ProtonMail: Quick Review

I just signed up for ProtonMail to try it out. Here are my first impressions.

[EDIT: I was pretty harsh in this review, but I now enjoy using ProtonMail and do so regularly! See the bottom of this post for an update from July 2016.]

The Good

  • Easy to submit feedback within the app

  • Mostly pleasant to use (see more below)

  • One password for logging in, separate password for encrypting/decrypting my emails

  • Can send emails to non-ProtonMail users

  • Paid plans support using one's own domain, not just protonmail.com and protonmail.ch

The Bad

Here are some really obvious annoyances and UX improvements that I think they should make to their Android app and web app.

1. Is this encrypted?

There's a lock symbol visible when an email is being drafted, clearly indicating that it's encrypted and secure. Except that's not what it means at all unless there's a check next to the lock.

In short, emails are sent unencrypted by default, which makes sense since you need either the public key of the person you're emailing or need to specify a shared secret that you give the recipient so that s/he can decrypt your email, but most users don't understand that, it's not made clear in the UI, and that's bad :-(.

And since users don't see how their sent emails show up on the email services used by the people they're emailing, I wonder how many users think their emails are encrypted when they in fact are not?

In my opinion, that locked lock icon doesn't exactly scream "look out -- this email is being sent unencrypted!"

Suggested change: show an "unlocked" icon if the email won't be encrypted, and a "locked" icon if it will be encrypted.

2. Even if the email is encrypted, the subject line isn't

This is kind of surprising even to me and I think will be to less technical users, who are being told that these emails they're sending are encrypted/secure/only readable by the recipient.

Suggested change: either warn users that the subject isn't encrypted, or leave the subject empty and insert "Subject: ..." as the first line of the body of the email, so that both are encrypted.

3. Poor support for enlarged fonts in web app and Android app

This goes for the web app and the Android app. (See the list of emails on the left.) I ran into a similar issue in the Android app.) It's hard to see who emails were sent from.

4. Security headers could be better

Very good, but could be a bit better; letter grade: B.

5. Meta point: why the obvious usability issues?

Suggested change: find users in person and watch them use the product! You could find that others don't think these things are confusing, but I highly doubt it.

Bottom Line

Right now, I do not recommend ProtonMail. They need to fix the above issues, which are UX problems that are effectively security issues, which is A Bad Thing for a secure email service.

Update #1: 2016.07.16

I've been trying out ProtonMail and Tutanota, the 2 best encrypted mail services I could find, for a few months now. Originally I liked Tutanota better, as it doesn't have problems #1 and #2 mentioned above, but I've since been won over by ProtonMail. Here's why:

  1. Problem #1 sucks for new users, but now that I know about that it's not a big deal.

  2. Problem #2 is unfortunate indeed, and I'm trying to remember not to put anything/much in the subject.

  3. Problem #3 is a non-issue now that I changed the default layout of the web app to one that happens to be big font-friendly.

  4. Problem #4 is quite minor.

  5. Problem #5 is still an issue, but compared to Tutanota, the UX is fantastic, though and other than problems #1 and #2,

  6. There are too many annoyances and inconveniences with Tutanota, which friends of mine have also noted when we tried it out together; ProtonMail is simply a better product.

  7. ProtonMail's paid plans have gotten much cheaper since I first checked them out ~3 months ago; Tutanota used to be way cheaper, but now they're about the same.

  8. ProtonMail also stopped logging IPs and thereby interfering with access from Tor users, which is important to me.

  9. And finally, I realized that I was refusing to switch to ProtonMail because it is imperfect, and that it's actually way more secure than what I'm using now (namely unencrypted-by-default email from a big-name email provider and PRISM partner), so upgrading makes sense.

  10. ProtonMail added hotkeys/shortcuts for their web app :-D. Now I can be way more productive.

Net result: I'm sold! ~Literally. I just signed up ProtonMail's paid ($4-5/month) plan. I'll let you all know how it goes!