traffic is passed through a secure core network in privacy-friendly countries.  Through this, a compromised VPN endpoint server wil fail to reveal your IP address. Just as well, ProtonVPN uses ciphers with Perfect Forward Secrecy, meaning that traffic can’t be captured or decrypted at a later time. Plus, it’s based in Switzerland– where privacy laws are some of the strongest. ProtonVPN also offers a no-log policy, so nothing is tracked by the service itself. The platform is capable of integrating with the Tor anonymous network as well.

You can also get a free or paid ProtonMail account by this link:

FAQ

Tim Robinson

Tim Robinson

I research, write, and publish about VPN and other privacy tools.

My first VPN setup was over ten years ago, and since then, it is an essential part of my internet experience. I surf the internet, stream, and work with a VPN.