How to Encrypt Email: a Step-by-Step Guide
As one of the oldest and most universal forms of communication on the Internet, email has earned its place in the hall of fame of modern technology. However, even the simple act of sending virtual letters to people might easily become a nightmare for both the sender and the recipient.
Namely, judging by some daunting statistics, 46% of hackers disseminating malware deliver it through email. Before you start panicking and deleting your mail with sensitive information or files, give our guide a read. We will show you how to encrypt email and introduce you to the basics of file encryption.
Data breaches can pose a risk to any individual, not just government and financial institutions or fintech companies. The ever-present threat of hackers stealing your confidential information can be avoided by sending encrypted email messages because not even the best VPN software will fully protect your inbox.
Scanning emails for viruses goes without saying, and we sincerely hope you’re ignoring "Nigerian prince"-style email scams informing you that you’ve just inherited a fortune.
Before we dive into the details on how to send an encrypted email, we’ll deal with the term encryption itself. The whole process carries a dash of espionage and spies’ coded messages. When encrypting your email, you are basically scrambling the contents of your message, like a virtual puzzle, enabling only those with a key to unscramble it. Cracking the codes created by modern computer software is next to impossible.
To become a Sherlock Holmes of the digital world, you won’t need a magnifying glass, but you will require a so-called public key. To send a secure email, both you and the recipient would have to have encryption keys.
By using the public key infrastructure (PKI), you’ll be assigned a pair of keys in the form of digital code. You’ll be using a public key to send encrypted email letters and a private key to decrypt the emails you receive. Public keys and your data are stored on a key server so that those who wish to write to you can use it to encrypt the content they want you to read.
On the other hand, private keys are safely stored on recipients’ computers or other devices and can’t be accessed by anyone except for their owner.
What Is the Most Secure Email Provider?
Unfortunately, very few email providers are genuinely safe. Even though tech giants deal with major cybersecurity challenges on a daily basis, most of them offer only limited account protection or require extra steps to be taken to send secure emails.
This leaves your virtual correspondence vulnerable to hackers unless you’re a tech-savvy user or are willing to pay more to upgrade your account’s security features. Sending a secure email by using end-to-end encryption is the way to go.
However, to do so, both sides need to have an email account that supports sending encrypted email messages, and they both must use the same encryption protocols. Otherwise, the person you email won’t be able to decipher it. To sum up: you’d better arm yourself with information and take things into your own hands if you want to shield your sensitive data from hackers.
Two Main Types of Email Encryption
Learning how to encrypt email starts with differentiating between the two main types of end-to-end email encryption: S/MIME and PGP/MIME.
S/MIME stands for Secure/Multipurpose Internet Mail Extensions and represents a protocol for sending and receiving encrypted emails, provided that both parties use the same type of encryption. The protocol is already pre-built into Gmail, Outlook, and iOS devices but not enabled for all users.
Its perk is that it uses digital certificates instead of asking users to create their own keys. Also, it adds digital signatures to your mail. On the flip side, it’s pretty costly to implement.
If you don’t want to break the bank to provide encryption for your email messages, the PGP/MIME protocol is free. As its name says, PGP (Pretty Good Privacy) offers more than decent protection.
However, you’ll need a third-party encryption tool to implement it into your email provider because email clients do not widely support it. You can use it with Android devices, Yahoo, and AOL.
This protocol relies on a decentralized, distributed authority and allows users to set their own keycodes. The downside here is that you’ll need to be reasonably tech-savvy to set everything up.
Encrypting Web-Based Email Clients
Boosting your email inbox with top-notch encryption is quite tricky if you’re using web-based email services. If you’re wondering how to encrypt an email in Gmail, you should know that it already has the S/MIME protocol pre-built.
However, it’s enabled only for business or education (G Suite) users. On top of that, even if you have a G Suite account, the administrator would have to enable S/MIME for you. Yes, it does sound daunting, but bear with us.
To send encrypted email in Gmail, you’ll have to enable the hosted feature yourself in the Google admin console, and we’ll guide you through the process.
- First, go to admin.google.com and log in to your account. Here’s how to encrypt a Gmail email: from the Home Page, go to Apps > Google Workspace > Gmail > User Settings > Organizations, and choose the domain or organization you want to configure.
- Under S/MIME Settings, toggle on the “Enable S/MIME encryption for sending and receiving emails” box and save your choice.
- Now, go to your Gmail login to email someone. Write your message as you usually would, then hit the lock icon displayed to the right of the recipient.
- Hit the “View details” to choose the encryption status: red means the email isn’t encrypted, gray indicates that it’s encrypted with TLS and works only if the recipients’ client supports it, and green means that you have S/MIME on and your email from Gmail is secured with a private key.
How to Encrypt Email in Outlook
Setting up Outlook encryption might also give you a headache. Even though it is compatible with the S/MIME protocol, you’ll have to add it yourself or ask the administrator to do it for you.
- First, you’ll have to get a certificate (a digital ID) from your organization’s administrator. Then if you don’t have the protocol, install S/MIME control by selecting “run.”
- Once you’re all up and running, choose “S/MIME settings” from the gear menu and pick one or both options: one that enables you to send encrypted email messages and another one that allows you to sign your messages digitally.
- Now, to send encrypted email in Outlook, you’ll have to log in to your email account, choose an individual message you’d like to protect by hitting the “More options” (three dots) button at the top of the message, and toggle the “Encrypt this message (S/MIME)” option on or off.
- Make sure your recipient uses the same encryption protocol, or they won’t be able to decipher your mail.
How to Send Encrypted Email Messages Through Yahoo
Yahoo is one email provider that requires third-party encryption tools as it doesn’t have S/MIME or PGP/MIME protocol pre-built yet. To be fair, Yahoo does use the TSL/SSL protocol to shield your account. If you wish to protect your virtual communication further, here’s how to encrypt email in Yahoo: you’ll have to install a third-party app such as Virtru, Enlocked, or Mailvelope, to scramble your messages.
Virtru is a straightforward end-to-end protection software that adds a solid layer of protection against cyber threats.
- Simply head to www.virtru.com, download and install this free encrypted email plug-in, and then sign in to your webmail client.
- Once you compose your message, you’ll see the “Protect your message with Virtru” option that you need to toggle on. And that’s it.
Virtru doesn’t require you to manage your own keys, provide certificates, or have all your contacts opt-in. It simply encrypts your email and conveys it to the receiver through its own protected server instead.
Researching how to encrypt Yahoo email messages will teach you that Virtru replaces the original email with a link to its website where the person you’re sending your message can access it. It’s a breeze, and you can use the system with Gmail, Hotmail, and Outlook as well.
Encryption on Other Operating Systems
iOS Email Encryption
If you’re not using a web-based email client but still want to have your iOS and Android devices protected, the first thing you should try is a reliable VPN service for channeling your traffic. However, if you want your email communication to be completely safe, it would be good to know how to encrypt an email on your iPhone.
All iOS devices have the S/MIME protocol built-in into their default email applications, and all you need to do is enable it with a couple of clicks.
- First, you should head to your email account, log in, and go to Advanced settings.
- Then, toggle on S/MIME and change “Encrypt by Default” to “Yes.”
- Upon writing your email, you’ll notice the lock icon next to recipients' names. By clicking it closed, you’ll have your email to that recipient encrypted.
- The lock icon will turn blue if your contact isn’t in the global address list (GAL). If it’s red, that probably means the person you’re trying to send a message to isn’t in your exchange environment.
What is an encrypted email from an unknown address going to look like? Say you get one from someone that’s not in the same trusted working environment as you; a red question mark will appear next to the sender’s address.
- When you receive it, click the sender’s email address, tap “View Certificate,” and then on “Install.”
- Once you’re done installing the certificate, the install button will turn red and say “Remove” instead.
- Ignore it. Instead, hit “Done” in the top right corner, and the lock icon next to that persons’ address will turn blue.
- Close the lock by tapping it, and your messages to this person will be encrypted from now on.
If you’d like to know how to encrypt email on your Mac, you can read the paragraphs above, as the procedure is pretty similar on all Apple devices.
- Before you head to the mail app on Mac, make sure that you have a personal certificate in your keychain and that your recipient has theirs, too.
- Compose your message in the Mail app, and then move the pointer over the “From” field, choosing an account that has an installed certificate on it.
- The Subject: line will have a checkmark to the right, which will turn on your digital signature for that email when checked.
How to Encrypt Email on Android
Unfortunately, if you’re an Android user, chances are you’ll be the one at the mercy of most cyber threats, as it doesn’t have pre-built encryption protocols for sending emails.
It’s no wonder that Android phones are particularly popular with hackers! Installing a third-party application is a good idea. CipherMail add-on will do the work, as it’s a straightforward and intuitive app.
If you’d like to encrypt email messages on your Android device through S/MIME or PGP/MIME protocols, it’ll have to undergo a somewhat tricky setup.
First off, you’ll need to install a keychain tool such as OpenKeychain for storing recipients’ certificates and PGP public keys. OpenKeychain is a free and open-source app for Android and is compatible with the OpenPGP standard.
Here’s how to encrypt an email using the OpenKeychain app:
- Upon installing it, it’ll allow you to create your public and private key pairs by providing your email address, name, and password.
- After that’s done, feel free to search for other public keys and add them to your keychain.
- To send a secure email, simply go to your email client and head to Settings. Depending on the app you’re using, you’ll have to dig through them a little bit, but once you find encryption settings, make OpenKeychain your default PGP provider to start sending encrypted emails.
In the world of cybercriminals and identity thieves, one can never be careful enough, knowing how much is at stake. Learning how to manually encrypt an email can be a game-changer and give you some peace of mind.
As most email clients do not have reliable protection features, it’s essential to go the extra mile and enable the encryption protocols manually (if available) or install a third-party party app (if not). Whatever your choice is, investing in state-of-the-art encryption tools is much cheaper than facing a personal data leak.
Yes, you can. Gmail has the S/MIME encryption protocol pre-built, but it is not enabled for all users and will require a business account. You’ll have to enable it manually from the admin account. Access Apps from the Home page, then go to Google Workspace > Gmail > User Settings > Organizations, choose yours and enable S/MIME encryption. Knowing how to encrypt Google email messages isn't enough, though. You’ll have to make sure that your recipients use the same protocol.
As Outlook is compatible with the S/MIME protocol, you can add it yourself or ask the administrator to do it for you. First, you’ll have to obtain a certificate from your organization’s administrator, then install the S/MIME client, and toggle on S/MIME encryption. Again, make sure that your recipient is using the same protocol, or they won’t be able to decode your message.
Since most email clients do not have encryption features or offer them only to business users or those with higher price tiers, you’ll have to learn how to encrypt email manually. However, if you’re not tech-savvy or your primary concern is state-of-the-art protection and encryption, choose ProtonMail. It is designed by Swiss scientists at Cern, boasts a strict no-logs policy, and has servers located more than 3,000 feet deep in a nuclear bunker.
Your email address will not be published.*