[norenh]

One reason is that tuta does not require you to have any other connection to create and account. Protonmail require a second mail, phone or possibly some kind of payment if I recall correctly (for verification?) that could be linked from your account in theory.

Without having a good anonymous starting point, protonmail does not let you get that starting point, at least the last time I tired (maybe a year ago).

[PrimeMcFly]

ProtonMail never used to require another email to verify, and only asked for a phone if I was on an IP that had made more than one account already.

[GTP]

Or, AFAIK, if you're registering using TOR.

[flotzam]

Yes, Proton is hostile to Tor even though they deceptively market themselves as anonymity friendly: https://news.ycombinator.com/item?id=37174259

It's a stark contrast to Tuta, which allows anonymous account creation with Tor Browser if you pay with cryptocurrency (Monero or Bitcoin, via their partner ProxyStore) and doesn't require a whitelisted verification email address or any other data.

[protonmail]

An additional email address is required only in cases when our system detects something suspicious about your network, so if you are coming across this, we recommend changing nodes. If you keep coming across the same issue, please contact us at: https://proton.me/support/contact, so we can take a closer look.

The email addresses, however, are not tied to your account - we only save a cryptographic hash of your email address. Due to the hash functions being one-way, we cannot derive your data back from the hash: https://proton.me/support/human-verification.

[hackideiomat]

Who cares if you hash it, cracking a hash of an e-mail is easy AF compared to passwords. Especially on agency scale... How do you hash it? Argon2 or rather some extremely fast to crack hash?

[wkat4242]

It's a difficult issue. If they allow unlimited signups via Tor, people will bulk sign up for accounts and use them for spamming, scamming, threats, phishing and other crap. I can imagine why they don't tbh.

[flotzam]

Proton forbidding anons from opening free accounts might be necessary for anti-spam/deliverability. But even paid accounts?

"They accept cryptocurrency, but only for existing accounts - after you've already doxxed yourself" (during the initial signup flow, where this payment option has been removed)

This looks very bad to me.

[wkat4242]

Good point. I didn't think about that.

[m-p-3]

I have an email that I've created and only accessed through their Tor hidden service hostname

   https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/

and I was never asked to provide any personally identifying information.

[flotzam]

As always when people post this, I just tried it with Tor Browser, and, as always: "No verification method available"

Did you access the .onion with something more fingerprintable like Brave?

[m-p-3]

No, just the plain Tor Browser.