Proton Mail

3.99

Proton Mail is an email service built for the privacy-conscious user. Based in Switzerland, this platform provides encrypted communications when talking to other Proton users or even externally.

I’ve signed up for Proton Mail’s free trial to explore its features and determine its use cases, pros, and cons. Based on my testing experience and verdict, you’ll understand if Proton Mail is a better alternative to the more popular email service providers we use today.

Features

Encrypted mails to Proton and non-Proton users
Signup doesn’t require personal details
Custom domain and unlimited aliases
IMAP/SMTP bridge for using Proton Mail with other email clients
Data import from IMAP email providers (Google, Outlook, etc.)

Pros

Open-source apps that have been independently audited (Web, Windows, and macOS)
Advanced security features, such as two password mode, dark web monitoring, etc.
Intuitive user interface
Excellent cross-platform presence
Multiple account recovery options

Cons

Password-protected emails have 28 days expiration limit
Proton Bridge is restricted to paid users
Lacks live chat or phone support

Proton Mail Review Methodology

Geekflare tested Proton Mail through hands-on usage of its secure email platform. We evaluated key features like end-to-end encryption, privacy controls, ease of use, and reviewed user feedback from various UGC platforms to deliver a detailed and unbiased analysis of its email security and functionality.

One of the web technologies many of us, including me, have taken for granted for free is electronic mail, a.k.a. email. For instance, I started with Gmail in 2006, and (unfortunately) it’s still my primary email service provider. I recently signed up with Proton Mail to explore more privacy-centric options and have reasons to write this review in the name of awareness, if nothing else.

Over 90% of email users use one of the four leading services, including Apple Mail, Gmail (Google), Outlook (Microsoft), and Yahoo Mail.
Email Client Market Share 2024

But what’s wrong with Gmail (and the like), you ask? While Google wants us to believe nobody is reading our emails, it clearly states that the 3rd-party apps a user has granted permission to can.^[1] Plus, you are shown personalized ads, which subtly affect your purchase behavior.

I won’t delve into more details about if and why you should ditch your “free” email provider. However, Proton Mail is one of the solid contenders for anyone seeking an exponentially more private alternative to safeguard at least some “sensitive” conversations, if not their everyday emails.

What is Proton Mail?

Proton Mail is the privacy-respecting brainchild of the scientists who met at CERN in 2014.^[2] The parent company, Proton AG, has its headquarters in Geneva, Switzerland, and a portfolio comprising a renowned (Proton) VPN, email service (Proton Mail), calendar, cloud storage, password manager, and a Bitcoin wallet.

It is end-to-end encrypted, which means only you (the sender) and the intended recipient can read an email’s content. And yeah, this also works for the emails sent to non-Proton users with a few caveats (discussed in detail later).

The company’s primary stakeholder is the Proton Foundation, a Swiss non-profit. The remaining shares are owned by Proton employees and another non-profit, FONGIT, which was established by Proton users.

Proton is also supported by the European Commission and Innosuisse (the Swiss Federal Innovation Agency); however, neither agency holds any shares in Proton AG.

Overall, the company structure is clear, and I don’t see it run by greedy opportunists.

Proton Mail Features

With this section, you will get a sneak peek into Proton Mail. More importantly, I’ll highlight the privacy-friendly features that set it apart from the standard email service providers.

End to End Encryption (Proton to Proton)

Proton Mail uses OpenPGP end-to-end encryption (E2EE) to secure messages between two Proton users. It is the most widely used protocol for encrypting mail.

Many well-known email providers come pre-configured with OpenPGP, including Gmail, Yahoo, Outlook, Zoho, Mail.ru, and more. The only catch is they don’t natively support OpenPGP, and you’ll need additional software to get the encryption working.

But that’s not the case with Proton Mail. Here, the emails are secured with the recipient’s public encryption key before being transferred to Proton servers. Next, they are decrypted with the receiver’s private key on their device, making this form of encryption safe from man-in-the-middle (MITM) attacks.

This is the safest form of encryption you can have at Proton Mail.

Zero-access Encryption (non-Proton to Proton)

All Proton communications are encrypted with TLS (Transport Layer Security) while in transit. Upon arriving at Proton servers, they are decrypted and encrypted again with the recipient’s public key. Afterwards, they can only be read by the user with no possible intervention by others or Proton themselves.

The major benefit of zero-access encryption is that emails remain safe in case of a data breach at Proton servers or by unlawful actions of any rogue employee.

However, since these are not end-to-end encrypted, the security posture also depends on the sender’s email service. For instance, Gmail to Proton Mail communications might remain vulnerable at the sending servers since the former does not have E2EE.

Password Protection (Proton to non-Proton)

This is a workaround to get E2EE when communicating with non-Proton (and non-PGP compatible email) users. Simply set the password (and the expiration date) and give it to the recipient for decrypting.

The catch is these messages expire after 28 days. Although you can set an earlier date for deletion, it can’t be extended beyond 4 weeks. Besides, for some weird reasons, the recipient can only reply up to 5 times to password-protected emails. You also need to set a password for every message you send, even when replying to an initially encrypted conversation.

An alternate and better way for password protection is asking the recipient to set up PGP on their end and encrypt messages end-to-end by importing their public key into your Proton Mail account.^[3]

You need not reveal your name, gender, and phone number while signing up with Proton. Pick a username and set a strong password—that’s it!

However, that puts you at risk of losing the account and the data if you lose login credentials. As a failsafe, you can add a recovery mail address or phone number. You can also download and keep your account recovery kit; a PDF file consisting of recovery phrases to give full access to your Proton account.

Another anonymous way to maintain access to your Proton account even after forgetting your password is by turning on device-based recovery.

In this case, you can download a recovery file from the Proton account to a trusted device. This stores an encrypted backup keychain in your browser’s web storage.

The only limitation is that you need to be signed in to any one of your trusted devices for this method to work. And yes, it remembers your browser and not your device.

So, uninstalling a browser means you have to repeat this process with an active browser before you can benefit from this form of account recovery.

Self-destructing Emails

Self-destruction applies to the emails in your inbox. This is only available to paid accounts under which you can set the received emails to delete on their own on a case-by-case basis.

You can also remove self-destruction if needed.

Note: This differs from the auto-delete feature, which wipes trash and spam folder clean from messages older than 30 days.

Encrypted Attachments

The email body and attachments are encrypted automatically within a Proton account.

The ones sent by non-Proton users to Proton accounts also stay encrypted (after arriving at Proton servers) and come under Proton’s zero-access encryption umbrella.

However, encryption isn’t guaranteed at infrastructure not under Proton’s direct control. For instance, attachments sent from Gmail to Proton may remain unprotected at sending servers.

Proton Mail Bridge

Proton Mail Bridge allows the service to be with popular email clients like Outlook, Apple Mail, and Thunderbird. It ensures the same level of security with your preferred IMAP/SMTP email client as Proton’s native applications.

This “Bridge” runs in the background and uses a separate password for encryption/decryption that happens on the local device. It even supports offline editing.

There are detailed guidelines on how to install Proton Mail Bridge and its security protocols. But you must be on a paid subscription with Linux, macOS, or Windows devices to benefit from it.

Custom Domain and Additional Addresses

Custom domains are great for projecting brand voice. You can indeed use one (your_name@your_domain.com) with Proton Mail. However, you need a paid Proton subscription and, of course, a custom domain. Afterwards, the process is pretty straightforward.

Paid subscriptions allow users to have 10 additional email addresses.

However, there is no such limit on keeping aliases. You can simply suffix your username with +anything and start receiving emails on username+anything@proton_domain.com.

Unfortunately, you can only reply to emails sent to any alias but can’t start new conversations. In addition, it’s easy to guess the real username with such aliases.

To counter that, you can create hidden aliases using the Proton Mail security center, Proton Pass (Proton’s password manager), or SimpleLogin. The easiest way to get started with hidden aliases is with Proton’s Security Center.

You can create multiple aliases from there.

Alias management takes place at Proton Pass, however. You can click All aliases ↗️ to open aliases in Proton Pass.

You don’t need to create another account, as the current one stays valid for all services offered by Proton. You can stop receiving emails on any specific alias or trash it.

Data Import

Proton Mail has a few-clicks, “Easy-Switch” data import facility which works with any IMAP-compatible provider, including Gmail, Yahoo Mail, and Outlook.

Gmail and Outlook support importing email, contacts, and calendars simultaneously. However, you must import one entity at a time with Yahoo Mail.

You can also set up auto-forwarding with Gmail through this Easy Switch.

Both processes are quick enough. Although transferring data from Yahoo takes a little longer, it’s nothing that can’t be done in under a few minutes, and the process is well-documented at Proton.

Additional Authentication

Like all major email providers, Proton supports setting up additional sign-in verification with an authenticator app such as Authy, Zoho OneAuth, and Microsoft Authenticator. U2F and FIDO 2 physical security devices like Yubikey also work as a 2FA medium.

Interestingly, you can also deploy Two-password mode.

If turned on, this will have you enter two passwords—one for login and another for decrypting the mailbox. Personally, I would not turn this on unless absolutely required because a single strong password is enough. Additionally, you can always turn on multi-factor authentication for greater security.

Regulatory Compliance

The best business use case for deploying Proton Mail is for internal communication. Since it offers E2EE by default, all the messages are secure without any additional configuration.

For emails to non-Proton users, everyone must set a password for end-to-end encryption. As for Proton servers, all business communications remain secure even if done with a 3rd-party mail service.

Proton Mail also supports GDPR and HIPPA compliance. A business can sign a Data Processing Agreement (DPA) and Business Associate Agreement (BAA) for GDPR compliance and HIPAA compliance support, respectively.

Proton Mail Use Cases

Proton Mail perfectly fits a number of situations for individuals and business professionals, as indicated below.

Personal Use: Proton Mail is a good daily driver for anyone not wanting to get profiled and aimed with targeted ads.
Corporate Communications: 58% of businesses were shut down because of internal information leaks via email.^[4] With E2EE, Proton Mail helps you avoid the same fate by securing internal/external collaboration or anything business-critical to keep things away from prying eyes.
Journalism & Activism: These are two high-risk domains with one wrong move resulting in catastrophic consequences. Proton’s free tier and feature-rich paid subscriptions are a must-have for these professionals.
Businesses Handling Sensitive Data: Business domains, such as legal, healthcare, financial, and government, can deploy Proton to protect end-user data from breaches and MITM attacks.

What are the Benefits of Proton Mail?

There are many pros of using Proton Mail. If you’re on the fence, I’ve listed 5 major benefits that will help to take you the call.

Strong Data Security and Privacy Standards: From what I’ve seen with Proton Mail, this is one of the best options for email security. Most everyday users expect and will need end-to-end encryption and expiring emails.
User-friendly Interface with High Customization: In spite of all the security, Proton Mail ships with a user-friendly and modern interface. Coming from Gmail and Outlook, I never felt out of place. Beginners can use Proton Mail as-is, and advanced users can configure it to their advantage.
Enhanced Anonymity for Users: You don’t give phone numbers while signing up for Proton Mail, and its anonymous recovery options indicate it’s possible to use an email service without giving out personally identifiable information.
European GDPR Compliance and Swiss Privacy Laws: Data privacy is at the heart of Proton Mail. It’s GDPR compliant and supports businesses to comply with industry and location-specific data compliance.
Cross-platform Accessibility: Proton Mail has native applications for popular operating systems, such as Windows, macOS, Linux (Beta), Android, and iOS. Others can use its web application on any web browser.

Note: Don’t dump your standard email provider just yet! The best way forward is to try Proton Mail’s free tier before committing to sustained use.

Proton Mail Pricing

Proton Mail has a wide range of plans for individuals (free tier available) and groups, as I’ve indicated in the table below.

Plan	Base Price	Unique Features
Individual	$3.99/month	15 GB storage, 10 additional addresses, 1 custom domain
Duo	$14.99/month	1 TB storage, up to 2 users, 30 additional addresses, 3 custom domains, Proton VPN, Proton Pass, Proton Drive
Family	$23.99/month	3 TB storage, up to 6 users, 90 additional addresses, 3 custom domains, Proton VPN, Proton Pass, Proton Drive
Business	$6.99/user/month	15 GB storage/user, 10 email addresses/users, 3 custom email domains

Proton Mail Support

Support is one of the major downsides of Proton Mail. You only have ticked-based support without any live assistance via phone or chat. However, they can provide call-based onboarding support for business subscriptions.

On the upside, their documentation is really vast, with detailed guides for the most common errors you might encounter.

Proton Mail Competitors

I’ve detailed popular alternatives, like Tuta, Mailfence, Zoho Mail, and Startmail, below for you to consider if Proton Mail isn’t your cup of tea.

Tutanota

Tuta is a great option if you want to take encryption one step ahead. With that, I mean it also encrypts subject lines, compared to Proton, where encryption is limited to the message body and attachments.

The conversations are end-to-end encrypted and you need to set a password to send encrypted messages to non-Tuta users. You can use the same passwords in future conversations too—another big upside over Proton Mail.

Plus, it has a free tier and cheaper family plans (starting at €3/month). You also have business plans for €8 per user/month.

Tutanota has cross-platform presence with applications for Windows, macOS, Linux, Android, and iOS.

Mailfence

Mailfence is another secure email service that works similarly to Proton Mail. It uses PGP encryption but does not encrypt the subject line.

Communications between Mailfence users are always encrypted. For others, you must enable passwords for sending a link to the recipient to check the protected message on Mailfence servers.

You can get started for free with Mailfence. Paid subscriptions start at $2.5/month and $3.5/month for individuals and business users, respectively. It has apps for mobile platforms, Android and iOS, and web apps that you can use with any web browser.

Zoho Mail

Zoho Mail is a GDPR and HIPPA-compliant email service aimed at businesses. Though they offer end-to-end encryption, the type and process depend on the subscription. The base level plan has password protection, while the higher tier comes with E2EE by default.

Zoho implements E2EE via S-MIME, compared to OpenPGP at Proton. There are differences between the two, the biggest of which is key management.

Put simply, you will resort to a certificate authority for centralized key exchange in S/MIME, whereas it’s based on a decentralized web-of-trust mechanism in OpenPGP. S-MIME is also widely supported by most email providers, including Apple Mail, Microsoft Outlook, Gmail, and Thunderbird.

You get a 99.9% uptime guarantee, apps for popular platforms (Windows, macOS, Linux, iOS, and Android), and ultra-affordable subscription plans starting at $1/user/month.

StartMail

StartMail has PGP encryption working quite similarly to Proton Mail. It natively deploys E2EE for PGP-compatible email providers, or one can password-protect to communicate securely with others.

You can set up unlimited aliases and unlimited custom domains with StartMail’s business account. It features data migration, shared email addresses, link protection, one-click burner aliases, spam filters, and more.

StartMail is GDPR compliant premium provider you can try for 7 days without paying.

Here’s a comparison table of Proton Mail with its alternatives, highlighting differences in encryption type, custom domains, MFA, free tier, starting price, and apps.

	Proton Mail	Tuta	Mailfence	Zoho Mail	StartMail
Encryption Type	OpenPGP	Proprietary	OpenPGP	S-MIME	OpenPGP
Custom domains
Multi-factor authentication	TOTP and U2F/FIDO 2 keys	TOTP and U2F key	TOTP	TOTP and U2F/FIDO 2 keys	TOTP
Free tier
Apps	Windows, macOS, Linux, Android, iOS, and web app	Windows, macOS, Linux, Android, iOS, and web app	iOS, Android, & web app	Windows, macOS, Linux, Android, iOS, and web app	Web app
Starting Price/Month	$3.99 (billed annually)	€3 (billed annually)	$2.5 (billed annually)	$1/user (billed annually)	$3 (billed annually)
Rating Geekflare’s editorial team determines ratings based on factors such as key features, ease of use, pricing, and customer support to help you choose the right business software.	4.8 /5	4.4 /5	4.2 /5	4.5 /5	4.1 /5
Explore	Proton Mail	Tuta	Mailfence	Zoho Mail	Startmail

Who Should Use Proton Mail?

Although you can start free with Proton Mail, the features (especially the storage) are anything but for serious use. Afterward, it’s a paid service, which puts us against our decades-long practice of using free email.

But even the security isn’t without some noticeable caveats. For instance, encryption only works best with a PGP-compatible provider, and password-protected mails are not the best in daily routine.

I mean, it’s tough to remember passwords for every conversation (and every new message in a single thread). And even then, it’s just 28 days, and your message will be gone! Personally, I sometimes have to go through month-old emails, both personal and professional.

So, this brings us to a critical question—what are the ideal Proton Mail use cases? Well, here they are 👇.

Secure one-off communications—Journalists/Activists.
An end-to-end encrypted internal email service—Businesses.
Private conversations with Proton Mail or other OpenPGP-supporting email service users—Individuals.
Anyone looking to decouple from big tech—Privacy-conscious users.

Reminder: Proton Mail doesn’t encrypts subject lines.

Who Shouldn’t Use Proton Mail?

This section is a must-read before you onboard Proton Mail. In short, don’t use Proton Mail if you resemble any one of the listed situations.

Third-party integrations are a priority: Business users connect their email with a lot of external applications, such as calendars, task management tools, CRM apps, note-taking software, and more. Unfortunately, Proton Mail is no match in terms of the number of pre-built integrations popular email providers have already built for them. Business apps readily connect with Gmail, Outlook, and the like, and this condition is not going to improve sooner.
If you don’t want to pay for email: Since Proton Mail’s free tier is pretty restricted (up to 1 GB of storage), you’ll be out of storage pretty soon. Besides, free subscriptions only provide up to 3 folders and labels. This can impact businesses or power users who segregate emails into categories, senders, etc. Finally, Proton Bridge is only for paid users, which means you can’t use Proton Mail with the email client of your choice without paying.
You need cheap large storage: At $3.99 a month, Proton Mail only comes with 15 GB of storage. This is what mainstream email services provide without charging anything (directly!). The next tier has 500 GB storage at $9.99/month and has additional tools such as a VPN and a Password Manager. While the latter has terrific value for the price, it’s not aimed at email-only users wanting greater than 15 GB of storage (which is not much if you routinely use attachments). Plus, there’s no paid plan between $3.99 and $9.99 subscriptions, unfortunately.
You don’t bother being profiled: Privacy is not everyone’s number one agenda. In fact, privacy is not important for 29% of US adults.^[5] If you belong to that bunch, then your emails are probably well off with big tech.

Proton Mail Verdict

Based on my testing experience, Proton Mail will be my go-to email service for sensitive conversations. I liked its interface, encryption, and security protocols. Even for advanced users, there are plenty of customization options to ensure that you can configure it the way you want.

Besides, I’ve had good experiences with other Proton offerings (like Proton VPN) and trust the team behind these products.

On the flip side, its password-protected emails are a deal breaker. Moreover, the 28-day expiry is too limiting, and setting passwords for every new email in a conversation is quite a hassle for everyday use.

Overall, Proton Mail receives the Geekflare Innovation Award due to its interface’s ease of use, (mostly) excellent security and encryption systems, and cross-platform compatibility. A special mention goes to its Proton Bridge feature, which provides users with secure emailing through their preferred email client and adds comprehensive versatility to the service.

If you’re privacy-conscious or deal frequently with sensitive information, Proton Mail will definitely exceed your expectations!

References

Click to Expand

Hitesh Sant
Contributor
- LinkedIn
Hitesh Sant is a business technology expert at Geekflare. His areas of expertise span across cybersecurity, VPN, and small business software. His work extends beyond generic research to demonstrate his first-hand experience, which ultimately helps people make the best buying decisions.
Anirban Choudhury
Editor
- LinkedIn
Anirban Choudhury is as an editor at Geekflare, bringing over 7 years of experience in content creation related to VPNs, Proxies, Hosting, Antivirus, Gaming, and B2B2C technologies.