How to Send Encrypted Email: A Beginner’s Guide for 2020

in Privacy
How to Send Encrypted Email

Email encryption is a cybersecurity measure that prevents unintended recipients from reading your emails. In this guide, you will learn how to send encrypted email on three platforms.

How Email Encryption Works

email encryption

An encrypted email is a jumbled up message that can only be read by the person holding the decryption key. Email encryption and decryption uses Public Key Infrastructure (PKI). 

If your friend wants to send you an encrypted email, they can use the public key to encrypt the message before sending it. Since you are the only person holding the private key, nobody else but you can decrypt the message. 

When you want to prove that you are the sender of a message, you will use your private key to digitally sign an email. When your recipient successfully decrypts the message, then they will know that the message was from you.

In the first half of 2019, 4.1 billion records were reportedly exposed. To prevent such data breaches, email encryption is an imperative safety measure.  

Main Types of Email Encryption

The two main types of email encryption protocols are Secure/Multipurpose Internet Email Extensions (S/MIME) and Pretty Good Privacy/Multipurpose Internet Email Extensions (PGP/MIME). The first protocol depends on a centralized authority trust model while the second relies on decentralized authorities.

S/MIME is already built into large email service providers, such as Gmail and Outlook, while you need a third-party encryption tool to apply PGP/MIME.

Additionally, when you use the S/MIME protocol, the key code is created for you. However, the PGP/MIME allows users to create their own key codes. 

Email service providers Yahoo and AOL support PGP/MIME.

How to Send Encrypted Email on Gmail

How to Send Encrypted Email on Gmail

To use the S/MIME email encryption protocol on Gmail, both senders and receivers need to enable email encryption. This feature is only available to users with G Suite products like G Suite for Education, G Suite Enterprise for Education, and G Suite Enterprise.

Below are the steps you should take:

  • Sign in to Google Admin Console using an administrator account
  • Click Apps > G Suite > Gmail > User Settings
  • Go to Organizations and choose the domain you want to configure
  • Click the S/MIME setting and check the box for enabling S/MIME encryption 

Google has provided optional steps for enabling S/MIME that you can consider browsing.

After enabling hosted S/MIME, reload your Gmail account. You will now note that the subject field has a lock icon. When your email is encrypted, this lock will appear green in color. Next, you need to upload the S/MIME end-user certificates. To do this, follow these steps:

  • From your Gmail inbox, go to “Settings” then click on the “Accounts” tab
  • Select “Send email as” then click “Edit info”
  • Click “Upload a personal certificate”
  • Next, open the certificate and enter the password then select “Add certificate”

Now, you can exchange keys by sending an encrypted message to your friend. The digital signature will have a public key that your friend can use to encrypt the emails they send to you. 

Once you have shared the public key with recipients, you can send encrypted emails with ease. To do this, simply create a message as you normally would. Click the lock icon then the “View details” option to change the S/MIME settings if you want to. If you are okay with the level of encryption that Gmail displays as a green lock icon, you can send your S/MIME encrypted email.

Other encryption levels include the gray lock icon that means the email is protected with Transport Layer Security (TLS) and the red lock icon, which indicates that your email is not encrypted.

Email Encryption on Outlook

To send an encrypted email on Outlook, you need to first get the S/MIME certificate from your administrator and then install the S/MIME control.

Next, follow these instructions:

  • Go to the gear menu and select S/MIME settings
  • To encrypt all outgoing emails, choose “Encrypt content and attachments of all messages I send”

When sending a single encrypted email, simply compose your message then go to the “Options” tab and select “Encrypt” from the dropdown menu. Choose “Encrypt with S/MIME” and send your email.

Encrypting Emails on iOS

The S/MIME email encryption protocol is available by default on iOS devices. Here are the steps you should follow to encrypt an email: 

  • Go to “Advanced Settings” and turn S/MIME on
  • Change “Encrypt by Default” to yes
  • Write your email, then click the lock icon next to the recipient field to encrypt the email
  • Hit “Send”

Several email service providers like ProtonMail also allow users to send free encrypted emails. Learn more about these providers in this guide on the top five free encrypted email services reviewed for 2020.

Top 5 Free Encrypted Email Services, Reviewed for 2020

in Privacy
Encrypted Email

If you want to be sure that no one is reading your emails, choosing an encrypted email service is the right move.

In this guide, we take a look at five of the best free encrypted email services you can use in 2020.


encrypted email services

ProtonMail is arguably one of the best options when it comes to free encrypted email services. It is based in Switzerland, a location that is considered to be much better than locations such as the UK or US. As such, ProtonMail has a strong privacy policy that pledges not to store your IP address or any data that can personally make you identifiable.

As one of the top encrypted email services, ProtonMail is very easy to use. It has a powerful end-to-end encryption feature that protects any email that you send until the recipient opens it. In addition, you and the recipient are the only ones that can view the email. This zero-access build of ProtonMail’s servers ensures that only you and the recipient can open and read the encrypted emails and not event ProtonMail can read the emails.

In the event that your email recipient does not use ProtonMail, you can opt to send them an email that is unencrypted. However, ProtonMail has a feature that can encrypt the message and instead leave a link in the email. The recipient will be able to decrypt the email using a password that you will share with them privately. Moreover, ProtonMail gives you 500MB of storage space with the free option.


  • One of the best-encrypted email services
  • Has a strong privacy policy with zero-access construction
  • Does not log IP addresses


  • Free option has limited storage
  • Upgrading is quite expensive


free encrypted email

CounterMail is a web-based encrypted email provider that has its data centers located in Sweden. This encrypted email service is easy to use and very secure. It is designed to provide maximum privacy and security without any unwarranted complexity. Although CounterMail’s website looks outdated, you can be rest assured that their email security is built to handle today’s privacy threat.

With CounterMail, you have access to your email account from anywhere, at any time worldwide. Your account will always remain anonymous and encrypted. Its encryption works transparently and automatically without requiring any specialized computer knowledge or skills. CounterMail uses a strong encryption protocol known as OpenPGP coupled with 4096 bits encryption keys to secure your data.

In addition, one of the features that makes CounterMail stand out from its competitors is the use of diskless web servers. This means that CounterMail is doing everything possible to keep you anonymous as you use their service. They also offer MITM (Man-In-The-Middle) protection, which helps protect your identity. There is a USB-key option that enables CounterMail to be used with your password for increased security. This way, you get better protection against brute force attacks and keyloggers.


  • Uses diskless servers
  • Data servers are located in Sweden
  • Uses the OpenPGP encryption protocol


  • Free option only lasts 7-days
  • Outdated user interface and design


secure email services

Hushmail is a Canadian encrypted email provider that allows users to sign up for free and get an account. With the free option, you are only able to get 15 MB of storage with a single address. This means that you will not be able to receive large attachments in your emails and will, therefore, need to constantly delete emails to free up some space. As such, Hushmail is ideal for anyone looking for a free encrypted email service and doesn’t mind deleting emails now and then.

While Hushmail can be used on smartphones and desktop-based email applications, it is not compatible with macOS. In addition, its servers are located in Canada, a country that is not the best when it comes to privacy. However, with the applied end-to-end encryption, your emails will remain safe and their contents won’t be accessible to anyone.

Moreover, the company’s core values are based on privacy, clarity, and simplicity. Hushmail has done a great job of demonstrating this by providing users with a neat design, easy-to-use interface, outstanding privacy features, and protection.

Every email is encrypted using OpenPGP encryption. If your recipient uses Hushmail, they will be able to read their email on their smartphone or computer. However, if they don’t use Hushmail, they will get a link that is attached to the email. This link will redirect them to a website that is more secure after which they will be required to key in a passphrase before they can get complete access to the email. You can also add another extra layer of security that will require the recipient to answer a security question before they can access the contents of your email.


  • Can be used on smartphones and desktop
  • Has an easy-to-use interface and design
  • Uses OpenPGP encryption


  • It is not compatible with macOS
  • Its data server is based in Canada


Free encrypted email services

Tutanota is another free encrypted email provider that is easy to use. It is an open-source, web-based email application with its servers located in Germany.

Germany has some of the toughest data privacy rules so you can be rest assured they have got your back when it comes to privacy. What we love most about Tutanota is that with the free option, users get 1GB of free storage with one email address. In addition, Tutanota is compatible with Windows, Android, iPhone, Mac, and Linux.

Tutanota gives you the ability to securely send and receive emails without the use of PGP keys. Instead, they use strong AES encryption with Perfect Forward Secrecy. This means users can a password and a special link system to send emails that are end-to-end encrypted to just about anyone regardless of the service they are currently using. Moreover, this email service is built to strip IP addresses from the email headers. It can also encrypt metadata. As such, you get to enjoy a very secure email service that makes it hard for anyone to track or see the contents of your email.

The only downside worth mentioning is that Tutanota stores some minimal metadata logs for messages sent for five days using the service. This is done to ensure the smooth running of the service.


  • Provides end-to-end encryption
  • Compatible with all browsers and devices
  • Users get 1GB of storage


  • The AES encryption is not the most secure
  • Stores some minimal metadata logs



Mailfence is an encrypted email service provider that was launched in 2013. Its servers are based in Belgium, a country that has strong privacy protection laws.

Mailfence believes that ‘privacy is a right, not a feature’. To this end, their service cannot be tracked. Moreover, Mailfence does not have any ads, spams, solicitation or backdoor and is free from government surveillance. Mailfence has incorporated state of the art security features that protect your email privacy at all times. With the free option, users get 500 MB of email storage and 500MB of document storage.

In order to deliver emails that are completely secure, Mailfence uses different methods. One method used to achieve this is OpenPGP end-to-end encryption that ensures that only your recipient can decrypt your email. Secondly, you can also send a password encrypted email. This means that you will need to show a password with your recipient that they will need to key in before they can access your email. Additionally, you have the option of using a digital signature. This works in a similar fashion as a stamped seal or handwritten signature only that the digital signature provides more inherent security.

Unlike other email service providers, Mailfence has an integrated suite of tools, such as calendars, messages, contacts or and documents. With this service provider, you get the freedom to choose which email you want to encrypt. In addition, it is a private, secure and easy-to-use service.


  • Uses the OpenPGP end-to-end encryption
  • Has an integrated suite of tools
  • Its servers are based in Belgium


  • Stores some user logs
  • Its paid for plans are expensive

You Found Your Email on a Dark Web Database: Now What?

in Dark Web
email found on dark web

Snap! You just found out your email is on the dark web. 

How did your email end up on the dark web? One of your favorite platforms could have been hacked and you were affected. Alternatively, you could have fallen for a phishing scheme that managed to capture your data.

The first thing that people do when they find their email on the dark web is to panic. You first have to ascertain the severity of the issue, before you make calls to the bank or start deleting accounts. 

In most cases, having your email merely on the dark web is not a problem just because it is there. In this case, your email is now an email that can be seen publicly.

The issue lies in the possible scenarios that may follow after your email lands on the dark web. With your information on the unsafest part of the internet, your identity could be related to a lot of activities that might put you at risk.

Hackers and scammers crawl the dark web frequently to find new user data to target. Even though finding your email on the dark web looks harmless initially, it might become something you never expected.

At this point, you need to act quickly to secure yourself and data. 

Scan Your Device and Applications

is my email on the dark web

You must understand the potential loopholes on your device and applications that may be leaking your data. This is crucial to prevent a similar situation in the future and stop more data from being leaked.

A virus scan on your device to check for any existing malicious software that may be stealing your data is needed. Malware can monitor your activity, log your keystrokes, and steal your passwords. 

If you find any suspicious files or apps that may be in this category, you have to remove them and change your login information instantly.

Once you are done checking for malware, you can then move ahead to the other measures you need to take.

Change Your Passwords, Make Them Strong

It would be best if you changed the password of your email as soon as it ends up on the dark web. Changing your password is essential because most emails on the dark web become targets for hackers or scammers.

Further, your email also gets marked for phishing attacks. It gets difficult for hackers to succeed in taking over your email when you change your password. 

There is a catch to this. You will need a strong password to ensure the total safety of your email. Here are some tips to follow.

  • Your password must be lengthy. (8 words +)
  • Don’t use your name or real words
  • Combine lowercase and uppercase letters
  • Add symbols and numbers

Beyond the email in question, you should also update the password of other applications you have used the email for.

Add Extra Security

After changing your passwords, you should also consider adding extra protection to your email.

Two-factor authentication (2FA) is a verification method that requires an additional piece of evidence for authentication.

2FA can be set up to send a code to your mobile number to verify all new sign-ins. In case your password gets compromised, the hacker will still have to enter your 2FA code to access the account.

Get A Second Email

Your primary email contains a lot of sensitive information that must be protected. To avoid sharing this email on several platforms, you should consider a secondary email.

This is an optional step, but one you should consider. You can jump on any of the email service providers to get a new email for random sites you visit that require your email.

Check Your Financial Apps

Finally, you should check your financial accounts when you find your email on the dark web. You might not have lost any funds because your email is out on the wild, but its good practice to ensure you are safe.

Check your accounts for mysterious transactions you did not make by yourself. You should also set up alerts for your financial accounts just in case hackers attempt to steal from you later on.

If you are not comfortable using your account just as it is after your email is found on the deep web, you can visit your bank to change your passcodes and other verification requirements. 

Am I Completely Safe Now?

You are certainly safer than you were before taking these steps. If you stay away from unreliable and suspicious sites, you will most likely not end up in this situation in the future.

However, large scale data leaks – that include your email address and/or login information – are always a possibility.

Go to Top