Long has the war for email privacy been fought – and it looks we’ll keep fighting far into the future. People have always wanted to make sure than only the recipient can read email messages. Some worry about identity theft and sensitive company data that can be stolen. Others dislike the idea of government prying and interference (the current powers of the NSA have unsurprisingly led to a resurgence in email encryption).
While the average email service doesn’t do much to protect your email – which is why they can be collected and used quite easily by others – there is another level of service that offers email encryption. Essentially, this encodes email contents into gibberish and only lets the recipient decode the email and read it. If encrypted emails sound good to you, you’re in luck. There are dozens of encryption options available these days, from plugins to web services. Let’s take a look at the best and how to use them.
Quick words on PGP and encryption
Let’s talk a little bit about encryption so you get an idea of what you are jumping into. Cryptography software used for communication dates all the way back to 1991 when Phil Zimmermann created what he called PGP or Pretty Good Privacy. While that’s not exactly the most confident name, PGP proved its worth and quickly became the go-to source for encryption in the 1990s.
This original PGP worked by creating a public key and a private key, the former used to encrypt a message and the latter to decrypt it so it can be read. It also involved elements of crowd-sourced trust and other important elements of web security. You can read all about it if you want to.
Eventually PGP was replaced with the OpenPGP standard and GnuPG, but the term PGP stuck around, which is why you still here it used today when discussing email encryption. Today’s email encryption tools tend to use various implementations of this modern-day PGP.
Encryption with your current email
Probably the easiest way to get encrypted emails is to use your current email client or service – that way you don’t have to get used to any new software. Fortunately, there are several encryption options for popular email services like:
- Gmail: Gmail does not yet support native email encryption. This might change in the future, but for now you need to do a little work to enable encryption for this platform. Head on over to the Chrome store and look for encryption extensions. One of the most popular is Mailvelope, which works with several major webmail providers and uses Google’s own tools for encryption. Another popular option is Secure Mail, although this works only between two Chrome Gmail users. Both add basic encryption buttons that allow you to encrypt an email for a specific reader. The process is pretty easy.
- Outlook: Possibly because of its popularity in the business world, Outlook does support encryption right out of the box, but the encryption tool is well hidden. To encrypt a message, you need to head over to the Options tab, go to More Options, select Message Options, go to Security Settings, and then choose Encrypt message contents and attachments. Whew. You can also choose to encrypt all your outgoing messages through the Trust Center. If you use Office 365, you can also use message encryption through this service, along with some other handy security features. You have to purchase it along with Microsoft Azure Rights Management ($2 per user per month).
- Yahoo mail: Yahoo mail actually borrows some of Google’s tech to help protect its email. There are therefore OpenPGP encryption plugins that you can download to add some extra security for your emails. However, if you use Chrome then by all means go straight to downloading Mailvelope, because it also works with Yahoo emails and it’s a simple add-on.
Web-based encrypted emails
Your other option in the big encryption game is web-based email encrypters, which allow you to login into a separate piece of software on the web and use it to send your emails or add extra features to your old services. Some are made for home use, and some are made for more professional environments.
- Sendinc: Sendinc is a handy encryption service for small business owners and others. You can hop onto the web interface to send emails if you want, or check out the platform integration with Microsoft Outlook, Gmail, and others. However, you will have to pay for it – the cheapest version of Sendinc costs $4 per month.
- Virtru: Virtru offers a broad selection of add-ons for Android, Apple, Outlook, Firefox, and other platforms, but offers no webmail services, so you will have to do some micromanaging on your old email. Flip the Virtru switch when you want to start encrypting messages, and turn it off when you don’t. You can revoke encryption whenever you want, and it works with a “keyless” encryption that makes it easier for email receivers. The basic version is totally free.
- Lockbin: Lockbin skips the whole add-on phase and goes straight to making web mail encryption easy. You can go straight to the Lockbin website and type up an email right now if you want to, including attachments and your password/key. Send as many as you like for free, as long as its just you on the network. If you have more than one user, the price jumps dramatically to $10 per month.
- ProtonMail: ProtonMail is a more unique case. This is a Swiss-based project that uses what they call “zero access architecture” to create an email client so people can send messages that cannot be overseen by anyone else, with a particular nod toward governments. The encryption happens entirely on the client device and ProtonMail has no access to user data, so it can’t dig into user accounts and forward any details. ProtonMail is still in the early venture stages, and it is a bit unclear how effective it will really be – and how it will fair against new competitors like Tutanota. If you are interested, you can request to join the beta.
- Hushmail: Hushmail gets some points for being around for a very long time and offering options for individuals, businesses, healthcare and resellers. You can also create unlimited email aliases and download a specific mobile version for your phone. However, it loses a lot of points because Hushmail apparently cannot protect your data from the NSA or any other government agencies.
Andrew Couts also contributed to this post.