I have been using ProtonMail full-time for over five years, and recommending it for almost six. My contact form forward emails to a ProtonMail account, and any of you that have interacted with me have done so through ProtonMail on my end. A lot has changed since ProtonMail’s beginnings. This post will cover the basics of ProtonMail: how it encrypts your data-in-motion, data-at-rest, and some other features.
In the last installment, we discussed the features included in free ProtonMail accounts. ProtonMail offers three paid tiers. One of these is designed for individuals, one for professional/corporate accounts. The third is the Visionary account, an account boasting maxed-out capabilities. I will briefly discuss the free tier, and then discuss additional capabilities of paid accounts.
Obviously I am a fan of ProtonMail, and I selfishly want others to use it so more of my communications are encrypted. However, I have pay full price – minus discounts available to all ProtonMail users – for both of my paid ProtonMail accounts (one a ProtonMail Plus plan, one a ProtonMail Professional plan). I pay full price, out-of-pocket and have received no discounts, free service, or any other incentive from ProtonMail.
The free tier of ProtonMail offers all the stuff we talked about last time: essentially, encrypted communication and zero-knowledge storage. I’m mentioning this tier because I want to point out what it does and does not offer; it is a very limited account, and strongly incentivizes serious users to upgrade.
The biggest limitation of the free account is storage. ProtonMail’s free tier caps your storage at very small 500 MB. Half a gigabyte isn’t much at all when you consider that a Google account provides 15 GB of free storage. Anyone using ProtonMail as a mainstream email replacement will quickly exceed this storage limitation.
There are some other minor limitations, as well. Quite honestly, most of these can probably be tolerated by the average user. The security conscious and power-user will certainly want more, thought. At the free tier you only get one email address (see explanation further down), three labels/folders, and limited customer support. I see the free tier being useful in several instances.
First, if you simply cannot afford to pay for email, this might be workable, but would require studious monitoring of your storage. Secondly, if you are using an account for a single purpose (i.e. one ProtonMail account to manage your online purchases) a free one would probably suffice. In fact, I have several free ProtonMail accounts for purposes of this nature. Next, a free account is an excellent starter account. This is how I generally recommend individuals migrate to ProtonMail; begin with a free account, and pay for it once you are certain you’re happy with it but become service-limited.
Accessing ProtonMail’s paid features requires subscribing to a paid plan. As I previously mentioned, these are organized into “Plus,” “Professional,” and “Visionary.”
Upgrading to a paid plan requires logging into your account. On the home screen click on the “Upgrade” button at the top of the screen.
The following menu will allow you to select your preferred plan.
ProtonMail Plus is the ideal consumer-level account. Subscribing to the Plus tier gives a minimal, predefined set of added features, with the option to increase specific ones, à la carte, based on user needs. Plus plans begin with a base price of $5/month. An annual subscription at base levels will get you a discount resulting in a total of $48.
ProtonMail Professional plans are designed for companies/enterprises. Professional plans allow a single administrator to setup multiple accounts for various users. These accounts can be “private” (meaning the administrator cannot access their contents) or not. This is probably not an ideal account type for an individual user. ProtonMail Professional costs a base price of $14.40/month, plus an additional $6.25 per additional user. Again, a healthy discount is available if you’re willing to subscribe for a one-year plan.
ProtonMail Visionary is, as I mentioned earlier, an all-inclusive account with maxed-out features of ProtonMail Plus. Interestingly, it also offers the ability to have up to six additional users similar to the Professional plan. ProtonMail Visionary costs $30/month, or $288 for a full year.
Let’s look at the individual features that make up these tiers. I’m going to focus on the ones that are important to privacy- and security enthusiasts.
This feature is one that I debated putting into the last article. ProtonMail offers the ability to use a shortened URL, like “firstname.lastname@example.org”. I chose to put it in this article because the full features are not available to free plans. Free plans can activate the “@pm.me” function, but it can only be used for receiving emails, not initiating a conversation. Paid plans can fully utilize “@pm.me” accounts for all their addresses.
Since this address is truly a different email address, a separate key is generated for it. I will delve deeply into key generation and key management in the next part of this series.
Subscribing to any paid ProtonMail account will automatically increase your storage from 500 MB to 5 GB. Additional storage can be purchased, up to 20 GB. Each gigabyte of storage costs roughly $0.67/month, with the max (20 GB) cost $10/mo. ProtonMail Visionary comes with 20 GB of storage.
Professional plans work slightly differently; for every user added to a Professional plan the overall plan is granted 5 gigabytes of storage. This storage can be allocated to that user, or to other users on the same plan. For example, if you have five users on a plan, the overall storage for the plan is 25 GB. Each user can be allocated varying amounts of storage space as long as the total does not exceed 25 GB.
Personally, I find 5B of storage to be adequate for my needs. I aggressively manage my inbox, and frequently delete messages (sent or received) that contain large attachments. Thanks to careful management of Blur email addresses, I receive very little spam, so I am still well under my current 5 GB limit.
The next feature offered with paid plans is additional addresses. This is one of the most important features to me, and likely to most people who would read this blog. Additional email addresses are also one of the built-in features that separates ProtonMail from more conventional email providers.
Additional addresses are exactly what they sound like: separate email addresses that forward to a common inbox. This allows the user a great deal of privacy by letting her use different email addresses for different purposes. For example, it’s not a best practice to use the same address for Craigslist transactions that you use for your bank’s online account, and not ideal to use either of those addresses for your personal contacts.
Upgrading to ProtonMail Plus gives you access to five addresses. Additional addresses can be added in groups of five, with five addresses running approximately $0.67. The maximum, 50 addresses, costs an additional $6/month. Again, ProtonMail Professional works a bit differently. With ProtonMail Professional the initial account gets 10 addresses, and five are allocated for each additional user. These addresses can be allocated, similar to the way storage can be allocated.
There are a couple nuances to these addresses that you should be aware of. If you set up additional @protonmail.com or @protonmail.ch addresses, they can never be deleted and will always count against your allotment of email addresses. Emails created on custom domains (discussed below) can be deleted so they will not count against your allotment of email addresses.
As a note of caution, I have had difficulty removing email addresses created on a custom domain. First, removing a custom domain address requires deleting all emails associated with that address. This is problematic if you have emails that you need to retain, but simply no longer wish to maintain the address. Secondly, I have one address that, even after deleting all associated emails, refuses to be deleted.
This is not a feature that is completely unique to ProtonMail but it is very cool. It is also a feature that will likely appeal to the privacy-conscious. Let’s first discuss the reasons a custom domain might be important.
First, it allows you to give out an email address that is not “@protonmail.com/ch”. Typically, I don’t have an issue giving out a ProtonMail address; it’s often a great introduction into discussing privacy topics and educating others about ProtonMail. If you are traveling internationally or are working in certain capacities this can make you “interesting” and/or paint you in an undesirable light. A non-alerting custom domain is a great way to avoid this. If your custom domain is “example.com” you now have the ability to create email addresses like, “email@example.com” or “firstname.lastname@example.org”.
Secondly, if you actually own a custom domain used for a site, blog, podcast, etc., you can create and use a professional-looking email address. Example: rather than using something like “email@example.com” [not an actual email address; please don’t contact it] I can use an email address on my actual domain.
ProtonMail Plus comes with one custom domain. You can purchase up to 10 additional domains at a cost of $1.50/month each. ProtonMail Professional comes with two custom domains with the ability to purchase up to 100. ProtonMail Visionary includes 10 custom domains.
Updated 10/31/2019: ProtonMail also offers encrypted contacts, and a varying level of capability between free and paid users. The free users can store an individual’s name and email address. Email address that contact the user, or that the user contacts are added to this database automatically, though this can be turned off. This is similar to how mainstream email providers work.
Paid tiers have the ability to import all of their contacts’ information, including physical address, telephone numbers, notes, and even a photo. This is a pretty cool feature, as it provides a secure place to store all your contact information. Again, however, this is only available with the paid tiers.
A number of other usability features are included with paid plans. These included catch-all addresses, mail sending limits, folders and labels, autoresponders, catch-alls, and more. Since these aren’t specifically geared toward security, I will let you look into these yourself.
You can also bundle a ProtonVPN subscription with our ProtonMail email account. There is a fairly steep discount for bundling these together and signing up for longer terms (I recently got 47% off when I signed up for both for two years). Since ProtonVPN and ProtonMail are two distinctly different products I will review ProtonVPN separately in an upcoming article.
This article has covered some of the features that differentiate ProtonMail from a lot of other services on the market. These first two posts have largely been geared toward those with little knowledge of ProtonMail. The next post will cover some of the extremely thoughtful “advanced” security features of the platform. Stay tuned.