How To Secure Email In Gmail

How Do Secure Email Providers Protect You

How to Send a Secure Email in GMAIL (2022)

End-to-end encryption is essential in building a truly secure email system. While services like Gmail encrypt the connection between your computer and the server, any information you send to the server is not encrypted when it gets there.

Any private conversations youre discussing will sit on Googles servers in an unencrypted format. If that data is stolen, for example, in a data leak, it doesnt need to be decrypted before it can be read. A secure provider will encrypt data on the server, making it useless to any third parties.

The lack of end-to-end encryption means that email providers can access the contents of your messages, and theyve used this access in the past. Google previously scanned the contents of Gmail messages for advertising purposes but stopped the practice in 2017. The company continued scanning email to power services like Google Now. How else will Googles assistant be able to remind you about the trip youve got coming up?

Where those servers are located could also impact how that data is treated. As is the case with VPNs, the most secure email services are usually located in remote or historically neutral countries. ProtonMail, for example, is located in Switzerland, where privacy laws are notoriously strict.

Secure email services will be sure to strip as much metadata out of the email being sent as possible. This makes it harder to trace the origin of a message and further protects the identity of the person sending it.

How To Open An Encrypted Email In Gmail

If someone sends you a confidential email, youll need your phone handy if you want to open it.

Opening a confidential email is a simple 3-step process:

1. Click on the confidential email in your inbox:

2. Click Verify Identity and wait for a verification code to be texted to your phone:

3. Enter the verification code and click Submit

4. Read your confidential mail:

Every time you open the confidential mail, youll have to enter a new passcode so that Gmail can re-verify your identity. Want to open the confidential email 5 different times? Youll also be verifying your identity 5 different times.

How To Encrypt Your Emails And Attachments In Gmail

So how do you send a secure email attachment in Gmail? The attachments shared via Gmail are often just as sensitive, or potentially more so than their corresponding messages. End-to-end encryption masterfully encrypts an emails contents while in flight and at rest, ridding emails of most security vulnerabilities. Undoubtedly, this makes end-to-end encryption the most secure method of Gmail encryption, as it protects the users valuable messages, files, documents, etc. Although Google has often entertained the conversation around implementing end-to-end encryption, it has failed to do so as of yet. Gmail offers users a few added security options at a price. Still, to fill the void left behind by Googles Gmail, several third-party encryption services have stepped up to offer their own applications and extensions so users can properly send secure Gmail attachments.

Recommended Reading: Sending Mp4 Via Email

The Drawbacks To Gmails Approach

If you dont request SMS passcode verification, Confidential mode is a lot less secure. For example, if the email address youre sending your message to has already been compromisedfor example, if the owner has left it logged in on a public computerthen the verification code is virtually useless.

On the other hand, providing a separate mobile number and requiring SMS verification is similar to how two-factor authentication works. Even if the email address has been compromised, without access to the mobile number specified by the sender, the message cannot be accessed.

Unfortunately, Gmails approach is still a far cry from that of truly secure email providers like ProtonMail and Tutanota. Like most email providers, Gmail doesnt encrypt the contents of your inbox on the server. Googles employeesor anyone who accesses your Google accountcan, from a technical perspective, see the message.

RELATED:ProtonMail vs. Tutanota: Which Is the Best Secure Email Provider?

How Does Email Encryption Work

Send Encrypted Emails in Gmail

Generally speaking, encryption is possible at the transport level or end-to-end. Heres how they differ:

  • Transport level encryption only protects the sending channel. It means that the email is still composed and sent as plain text, but the moment it leaves your mailbox, its protected with a layer of encryption. When it arrives at its destination, the email client decrypts it and stores it in plaintext for you to read.
  • End-to-end encryption makes sure that the email is safe at all stages of the communication. This data can be read-only by the intended sender and remain encrypted throughout the exchange process.

In both cases, it makes the data inaccessible but at different channels.

Don’t Miss: Where Can I Print Something Off My Email

Which Secure Email Service Is The Best

There is no one-size-fits-all approach to secure email. There are many different providers, all offering differing levels of security at a variety of price points. Budget is something you will likely have to consider since most services do not offer a generous free option like Gmail or

ProtonMail is one of the best-known encrypted providers, and one of the most mature. Data is encrypted on servers located in Switzerland, with the company conducting audits to ensure that users can trust its protections. The service is built on open-source technology, and theres a dedicated mobile app for iPhone and Android .

Tutanota is another highly recommended secure email provider, with a feature set thats similar to ProtonMail. Servers are located in Germany , and the service is built on many open-source foundations. Theres a similar caveat with mobile access in that you need to use a dedicated app to decrypt your email.

Posteo is also located in Germany and has made a bit of a name for itself for being a cheaper alternative to both ProtonMail and Tutanota. Everything is encrypted end-to-end, with support for PGP implementation to provide additional peace of mind. Theres also no need for a name, backup email, or other identifying information to create an account.

How To Encrypt Emails In Gmail

Gmail already has S/MIME built into the app, but it only works if both the sender and receiver have it enabled.

  • Enable hosted S/MIME. You can enable this setting by following Googles instructions on enabling hosted S/MIME.
  • Compose your message as you normally would.
  • When changing the encryption levels note these color codes:

    Green Information is protected by S/MIME encryption and can only be decrypted with a private key.

    Gray The email is protected with TLS . This only works if both the sender and recipient have TLS capabilities.

    Red The email has no encryption security.

    Don’t Miss: How To Start A Letter To A Professor

    What The Encryption Icons Mean

    When you’re sending or receiving messages, you can see the level of encryption a message has. The color of the icon will change based on the level of encryption.

    • Green . Suitable for your most sensitive information. S/MIME encrypts all outgoing messages if we have the recipient’s public key. Only the recipient with the corresponding private key can decrypt this message.
    • Gray . Suitable for most messages. TLS is used for messages exchanged with other email services who don’t support S/MIME.Tip: TLS support is not guaranteed. Support is inferred from past communications with the email service.
    • Red . Unencrypted mail which is not secure. Past messages sent to the recipient’s domain are used to predict whether the message you’re sending won’t be reliably encrypted.

    How To Encrypt Email In Gmail

    How to Send Encrypted Email in Gmail on Desktop & Mobile

    As of 2018, there were around 1.5 billion active users of Gmail. With that in mind, theres a good chance that you and the people you email daily have a Gmail account.

    But how do you know that the emails that you send are secure?

    Gmail uses TLS as a standard for keeping your emails secure. While both the sender and the receivers email providers need TLS enabled to work, theres no need to worry most email providers support TLS. If your email provider doesnt, you may want to consider moving to one of the many that do.

    While TLS keeps your email safe when being delivered from one email inbox to another, it doesnt have the added security of keeping that email safe after it has arrived in the inbox.

    However, you can do this fairly simply in both free and paid Gmail accounts.

    Here are the step by step guides to both:

    You May Like: Iphone Mass Delete Emails

    How To Download G Suite And Configure S/mime Encryption

    Follow the steps below to enable S/MIME encryption in Gmail:

    Enable S/MIME encryption

    G Suite provides a multitude of different settings to help you customize S/MIME encryption, but these are the basic steps to enable it.

  • Create a G Suite account and follow G Suite setup wizard.

  • Create a domain name or add an existing one . This will give you a G Suite admin account.

  • From Admin Homepage, navigate to Apps> Google Workspaces> Gmail> User settings.

  • On the left-hand side, there is an ‘Organizations‘ tab, which should have your domain name underneath it. Select the domain you entered.

  • Scroll down to the S/MIME setting and tick the “Enable S/MIME encryption for sending and receiving emails” box.

  • Press save and reload your Gmail account.

  • A padlock will now appear in the subject line of messages to represent the level of encryption when sending and receiving emails. If the lock is green, the email is S/MIME encrypted.

    Choosing and uploading certificates

    Before any emails are sent or received using S/MIME, you will have to upload a digital certificate to G Suite, which is essentially a digital ID. Google provides a list of trusted certificates you can use in their help centre. Once you’ve selected the appropriate certificate which may require some research you can then upload it to your G Suite account.

  • Start at your Gmail inbox in G Suite.

  • Click on the tab labeled ‘Accounts‘.

  • Navigate to the ‘Send mail as‘ > ‘Edit info‘.

  • Select ‘Upload personal certificate‘.
  • Update Your Browser And Operating System Regularly

    Almost every tech product has at least some vulnerabilities, but developers are working round the clock to find them, acknowledge them, and patch them. Thats why you get periodic updates that theres a new version of your browser, or your operating system, ready to install.

    Take these notifications seriously, and update your devices and software as soon as you can think of it as a way to upgrade your defenses. Otherwise, youll stay vulnerable to security issues that have long since been formally fixed.

    Also Check: How To Recover An Old Email Account From Google

    What Does Encrypted Mean

    Humans have been encrypting sensitive information since Roman times. Even though Roman ciphers are a far cry from modern encryption algorithms, they accomplish the same goal: convert information into secret code that hides its true meaning.

    Imagine that your inbox is as safe and your emails are important documents that you don’t want anyone else to see. Without email encryption, all that cybercriminals need to do to read the content of your emails is to know the right password to your inbox.

    Unfortunately, large-scale data breaches are becoming increasingly common, and there’s a chance that cybercriminals already know the password to your inbox. Even if they don’t, they can attempt to intercept your emails while they’re being delivered.

    How To Open Encrypted Email In Gmail

    Send Encrypted Emails Through Gmail Using a Chrome Extension

    Now that you know how to send a confidential email in Gmail, if you receive one, you may be asking how to open it. This process is quick and easy.

    Step 1: Open Your Email Account

    The great thing about confidential emails from Gmail is that they can be sent to any other email service provider. Before being able to access the information, youll need to log in to whatever email account it was sent to.

    Step 2: Open the Email

    Once you have gained access to your inbox, youll then open the confidential email. You will be notified that the sender sent the message via Gmail confidential mode, and to open it, youll need to click on the blue View the email button in the middle of the screen.

    If there is no passcode, the message will open in a new tab, and youll be able to read it for as long as it is available.

    For messages where a passcode was included, after you click on View the email, a new window will open asking you to confirm your identity. Youll have to click on the Send Passcode button and input that number before you are able to view the contents of the email.

    Also Check: Why Isn T My Email Updating

    How To Encrypt Email In Gmail Like A Secret Agent

    Gmail is a great email service, but the one thing theyre not known for is respecting your privacy. After all, their business model is to monitor your online activity to serve you relevant ads. They may be up-front about it, but that doesnt excuse it. So what do you do if you want your emails to remain absolutely secret? Heres how to encrypt your email in Gmail like a secret agent.

    Read more: What is encryption?


    To encrypt emails in Gmail, theres the easy way and the hard way. The hard way is to use IMAP to download all of your emails to a local email client, such as Outlook or MacOS Mail, and then install PGP. This requires a steep learning curve. A much easier method is to use a Chrome third-party extension, which also uses PGP, but does all of the heavy lifting for you.

    How To Encrypt Emails In Outlook

    Outlook is also compatible with the S/MIME protocol, but it requires additional setup.

  • Enable S/MIME encryption. This process will involve getting a certificate or digital ID from your organizations administrator and installing S/MIME control. Follow Offices steps for setting up to use S/MIME encryption.
  • Encrypt all messages or digitally sign all messages by going to the gear menu and clicking S/MIME settings. Choose to either encrypt contents and attachments of all messages or add a digital signature to all messages sent.
  • Encrypt or remove individual messages by selecting more options at the top of a message and choosing message options. Select or deselect Encrypt this message . If the person you are sending a message to doesnt have S/MIME enabled, youll want to deselect the box or else they wont be able to read your message.
  • Don’t Miss: How Can I Get My Old Email Back

    Check Through Gmails Security Checklist

    Gmail provides a long list of measures you can take to improve your accounts security with only a few clicks. You can take advantage of some features like the visibility of IP addresses and locations where the account was last accessed. This will let you know when someone is trying to spy into your Gmail and from where.

    The checklist prevents your system from compromising and helps you practice the best security practices like constantly updating your browser and using an anti-malware scanner. With this checklist, you can be sure your emails remain secure in whichever folder they are in.

    Popular Articles

    Related Stories

    Stay on top - Get the daily news in your inbox