This in-depth guide shows you exactly how to encrypt email, while also taking a look at the best encrypted email services.
Despite being one of our oldest methods of online communication, email is still one of the most popular. Untold billions of email messages fly around the world every day, carrying personal and business messages that we depend on, making email a prime target for snoops and spies of all types.
Unfortunately, experience shows that most large email providers do not respect the privacy of your inbox. For example,
- Gmail was caught giving third parties full access to user emails and also tracking all of your purchases.
- Advertisers are allowed to scan Yahoo and AOL accounts to “identify and segment potential customers by picking up on contextual buying signals, and past purchases.”
- Yahoo was also caught scanning emails in real-time for US surveillance agencies.
And the problem runs deeper than the policies of your email provider.
Where your email service is located can have a huge impact on your email privacy. While jurisdictions like Switzerland have laws that protect your online privacy, others (unfortunately including the United States and its Five Eyes friends) have laws in place to erode it.
Leaving aside all the folks who can legally stick their nose into your email communications, there are also the illegal peeping Toms. While email services take steps to protect your messages from outsiders (aside from themselves), these steps are not foolproof.
Data breaches do result in crooks getting their hands on the passwords of email accounts, which can result in identity theft, fraud, and other crimes. Hackers do manage to get access to people’s inboxes. If some creep gets access to your inbox, there is nothing to stop them from reading your email and stealing all that juicy personal information.
As you can see, email security is a big issue today. There are a lot of different ways in which your email privacy can be compromised. In this post we’ll talk about various scenarios in more detail, and I’ll show you how to encrypt your email to protect against at least some of these problems.
Why is email encryption important?
Once you see the scope of the problem, we think you’ll agree that you need to encrypt at least some of your emails.
Data breaches – Breaches of the databases at companies large and small expose hundreds of millions, if not billions of records per year. Some unknown number of those records are email messages, stored on mail servers around the world. Bad guys of all stripes target email messages because they can contain valuable information that can be sold or used for fraudulent activities. Financial data, vacation plans, corporate strategies, and personal data are all juicy targets.
Pervasive surveillance – Years ago, Snowden and others revealed the vast scope of surveillance programs (many of at best marginal legality) that are being run around the world. Since then, the problem has only grown, with governments around the world sucking up every bit of email data they can get their hands on. Private companies are in on the act too, who may collect and sell your email content, or use it to target you with heads.
Because most email services store your data on their servers in unencrypted form, you have no real privacy. Hoping that big providers of free email services like Gmail won’t read your messages and use what they find for their own purposes, is foolish in the extreme.
We know that Gmail, for example, reads through every message you send or receive looking for information like airline reservations to add to your calendar. Then there is Smart Reply, an optional feature that reads messages so it can suggest short replies that might be relevant to the content of that message. While features like these can be useful, they can only work if Gmail can read and understand (at least a little bit) your email messages.
How can you protect your email messages?
There are a few approaches you can take to protecting your email messages from being read by the wrong people. The easiest solutions are ones where the email provider makes sure that only the intended recipient can read the messages you send.
Gmail’s Confidential mode
Gmail’s Confidential mode is an example of an approach where the email provider makes sure that only the intended recipient can read messages. Beyond controlling access to the message, Confidential mode restricts what the recipient can do with the message (no forwarding, etc.), and causes the message to be inaccessible after a set amount of time. This sounds good, so let’s keep going with it.
To use Confidential mode, you compose your message normally. When you are ready to send the message, you select Confidential mode. Gmail displays the following dialog box:
This looks promising. For someone to read the message, they will need to enter the passcode. But there are a couple of drawbacks to this approach.
First is that passcode. Note the sentence circled in red, “All passcodes will be generated by Google.” In other words, Google is in control of the code that gives access to the message, not you, and not the recipient.
Second is the fact that selecting Confidential mode doesn’t hide the contents of your message from Google. Confidential mode protects your mail from everyone except Google. It doesn’t create an encrypted email message. It simply prevents someone from seeing the message unless they enter the password. A solution like this is only useful if you don’t mind your email provider continuing to have access to your email.
If you really want to protect the privacy of your inbox, you can’t rely on solutions like Confidential mode. It is time to talk encryption.
About email encryption
If we start talking about the details of various ciphers and encryption algorithms we’ll be here for a very long time… and your email may never get encrypted. So we’re going to try to keep this discussion at a high level.
To protect your email against any and all of the attackers we discussed at the top of this article, we need to use something called end-to-end encryption. This is often abbreviated as E2E encryption (or even E2EE).
Why use E2E encryption with email
E2E encryption means that you encrypt something (email in our case) on your computer or mobile device, and the recipient decrypts it on their computer or mobile device. Why is this important?
Think about how an email message gets from you to the recipient. You create the message in some email program. When you hit Send, the message passes out of your computer onto a connection controlled by your Internet Service Provider (ISP). The message then goes to your email provider, who passes it along another connection controlled by some other service, and so on. Eventually, the message arrives in the recipient’s inbox at their email provider. Then it goes through another set of connections controlled by other entities until it ends up on the recipient’s computer to be read.
That’s an awful lot of steps. At any one of those steps it is theoretically possible for someone to try to read your email.
E2EE solves this problem. Done right, no one read encrypted messages except the sender and the recipient.
If you encrypt your email before it leaves your device, and the recipient decrypts it once it arrives on their device, no one in the middle will be able to read it.
Since E2E encryption is the way to go, we’ll show you one way you can do it. But first we have to discuss…
The drawbacks of E2E encryption
While E2E encryption is the only way to protect your email from the various threats out there, it does have some real drawbacks, such as:
- It is more complicated than just sending email the old way. You’ll see what we mean in the next section.
- The people who receive encrypted emails need to know what to do with them. This too will become clear shortly.
- The powers that be don’t much like any kind of encryption. Encryption makes it harder for governments and law enforcement to spy on you, corporations to earn money from your personal data, and social media companies to censor you.
How to encrypt email
There are two ways to E2E encrypt email. On the assumption that you are not prepared to change email services right now, we are going to talk about how you can E2EE the bodies of your emails before letting providers like Gmail and company see them.
Recommended: The alternative approach is to switch to a secure email provider that respects your privacy and builds E2E encryption right into their product. For more on this approach, check out our review of the best private and secure email providers.
How email encryption works
The essence of the process is that regular readable text (also called plaintext) gets converted into encrypted text (also known as ciphertext). The “key” to the encryption process is that the algorithms use an encryption key to turn plaintext into ciphertext. Likewise, the decryption algorithm that turns ciphertext back into plaintext depends on a decryption key.
Encrypting an email message turns the body of the message into ciphertext. Some encryption approaches also encrypt additional parts of the message, possibly including the subject line and/or any attachments.
However, certain parts of the email need to remain unencrypted. For example, the email address of the recipient cannot be encrypted if you want the message to actually arrive at its destination! Other metadata is also readable, one of the key drawbacks of email in general (but we’ll discuss more secure alternatives below).
Symmetric vs asymmetric encryption
There is one more aspect of how encryption works that you need to know about before we can move forward. Remember that we said turning your message into ciphertext requires an encryption key, and turning it back into plaintext requires a decryption key.
The relationship between the encryption key and the decryption key can be either symmetric or asymmetric. In symmetric-key encryption, the encryption key and the decryption key are identical or related by a simple transformation. In effect, the encryption/decryption key pair is a secret shared between the sender and the recipient.
To send a message using symmetric key encryption, the sender encrypts the message using their copy of the secret key and the recipient decrypts it using their copy of the secret key.
In asymmetric-key encryption (more commonly known as public-key encryption) the relationship between the encryption and decryption keys is much more complex. Each person has both a public key and a private key. The public keys can be shared publicly and are used to convert plaintext to ciphertext. The private keys are kept secret, and used to convert ciphertext back into plaintext.
With asymmetric-key encryption, there is no need for a shared secret. Both parties publish their own public keys and keep secret their own private keys.
To send a message using asymmetric key encryption, the sender encrypts the message using the recipient’s public key and the recipient decrypts it using the recipient’s private key.
Pros & cons of encryption methods
Symmetric-key encryption is easier to implement, and generally faster to encrypt/decrypt messages, but require the sender and receiver to somehow agree on an encryption key and share it (securely). This could require a phone call, face-to-face meeting, or some other creative methods.
Asymmetric-key encryption is more complicated, in that it needs some system for discovering the public key of a person you want to communicate with. Certificate Authorities issue digital certificates that certify that a particular public key is owned by a particular person. Certificate Authorities need to be trusted services for this approach to work, but they make it possible to send encrypted messages to someone you have never communicated with before.
How to encrypt email using InfoEncrypt
There are several tools out there for encrypting email messages. Some only work on a particular operating system (OS). Others only work in conjunction with specific email programs.
In the interest of presenting something that anyone can use on any OS, with any email program, without making this post truly enormous, let me present Infoencrypt.
As you can see, InfoEncrypt is a free, browser-based encryption service that lets you encrypt any text using the AES 128 encryption algorithm. You can use InfoEncrypt on any device, with any browser that supports Javascript.
Note: You probably wouldn’t want to rely on a free web service if you are trying to secure data from powerful adversaries. However, this service should be fine for protecting the contents of your email from run-of-the-mill hackers and similar snoops.
AES 128 is a symmetric-key encryption algorithm that is fast and efficient, yet secure. Because it is symmetric-key, you will need to find a secure way to share the encryption key with the recipient.
Let’s see how this works. In this example, a secret information source (the sender) will encrypt a short message using InfoEncrypt, then email it to me (the recipient). Since the sender and I have already shared the encryption key (the password), I will be able to use that key to decrypt the text of the message using InfoEncrypt.
Follow along to see how to encrypt email and decrypt it on the receiving end using InfoEncrypt:
- The sender goes to InfoEncrypt.com, then scrolls down to the Text to encrypt (or encrypted code to decrypt) box.
- The sender enters the text they want to encrypt, then enters a strong password into the Password and Confirm Password boxes.
- The sender clicks the Encrypt button. InfoEncrypt uses AES 128 and the password to encrypt the message. It replaces the plaintext with something like the following, which is both the ciphertext generated from the plaintext and some additional information that the recipient will need to decrypt the message.
- To send the encrypted message to the recipient, the sender copies the entire contents of the “Text to encrypt…” box, pastes it into the body of the email message, then sends it like any other email message to the recipient.
- When the recipient opens the message, the body of the email will contain the contents of the “Text to encrypt…” box:
- The recipient then reverses the process by copying all the text beginning with, “—–BEGIN INFOENCRYPT.COM MESSAGE—–” and ending with, “—–END INFOENCRYPT.COM MESSAGE—–” and pastes that text into InfoEncrypt.com.
- The recipient enters the shared password into the Password field then clicks Decrypt to see the original message.
Using a tool like InfoEncrypt is clumsy, and takes more steps than you might like, but it is an easy, free, and broadly useful way to send encrypted text by email without having to install new software, change email services, or anything like that.
What are the best encrypted email services?
As noted above, we think the best solution is to switch to an email provider that offers support for end-to-end encryption. Many email services offer support for various encryption options:
- One of the most popular encryption methods for email is PGP, which stands for Pretty Good Privacy. Support for PGP is built into most secure email providers.
- Some email services rely on a unique encryption method, outside of PGP. One popular example of this is with the email provider Tutanota.
- Email services also allow you to send a link to an encrypted message that can be accessed with a shared password.
If you are open to switching to a secure email service that supports built-in encryption, we’d encourage you to explore our guide on secure and private email services.
Here are the best encrypted email services:
- Tutanota – Based in Germany; free plans; very secure and open source email with full encryption of email inbox, contacts, calendar, and subject lines. (Tutanota does not use PGP due to concerns over PGP limitations and weaknesses.)
- ProtonMail – Based in Switzerland; free plans; secure and open source email that is based on PGP encryption
- Mailbox.org – Secure and private email based in Germany; fully-featured, support for PGP encryption
- Posteo – Privacy-focused email service based in Germany; anonymous payment options; no support for custom domains; strong PGP encryption standards
- Mailfence – Secure email based in Belgium, free plans up to 500 MB, fully-featured with built-in support for PGP encryption
- Runbox – A private email service in Norway, support for PGP encryption
- CounterMail – Based in Sweden, this email offers strong encryption options (based on PGP).
- CTemplar – This open source email provider in Iceland uses strong encryption standards and is very privacy-focused.
- Kolab Now – A higher-priced email service in Switzerland, Kolab Now has some good encryption options while also being fully-featured.
- StartMail – Based in The Netherlands, StartMail offers built-in PGP encryption support.
We have personally tested (and use) many different encrypted email services. We not only do this to write reviews, we take data privacy seriously. Below I’m testing out the feature with ProtonMail to send an encrypted message to a person who does not use ProtonMail.
If you are serious about encrypting your email, it would be wise to first start out by switching to a secure email provider. Finding the best encrypted email service is very subjective and all comes down to your own unique needs. Check out our email reviews for an in-depth look at many providers.
What about encrypted email services based in the US?
Did you notice above that none of our recommended encrypted email services are based in the United States?
There’s a reason for this. And that is concerns about privacy and data security. There are many examples of US tech companies being forced to hand over private data to US authorities. This is particularly important with email services. Here are just two examples that we know about:
- Lavabit – Lavabit was a privacy-focused email based in the US that was forced to shut down when the owner refused to give up the encryption keys to government agents.
- Riseup – Another US email service catering to privacy-minded users, Riseup was hit with data requests and was forced to comply.
Here’s a quote describing the Riseup situation, which could affect any US-based email service:
After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization).
There was a “gag order” that prevented us from disclosing even the existence of these warrants until now. This was also the reason why we could not update our “Canary” [warrant canary that warns users about these events].
Recommendation: Choose an encrypted email service located in a good privacy jurisdiction. If you don’t, your data could be at risk.
Encrypted email alternatives
One of the fundamental problems with email is metadata.
Email is structured in such a way that metadata is very difficult to conceal from third parties. Email headers can reveal a lot of private data. What’s worse, PGP, the most widely-used encryption protocol, does not encrypt subject lines. This exposes further data to third parties and potential adversaries.
Another problem is that most people simply do not want to use an encrypted email service and/or encrypt messages. This isn’t an easy problem to get around — unless you use an alternative to email.
Best alternative: encrypted messaging service
We’d recommend using a good encrypted messaging service if you are really concerned about privacy and data security. Most encrypted messaging services do a very good job encrypting data, collect little (or no) metadata, and offer stronger encryption than most email services.
Some of our favorite options are Signal, Session, WickrMe, and others. Check out the best secure messaging services for more options.
Conclusion on encrypting email
In this world where the assaults on our privacy grow by the day, it behooves us to take whatever steps we can to defend ourselves. One place you can fight back is in your email inbox. Unless you want a vast number of entities (from Google AIs to foreign spies) reading your email messages and doing who knows what with the information they find there, you need to encrypt your email.
Remember: If you aren’t up for rolling your own end-to-end encryption system, you can move your most important email connections to one of the private email services.
ProtonMail, for example, has a free version that handles E2EE for you and uses a system much like Gmail’s Confidential mode to send private messages to people who don’t use ProtonMail. And if your encrypted messaging needs aren’t too intense, you can get by just fine with the free version of ProtonMail or another one of our recommended encrypted email providers.
How would Office365 business/enterprise work into this equation?
I understand it is owned and operated by Microsoft, but I do IT for a lot of companies that have special requirements like FIPS, HIPAA, PCI, SOX, 21 CFR 11, etc… We are allowed to use Microsoft Office365 business plans with exception of defense contractors but Office365 has US Govt Defense plans as well. Thoughts?
If your web traffic is encrypted with a VPN then wouldn’t this also include your emails? Or is there a way for them to still be intercepted and read?
Not really, because after your traffic exits the VPN server, it goes to the regular (unencrypted) internet. A VPN encrypts internet traffic between two points: your computer/device and the VPN server, before exiting onto the regular (unencrypted) internet. This article is dealing with encrypting the emails themselves, which is a different topic from VPN encryption for internet traffic.
An alternative is https://delta.chat which is a client that simplifies email encryption (cryptographic key exchange) using Autocrypt and displays emails as chat bubbles like a messenger.
To use it, sign in using existing email accounts (Gmail, Yahoo, Outlook, iCloud etc.). Emails are not stored in Delta Chat server as there isn’t one.
There is also COI (Chat over IMAP https://coi.me )
The issue I see then is that Google, Yahoo, Outlook and who knows what else now has access to your messages.
Is it safer?
As a follow up, the list of those who work with Delta is ok. Not the beat but ok.
https://providers.delta.chat
Maybe it is secure. But these are questions I have.
Delta Chat is the same as using regular email client on computers (e.g. Thunderbird, Office Outlook) and phones (Android Mail, iOS Mail app). You login using existing email accounts.
In addition, Delta Chat displays email as chat bubbles (in IM format) and helps encrypt email with end-to-end encryption meaning only sender and receiver can read the message. Of course, the email provider you signed up for stores the emails but they are encrypted.
Thanks for the info. I guess my question then is how is it encrypted? If the other end isn’t using Delta?
Not sure. I think it’s only end-to-end encrypted between Autocrypt users such as Delta Chat and other apps here https://autocrypt.org/dev-status.html
Nice list. Where I struggle with most of those services (excluding those offering their own app) is the requirement to tinker and usability, e.g. accessing on my iPhone. We need to balance privacy and security against convenience and usability I know, but for me, pgp on an iPhone (for example) while on the go is not convenient and not accessible to many people like me who are not technically minded.
Take mailbox.org as an example, incredible service, contacts, calendars, push emails, great price AND on everyone’s privacy and security email list. But out of the box PGP is not enabled, in fact emails are not even encrypted at rest. You have to go into settings, activate mailguard, create new keys with a new and separate password, copy and paste them into a separate PGP inbox encryption page and even then, only emails that arrive after that moment will be encrypted. You can also generate your own pgp keys but for someone like me that’s a few afternoons of forums, head scratching, questioning myself and why I bother and a leap of faith installing software I’ve never heard of to achieve. All emails that arrive after that will be unreadable on an iPhone (rightly so) unless via a third party app (clunky to read and send, you need to open in the mail app and then share the attachment with an app to read. No idea how to send yet) or a third party service (privacy issues again). I love Mailbox.org because they are an incredible service and I am sure that the standard package is very secure, but when I see it in a list of encrypted email providers I think that the usability piece also needs to be put into context and readers reminded that these services are not necessarily PGP encrypted straight off the bat. You need to tinker first.
In that respect I think when Protonmail and Tutanota catch up feature-wise (still a lot of functionality needed to take on Gmail) they’ll become mainstream. They have their own apps, its only one password to remember and they handle the complex setup and maintenance rigmarole for you. Until all the governments legislate against them of course.
Is there at least one reason why “Mailvelope” is not mentioned in the article?
Good suggestion. I don’t think Heinrich tested it, but we’ll consider it for the next update.
Heinrich has written very good article. Congrats!
In this respect, I also use Mailvelope and find it practical as of PGP encryption tool. May I request for your opinion about the following. In the past, I have read that it is more secure to use Mailvelope with Chromium-based browser because of the ability to create different profiles which stores the Mailvelope keys within the certain profile without possibility to get exposed through an attack while using another profile without Mailvelope installed. Since Firefox also supports different profiles through about: profiles, is it as secure to use Mailvelope in Firefox as it is with Chromium-based browser these days? Many thanks!
Okay, thank you so much for this! Lots to think about. Find it still not easy, though, to decide what to choose to do. If an e-mail service does not encrypt the subject line, I guess one could leave it empty, or use something more generic. – Let’s say with Protonmail one sends an encrypted message to someone who does not use Protonmail, and then, I imagine, it’s stored decrypted on their e-mail service provider’s server or cloud, can’t that provider read it then if they wanted to? If that was the case, then the encryption would only help on the way to the recipient, but not once it’s there?
[On a different topic: Because I’m not on facebook (for good reasons), I’ve looked for a privacy-friendly alternative and read about diaspora*, Friendica, Mastodon, the Fediverse.]
Thank you for helping a ‘not-good-with-technology’ person like me understand things better so I can try to make informed choices!!
@ C
No, if I send an encrypted message to someone who is using Gmail, Yahoo, Outlook, or one of the myriad of other services, they will not see my email. What they will see is an email that says an email is waiting for them. A link is then provided.
Once they go to that link, they are directed to (in my case) Protonmail’s server. There, a decript box with a required password is given. They have to have that password. If they do, they then read the email on the Proton server and not Gmail’s. They can respond from there or delete it, etc.
But Google is not in the picture. I believe the same thing works with Tutanota, but I am not sure. If you send to another Proton (or Tutanota) user from your Proton or Tutanota account, the encryption works automatically.
As far as subject lines, you are right. Just leave it blank. That is what I have done a few times.
Hope that helps.
Indeed it works the same with tutanota mate.
Thank you so much for this explanation, J.M.! I would need to figure out how to get the password to them. Sending it in a regular e-mail probably wouldn’t be good, and with hinting in a regular e-mail they might not get it right. [Not for the first time, for several days can’t send regular e-mail to outlook, hotmail etc., they always come back saying ‘too many hops’, and my e-mail service provider has done nothing to fix this that I’m aware of!]
if it’s a regular contact, you’d better give him the password in real life or with a secure messenger app like Signal/etc (or if both impossible, via WhatsApp)
And then you use the same password each time you send an email.
@Joe and @ C
Correct. I would just talk with the in person, mail them a letter with just the one word on a piece of paper and no other details or make the password hint something that you know they will know and nothing else.
@Joe, thanks. I thought that was how Tutanota works but I am, or was, not sure.