Tuta is a end-to-end-encryption mail and calendar provider. They recently wrote a good blog-post about changing to european services.
Tuta is a end-to-end-encryption mail and calendar provider. They recently wrote a good blog-post about changing to european services.
I checked out their business offering because I was curious and apparently they don’t even support single sign-on.
What the hell‽ How do they expect to sell to businesses if they can even support the most basic features like SSO in 2025?
This is made worse by the fact that they don’t support phishing resistant authentication like passkeys. Single sign on could have solved this since login (including stuff like mfa) would be handled by idP
What SSO are you expecting? Google? Microsoft? GitHub? You see the problem here?
The missing passkey is certainly something they can work on but this is definitely not a critical feature
I would want to be able to use any of the common IdPs. That does indeed include Google Identity, Microsoft Entra ID, GitHub, Okta, AWS, but also self hosted (and often open source) IdPs like AD FS, Keycloak, Shibboleth, Gluu Server, and so on.
It’s ridiculous that a supposed business plan doesn’t support SSO to even generic spec compliant SAML or OIDC IdPs. It’s not exactly rocket science.
There is absolutely no way in hell we would ever use this at work when it lacks even rudimentary SSO.
It might be targeted more towards smaller businesses but more and more companies are moving towards SSO and passwordless so they should implement it.