Table of Contents
Email may seem like a private mode of communication, but in reality our inboxes face threats from hackers, government surveillance, and even unauthorized access by email providers or other third parties. This makes security and privacy important considerations when choosing an email service.
Fortunately, encrypted email providers offer a way to keep our communications truly private and secure. This comprehensive guide will explore encrypted email in-depth – how it works, top services to consider, benefits for personal and business use, and best practices around leveraging secure email.
What is Encrypted Email?
Encrypted email refers to services that use encryption protocols to scramble messages in transit and secure email accounts at rest, making it unreadable to outside parties. Encryption converts plain text that looks like normal writing into a coded format that looks like random gibberish to anyone without the right decryption key.
Only the sender and intended recipients with that key can decrypt messages back into a readable format. This prevents unauthorized access in case communications fall into the wrong hands. Encrypted emails are sometimes called ‘private‘, ‘secure‘ or ‘anonymous‘ emails.
Common encryption protocols and standards used by secure email providers include:
- AES (Advanced Encryption Standard)
- OpenPGP
- S/MIME (Secure/Multipurpose Internet Mail Extensions)
- TLS (Transport Layer Security)
Why Encrypted Email Matters
There are several key reasons why individuals and businesses should consider using encrypted email services:
1. Privacy & Confidential Communications
Encrypted email allows you to exchange confidential personal or work information without fear of it being accessed by employers monitoring company email, Internet service providers analyzing traffic, government surveillance programs, hackers intercepting messages, or even insider threats at email providers.
2. Compliance
Certain industries like healthcare, finance and legal have compliance requirements around securing sensitive customer data transmitted electronically. Encrypted email helps meet regs like HIPAA, GLBA, SOX etc.
3. Secure Business Workflows
Encrypted email accounts facilitate secure business processes and workflows for things like exchanging confidential docs, communicating with customers about sensitive topics, file transfer, contract negotiations etc.
4. Protection Against Data Breaches & Hacking
Email providers can get hacked, exposing inboxes full of private messages, documents, credentials etc. Encrypted email mitigates this threat by scrambling everything at rest, making it useless even if stolen.
5. Safe Public Network Usage
When accessing email over public Wi-Fi, the encryption means snoops can‘t view communications if intercepting traffic on the network.
How Does Email Encryption Work?
Secure email services use a mathematical algorithm to transform regular text that looks like English prose into encrypted text that looks like a long string of random, unintelligible characters. This scrambled message can only be decoded and returned to readable format if the reader has the right digital key or passphrase.
Here is a simplified overview of how a typical secure email exchange works end-to-end:
- User signs up for encrypted email account which generates a public-private key pair
- Sender composes email message and the service encrypts it using recipient‘s public key
- Encrypted message gets transmitted as gibberish text to receiving server
- Recipient logs into their secure email account and their private key decrypts message
- Recipient reads email content in regular decoded text
The process also works in reverse with recipients encrypting replay messages back to the original sender using their public key.
Top Free Encrypted Email Providers Compared
There are a variety of encrypted and anonymous email providers to choose from, typically incorporating email protection as a core service or offering it as an optional add-on. I‘ve done extensive research to compare the leading options across key criteria like security, features, ease of use and pricing.
table {
font-family: arial, sans-serif;
border-collapse: collapse;
width: 100%;
}
td, th {
border: 1px solid #dddddd;
text-align: left;
padding: 8px;
}
tr:nth-child(even) {
background-color: #dddddd;
}
| Provider | Encryption | Perks | Limitations |
|---|---|---|---|
| ProtonMail | – End-to-end with OpenPGP | – Easy to use interface | – Limited free storage space |
| Tutanota | – End-to-end encryption | – Based in privacy friendly Germany | – No IMAP support |
| Mailfence | – OpenPGP for emails | – Digital signatures | – Webmail only |
| Posteo | – TLS transport encryption | – Anonymous signup | – Have to pay for aliases |
| StartMail | – Automatic OpenPGP | – Disposable email addresses | – iOS app lacks full features |
This comparison table shows a sampling of options, focusing on some of the lesser known providers beyond the well-known names like Gmail and Outlook which offer encryption too.
As you can see, the core security offering of end-to-end encrypted email is fairly standard, so the main differences come down to secondary features, pricing, policies, user experience etc.
I‘ll explore several top providers more in-depth next, along with an overview of anonymous/disposable email addresses.
ProtonMail
ProtonMail stands out as an encrypted email specialist putting security front and center throughout their full suite of digital tools providing inbox protection.
Some key features include:
- Leading end-to-end encryption protocols like OpenGPG, AES etc. Messages get immediately encrypted at send and stay scrambled while at rest in ProtonMail‘s secure data centers.
- Intuitive and user-friendly webmail interface works across all devices
- Address aliasing helps obscure identities; Includes disposable/temporary addresses
- Open source code means added transparency around security infrastructure
- Apps for all major platforms – iOS, Android, Windows, Mac, Linux
- Customer service includes 24/7 support options
- Swiss jurisdiction provides solid legal privacy protections
- Free tier available but paid plans unlock more storage and features
Overall, ProtonMail makes encrypted email accessible for everyday use while still offering advanced capabilities around security and privacy.
Tutanota
Tutanota is another provider specializing in easy and secure encrypted communications for the masses. As a German company they fall under strong EU privacy laws.
What stands out about Tutanota?
- All infrastructure developed in-house with encryption coded into all apps and services from the start, not just layered on later. This ‘security by design‘ ethos increases safety.
- Open source & transparent IT infrastructure so experts can inspect encryption implementations.
- Cheap pricing and generous free tier.
- Anonymous sign-up without any personal details needed
- Option for encrypted contacts and calendar data as well as email
- Apps focused specifically on security without unnecessary features
For an unfussy but ultra-secure email experience, Tutanota ticks all the boxes.
Mailfence
Mailfence deserves a mention as an up and coming encrypted email provider based on open source software. Two stand-out features are:
- Digital signatures allowing emails to get cryptographically signed for sender authentication
- Team plans supporting secure communications between company domains along with centralized admin controls
Mailfence offers a reliable foundation at low cost for encrypted email via webmail or mobile app as well as add-on tools like secure contacts, calendars, file storage etc. Ad filters also help keep inboxes clean.
Posteo
Posteo is an easy-to-use encrypted email service based out of Germany with a focus on privacy.
Some useful features include:
- Simple pricing structure – access to all features and tools for one flat rate
- Generous aliases bundled with plans to help anonymize sending/receiving addresses
- Support for sending encrypted emails to recipients at common providers like Gmail etc. via ‘transport encryption‘ mechanisms including TLS
Posteo proves encryption can be accessible without compromising on privacy.
Disposable & Anonymous Email Addresses
Many encrypted email providers offer disposable or anonymous email addresses either included for free or as a paid add-on.
These are temporary email addresses generated for one-off use in situations where you want an extra layer of anonymity and don‘t want the communication linked back to your real email identity. The message still gets securely encrypted in transit and at rest.
Disposable addresses prevent spammers from collecting your permanent email, protect online identities when signing up for questionable sites or services, facilitate anonymous communications etc. They are accessible like regular email addresses for as long as needed, then get automatically deactivated after an expiry period.
So consider leveraging this option if available through your encrypted email provider.
Choosing the Best Encrypted Email Provider
Now that you have an overview of leading secure email services, how do you choose? Here are key factors to consider:
Compatibility
The service should work across the platforms and devices you need to access email from – whether Windows, Mac, Linux computers plus iOS and Android mobile devices. Or if you want to integrate with email clients like Outlook and Thunderbird etc. Webmail access is generally standard.
Storage Space
Look at whether the included or free storage meets your mailbox needs. 5-10GB is fairly common for entry tiers while 100GB+ is available for paid subscribers. Also understand if there are limits on attachments sizes for sending/receiving encrypted messages and docs.
Control & Recovery
You don‘t want data and access controlled solely by the company. Can you BYOK (Bring Your Own Keys) for encryption passphrases rather than relying on provider issued keys? Also account recovery should only happen via your designated secondary channel not just sending a reset password via email for example.
Security Protocols
At minimum the service should use OpenPGP for end-to-end message encryption coupled with elliptic curve algorithms offering strong protection equivalent to AES-256 bit. Services focused on security from the ground up tend to be better bets than bolt-on encryption added as an afterthought.
Privacy Policy
Review each provider‘s privacy policy to understand their data collection, sharing and retention rules regarding customer data including emails. You want assurances encrypted communications only get shared with third parties in extreme cases following a stringent process based on Swiss or EU privacy laws for instance.
Pricing
Don‘t assume encryption means high prices. Most providers offer very reasonable pricing often with a permanently free tier covering ample storage for personal use while still providing a fully encrypted inbox without compromising features. Paid tiers remove limits and extra users/aliases. Cost should not be a barrier to better email security nowadays.
By evaluating providers across these criteria plus ancillary features that may suit your use case, you can zero in on one or two top contenders matching your ideal blend of priorities – then give them a test drive!
Best Practices for Using Encrypted Email
Encrypting emails enhances security and privacy but be sure to also follow these best practices for fully protecting communications:
- Activate two-factor authentication using an app authenticator rather than SMS or phone based options which decrease account security.
- Log into encrypted email accounts exclusively over secured networks, not public Wi-Fi
- Use anonymous payment methods like cryptocurrency when purchasing paid plans
- Generate encryption keys locally on your device; don‘t use provider issued keys
- Backup passphrase credentials somewhere offline so they are accessible if you ever lose device access
- Double check recipients when encrypting sensitive communications
- Sign up for breach alerts from providers to get notified if they ever detect potential intrusions
Following these tips will help you leverage encrypted email safely and avoid common pitfalls.
In Summary
Encrypted email has gone mainstream in recent years with a wealth of reliable providers cropped up offering robust privacy protections, secure messaging, spam filtering and more – translating technical encryption capabilities into everyday solutions for personal communications or business workflows.
This guide has aimed to decode the encrypted email landscape – lifting the hood on how underlying technologies work while spotlighting leading contenders among services. We‘ve covered everything from factors to consider when selecting a provider to best practices for fully locking down email security once an encrypted inbox is set up.
I invite you to browse my product comparisons showcasing well-known brands along with some hidden gems in encrypted communications worthy of consideration. Then visit my top picks among ProtonMail, Tutanota and Mailfence. Test them out via free tiers to experience just how easy it is to encrypt emails via turnkey interfaces purpose built with privacy as the priority.
You have no excuse now for not better securing email against a myriad of vulnerabilities using robust encryption protocols implemented by specialist providers. So take action today and regain control over who gets to read both incoming and outgoing communications!