Emails are a prime target for cybercrime. From password reset requests to banking information to medical documents, there’s a lot that filters through your inbox each day. In this guide to the most secure email, we’re going to give you five services that will keep your inbox safe while adding features that services like Gmail don’t offer.
Each of our picks offers true end-to-end encryption, no matter if you’re using Outlook or Apple Mail. By upping the security of your email, you’re not only protecting your data from any prying eyes, but also shielding your privacy from tech giants like Google, Verizon and Microsoft.
Although we have five picks, we recommend ProtonMail for pretty much everyone. Tutanota works in its place, but the other three picks are specialized for certain tasks. If you’re just looking for an email provider with better security than Gmail, ProtonMail is the best pick. If you want a few more options, read on.
The Most Secure Email Providers
- ProtonMail — Free, easy to use and highly secure
- Tutanota — Extra features at a great price
- Mailfence — Lacking features but packed with value
- Hushmail — Secure emails for health care and law
- CounterMail — Security with no compromises
1. ProtonMail — Most Secure Email Provider
- Free plan available
- Easy to use
- Works with ProtonVPN
- Expensive paid plans
When it comes to secure email services, it doesn’t get much better than ProtonMail. It allows you to send encrypted emails free without any sort of arbitrary limitations. Plus, it’s open source and comes from the same company behind ProtonVPN, which currently ranks as one of the best VPN services on the market (read our ProtonVPN review for more).
The big deal with ProtonMail is that it’s easy. No matter if you’re an OpenPGP pro or just learning the encrypted email ropes, you can get set up with ProtoMail with little fuss. It uses tried and true encryption standards — our guide to email security explains why they work — and maintains a strict stance on physical security and customer privacy.
Furthermore, Proton Technologies, the company behind ProtonMail, is based in Switzerland, which has some of the best privacy laws in the world. If you’re looking for an encrypted email account without the hassle, ProtonMail is for you. You can learn more in our ProtonMail review, or sign up for a free account to try it yourself.
- Free plan available
- Unique security model
- Lots of storage
- Add-ons can get pricey
Next up we have Tutanota, which takes only a narrow backseat to ProtonMail (you can see how the two stack up in Tutanota vs ProtonMail comparison). Outside of a few niggles in pricing, Tutanota gets everything right. It’s open source, easy to use and, best of all, highly secure. It doesn’t use the same OpenPGP encryption as other secure email services, though.
Better yet, there’s a free plan. Tutanota’s free offering comes with twice the storage space of ProtonMail — 1GB, in this case — as well as an @tutanota.com email address. The paid plans offer a few more bells and whistles, as well as highly expanded storage space, up to 10GB. You can learn more about those in our Tutanota review or give it a shot yourself.
- Multiple encryption options
- Included calendar
- Little in the way of handholding
- Limited support
Mailfence has been in the encrypted email game for a while. Founded in 1999, Mailfence started with the goal of not being just another email service you use for sensitive messages. It wants to be the email service you use for everything. With a generous free version at the ready, Mailfence does a great job of doing just that.
Although it’s lacking in features compared to Tutanota email and ProtonMail, there are a few extra goodies outside of email storage and, of course, your email accounts. Mailfence includes a private calendar, user groups and document storage. It’s not G Suite or anything, but these are still nice to have around.
It’s also very secure, offering RSA and ECC encryption (the latter of which our top two picks lack). However, Mailfence ranks third for a reason, and that’s because of its limited web application. It’s not too difficult to use — though it’s far from “easy to use” — but it leaves a lot of questions for newcomers. You can read more about that in our full Mailfence review.
- HIPAA-compliant forms
- Email for law & health care
- Personal plan available
- Collects a lot of data
Hushmail is less focused on individuals and more focused on businesses. With a swath of plans targeting different industries, Hushmail sets itself apart with HIPAA-compliant forms, allowing healthcare companies — as well as law firms and other businesses dealing with sensitive information — to communicate with their clients over an encrypted channel.
It charges a pretty penny for the privilege, too. Hushmail is expensive, with a single-user plan clocking in at $50 each year. Worse, there isn’t a free plan, automatically placing Hushmail below our top three.
That’s not Hushmail’s aim, though. For the industries it targets, there isn’t a better option. Sitting among the most secure email services, Hushmail comes fit with top-notch encryption and a zero-knowledge password model. It doesn’t exactly provide email with privacy, though, as you can read in our Hushmail review.
- Man-in-the-middle protection
- USB key protection
- Diskless mail servers
- Difficult to use
CounterMail is pretty rough around the edges. The interface is dated, the website is difficult to use and there isn’t a free plan. However, CounterMail is highly secure and, better yet, offers more storage space than most other email services. Better still, CounterMail has a few unique security features.
Those include USB key protection — where you can load up a USB stick with a key file as a form of two-factor authentication — as well as diskless mail servers. CounterMail also protects against man-in-the-middle attacks by adding an additional layer of session encryption before sending your email (the next section explains why that’s so important). No hacked email for you.
There’s a reason CounterMail ranks fifth, though. It’s difficult to use, especially for newcomers, and there’s no free plan. Worse, the paid plans are pretty expensive. Thankfully, CounterMail comes with loads of storage space and receives updates regularly. You can read more about it in our CounterMail review or give the week-long free trial a shot yourself.
What Makes an Email Provider Secure?
Before understanding what makes an email provider secure, we have to talk about what makes one insecure. When using a service like Gmail, your messages are encrypted using SSL/TLS. Even if you know nothing about encryption, you’ve benefited from SSL/TLS (though, you should still read up on our description of encryption). It’s what nearly every website uses to protect your data.
Basically, SSL/TLS works like this: a website — or in the case of email, a mail server — has an SSL/TLS certificate. Before you send data to that website or mail server, your browser or email application verifies the certificate. If everything checks out, the encrypted channel opens and your data is sent through.
The problem with TLS isn’t that the encryption is insecure; it’s the way TLS negotiates the connection that’s insecure. For email, a common practice for attackers is to use a downgrade, where the attacker forces your email application to downgrade to a previous version of SSL or, worse, to not use encryption at all.
Email applications like Gmail allow this to happen because, well, that’s what most people expect when using their email. The alternative is to have your messages fail left and right. Services like Gmail value your message getting to its destination over making that message secure.
The Privacy Problem
Then there’s the privacy problem. When using Gmail, your messages are stored on Google’s servers. Your messages are encrypted in transit with TLS, though they’re not encrypted at rest (more on that in a moment). Plus, Google isn’t exactly known for great privacy practices, and most popular webmail services are located in countries with bad privacy laws.
We’re not saying Google is spying on your emails; Google probably couldn’t care less about what you send and receive, as long as it’s nothing illegal. However, the fact that your messages aren’t encrypted at rest poses issues if someone wanted to access your previous emails. In a Five Eyes country like the U.S., that’s a problem.
The PRISM revelation showed how little the U.S., in particular, cares about privacy, and there are countless other monitoring programs in different countries around the world. Trusting private messages with companies that care very little about your privacy not only bodes poorly for spam, it also feeds mass surveillance programs.
That’s where Pretty Good Privacy (PGP) comes in. Instead of simply encrypting a message in transit, PGP encrypts messages at rest. Before ever leaving your computer, your emails are encrypted with PGP, scrambling the data into an unreadable block of text before sending it over the internet.
Even with a man-in-the-middle attack, your data is safe. The attacker may be able to steal the encrypted data — an unlikely event, especially if you’re using a service like CounterMail — but they won’t be able to do anything with it.
The attacker won’t be able to “crack” the encryption, either. OpenPGP, the popular open-source application for PGP, uses asymmetric encryption to protect against that.
Here’s how it works: when you use an OpenPGP service, you manage a key pair, a private key and a public key. When you’re sending a message, you use the recipient’s public key to encrypt your message.
Since that key is tied to a private key, the only way to decrypt it is with the private key. The encrypted message travels across the internet, the recipient receives it and they decrypt the message by matching their private key to the public key you used to encrypt the message.
The process sounds complicated, and it is, but it’s important to remember that all of this happens within a matter of seconds and you rarely need to manage any of it.
The result is what’s known as “end-to-end encryption,” where at no point in the connection chain is the data exposed in an unencrypted form. It’s encrypted on your machine, and it’s only decrypted on the recipient’s machine.
When we refer to an email service as “secure,” this is what we’re talking about. By comparison, Gmail looks like just about the least secure app on the market. If you’re new to the world of cryptography, this can be a lot of information. Fret not, though; all of the services listed above use PGP to keep your messages safe.
A Note About Open Source
From a technical standpoint, it’s clear that a service like ProtonMail offers more security than a service like Yahoo Mail. However, there’s another less obvious point that makes some email services more secure than others: an open-source code base.
If the phrase is new to you, here’s a short definition. When a piece of software is open source, this means the original code that’s compiled for the application is publicly available. With that code, anyone — for any purpose — has permission from the copyright holder to copy, alter, distribute, use, study or really do anything else with the code.
This is a tough bar to clear, and only our top picks fit in the open source category. There are two reasons to use a piece of software with this title. The first is vendor lock-in. With closed-source applications, if the company managing the software decides to stop managing it, you’re simply out of luck.
Although unlikely to happen, imagine if Google decided that the cloud wasn’t the future and wanted to put its resources elsewhere. If you have everything in a Google account, that’s simply gone, no questions asked. However, with open-source applications, other users can gather the source code and deploy their own forks of the original application. No more vendor lock-in.
The other perk, and the more important one, is that open-source software is inherently more secure. That’s not to say that an open-source application without encryption is safer than a closed one with encryption; but when two pieces of software are on a level playing field, the one with an open code base is usually safer.
Simply put, if the code base is public information, there are more eyes on it. That usually leads to fewer bugs, less vulnerabilities in security and a faster turnaround time in fixing issues. Tutanota and ProtonMail both have their source code live on GitHub, allowing anyone, anywhere, to mull over the data and see if they can find anything.
From our five secure email options, you can see there are plenty of alternatives to the most established email services. All of the above options include third-party email application support in one form or another, so you can use, say, Tutanota with Outlook or any other local email application you want.
For us, ProtonMail is the best option, not only because it’s based in Switzerland and abides by excellent privacy laws, but also because it’s free and easy to use. Tutanota is also a great alternative, though beyond that, our suggested email services get much more specialized for specific use cases.
What service are you going to use to send encrypted emails? Is ProtonMail right for you? Or are you going with another option? Let us know in the comments below and, as always, thanks for reading.