There are fast and easy ways to communicate with someone online, such as an instant messenger, video chat or social media. Despite these methods being arguable better, the world still sends over 280 million emails per day. For the time being at least, it’s clear that email is here to stay. However, security is an issue, which is why we’ll discuss the most secure email providers here.
The problem with email is simple. It’s dated protocols are vulnerable to cybercriminals who can use your account to send spam, hack into other online accounts or wipe important data. Even advertisers, government agencies and email providers have a vested interest in your correspondence.
If email’s vulnerabilities spook you, consider switching over to a new email provider. We’re going to look at five that offer more security over mainstream options. For each service, we’ll summarize its security options, creating an account, mailbox features and pricing tiers.
Don’t forget to check out our online privacy guide for ways to keep your data safe. For more safety measures, see our 99 tools to protect your privacy. Finally, have a look at our guide to email security for even more tips.
ProtonMail is easy to sign up for, comes with a high standard of protection and offers flexibility with its many payment plans. The cherry on top is its simple yet modern interface that makes it easy to navigate the mailbox and browse messages.
The service encrypts messages at all times. If a message is on ProtonMail’s servers, it’s encrypted. If two ProtonMail accounts send and receive messages to each other, they’re encrypted. Users can send secure messages to outside email addresses with an encryption key. The recipient uses the sender’s password to access the message.
ProtonMail uses AES, RSA and OpenPGP to encrypt messages. It admits that even it can’t access a user’s messages. That’s a double-edged sword, though, because it can’t retrieve a user’s lost data, either. What one sacrifices in recovery options, one gains in privacy and protection.
Creating an account is a painless process. To do so, all you have to provide is a username and password. You’re given the option to add a recovery email in case you forget your password, too.
Navigating the mailbox is similar to Gmail, Outlook and Yahoo. ProtonMail offers staple features such as custom filters, seven default folders and labels for organization. It has hotkeys for those who want to move around the inbox using their keyboard instead of their mouse.
Sending Email with ProtonMail
To encrypt messages for non-ProtonMail users, you have to click a lock icon at the bottom of a drafted email, make a password and choose “set.”
Beside the lock icon is an hourglass. When senders enable it, they decide an expiration time. The email and its attachments will then delete automatically at the chosen time. Like Gmail, ProtonMail supports attachment sizes up to 25MB.
ProtonMail offers a free version. It’s a limited option with 500MB of storage and 150 emails per day, but nothing beats free security. The first paid plan, Plus, offers 5GB of storage, 1,000 emails per day and five more email addresses at $5 per month.
The next one, Professional, provides the same amount of storage, but grants unlimited messages, custom domains and more mailbox features for $8 per month per user. The top-tier plan, Visionary, increases the storage to 20GB and offers 50 email addresses for $30 a month.
The team behind ProtonMail offers VPN services, too. Check out our ProtonVPN review for more information.
|Price:||Free||$5 monthly||$8 monthly||$30 monthly|
|Storage:||500 MB||5GB||5GB per user||20GB|
|Emails Per Day:||150||1,000||Unlimited||Unlimited|
- Easy setup
- Message expiration
- Low storage
Kolab Now offers email, as well as file storage and collaboration tools. Users’ data is safer because it is stored on servers in Switzerland. The software could benefit from message encryption, which is unavailable through its web mail.
Its website says it won’t give out users’ personal information and it promotes transparency by making its software open source. It uses perfect forward secrecy as an added layer of security in the event a private key becomes compromised. For more information about PFS, see our overview of Dropbox competitors.
Creating an account requires a series of steps. The first asks for basic information: first and last name, country, username and password. The second offers custom features you can choose from, such as two-factor authentication at login, the amount of storage space, mobile synchronization and a payment plan.
Plans come in three flavors: yearly, quarterly or monthly. The longer the commitment, the greater the savings.
Kolab Now Sharing
The service encourages sharing. Between two Kolab Now accounts, users can share email folders, contact groups, calendars and more.
That’s beneficial for users who want an office suite that’s integrated with their email, saving them the headache of switching between freestanding applications. At the same time, it’s no competitor to Dropbox Paper or Google Docs.
The tagging feature is one of the more useful ones for organization. You can create color-coded tags that act as categories to sort items. Each item, whether it’s an email message, calendar event or note, can display one or more tags.
Kolab Now Pricing
Strictly speaking, Kolab Now doesn’t offer a free trial, but users can request a refund during the first 30 days. It’s $4.50 per month to subscribe. Users who commit to three months will get a 1 percent discount, while those who go for the year will get 3 percent off. It accepts PayPal, Bitcoin, credit cards and direct bank transfers.
|Price:||$4.50 monthly||About $12.15 quarterly||About $37.80 annually|
- More than email
- Easy internal sharing
- Message encryption not supported
- No free option
Like ProtonMail, Countermail offers a worthy level of security. By running off diskless web servers in Sweden, a user’s IP address is less likely to leak. The interface isn’t eye-catching, but that’s less important than security.
CounterMail offers more security measures than its unusual servers. It uses encryption algorithms, such as OpenPGP, AES and RSA, to keep email communications secure. One of the cooler features is an optional USB key that you can order and require whenever (and wherever) you log in. That’s two-factor authentication and it will help keep you even safer.
Signing up is simple. It takes a few seconds to create an account before you get access to the mailbox. All that’s required is a username and password.
The mailbox appearance is simple. There are three configurations in settings that change the order in which windows display.
Another standout feature is Safebox. There, you can bookmark websites, notate their login credentials and post notes. You will need to enter a password each time you access this personal storage space.
Countermail Security Settings
There are three security options under the lock icon at the top of an email draft window called “encryption.” The first one digitally signs the email, so there’s no doubt the message is from you. The second encrypts the message, which we’ll get into in the next paragraph. The third grants permission to use your non-CounterMail public key.
Messages sent between two CounterMail accounts are encrypted automatically. External emails do not encrypt unless the target address uses OpenPGP. They still have a digital signature and hide your IP address, though. Messages allow attachments of 32MB or less.
A trial version is valid for seven days and only lets you email other CounterMail addresses. CounterMail’s subscription-based plans offer discounts for longer commitments. It’s $29 for 1GB of storage and six months of access. Above that, plans raise the storage to 2GB for 12 and 24 months and cost $49 and $79, respectively. Users can buy more storage for one-time fees.
CounterMail accepts credit cards, bank wire transfers and bitcoin.
|Plan:||6 months||12 months||24 months|
|Storage:||1000 MB||2000 MB||2000 MB|
- USB key
- Safebox storage space
- Short trial version
According to its website, Tutanota means “secure message” in Latin. Its servers reside in Germany and fall under stringent privacy laws. That legal protection is an external barrier that prevents even Tutanota from accessing your emails, though it can see the sender, recipient and dates.
It encrypts emails and contacts stored on an account with AES and RSA. Correspondence between two Tutanota users encrypts automatically. Users can encrypt external emails, but it works differently. External recipients get an email link that requires a password to open. Entering the password lets them read the email and reply with an encrypted message.
The setup process takes time because of the password. It has to contain a minimum number of characters and reach an adequate strength before Tutanota lets you continue.
At the end of the setup, it provides a recovery code, which is the only way to recover an account if you forget the password.
The mailbox has a clean and minimal appearance. Folders sit in a sidebar that hides automatically — clicking a side arrow pulls it out of seclusion and back to the forefront. Users compose emails by clicking a large round button in the bottom right corner of the browser window.
Emails in the trash and spam folders are automatically deleted after 30 days.
Tutanota Security Options
There’s a two-factor authenticator option available in the settings.
There’s an encryption option for users to create a password for their messages. It shows up as an icon bearing a red lock once users enter the recipient’s external email address. A meter under the field shows the password’s strength. After the sender finalizes the password, they need to send it to the recipient. Emails can support attachments of up to 25MB.
Tutanota’s free version is outstanding and provides up to 1GB of storage space.
The cheapest paid plan is Premium, which offers five email addresses, inbox rules and troubleshooting support for about $2 a month. The Pro version is about $7 a month and gives you 10GB of storage, up to 20 email addresses and customization options for the webpage display. Tutanota even offers discounts in certain countries.
|Price:||Free||About $2 monthly||About $7 monthly|
- Excellent free version
- Affordable payment plans
- Less encrypted than others
Hushmail offers encrypted and unencrypted messages. It’s flexible when emailing external addresses, but also doesn’t apply the stringent security many may hope for. It does keep records of your IP address and some data, but it’s forthright on its website about what it monitors.
Hushmail uses OpenPGP to encrypt emails and the keys themselves. Users can send and receive encrypted emails to external addresses as long as they use OpenPGP. The service scans messages for viruses but can’t prevent them from infecting computers.
The first part of the setup asks for a username and passphrase, which Hushmail suggests making five or more words long. In reality, it only requires eight characters and isn’t bound to a strength checker.
Users need a mobile phone with text messaging to create an account. If users lose their passphrase, they can’t recover it for personal accounts. Accounts automatically deactivate after three weeks if users fail to log in.
Sending Messages with Hushmail
The mailbox interface is straightforward and elegant. By default, the security features are off, so users will need to go into the preferences to switch them on. There’s an option to set a digital signature at the bottom of outgoing messages. If users want to protect their account, they can enable a two-step verification setting.
Sending an encrypted email is as easy as checking a box in a drafted message. The first time external addresses receive an encrypted message, they have to answer a sender-created security question. After that, they will be able to access subsequent messages with a passphrase they create on Hushmail’s website.
There is no spellchecker. An individual attachment must be 20MB or less.
A free trial offers Hushmail’s Premium service for 14 days with 25MB of storage. It costs $50 for a year to access its services over the web, mobile and desktop. The storage space increases to 10GB, there are no ads and accounts won’t deactivate during stretches of inactivity.
- User-friendly encryption
- Tracks some users’ activity
- No spellchecker
The internet is a scary place. Though no email provider is 100 percent immune to threats, the ones above offer a level of security that’s sorely lacking in mainstream services. Whether you’re looking into a more secure provider for sensitive work emails or out of personal conviction, it’s hard to go wrong with any of them.
On top of web mail, almost all of the services we’ve suggested offer mobile versions for iOS or Android. The only one that doesn’t have a mobile app is Hushmail, but there are “hacks” that can point your browser to its server to access email.
Sign up for our newsletter
to get the latest on new releases and more.
If none of the five above strikes your fancy, we have a sixth contender. As part of its VPN services, TorGuard offers secure email accounts. To learn more about this security-focused service, read our TorGuard Review.
Which email provider do you feel safe using? Are there any we missed? Let us know in the comments, and thanks for reading.