How to Encrypt Emails in Gmail, Yahoo, Outlook, & More in 2024

Tyler Cross
Updated on: September 23, 2024 Senior Writer

Encrypting emails is easy, for the most part. Many of the top email providers have encryption built right in or offer the tools for end-to-end encryption. But if your provider doesn’t offer this feature, encrypting your emails can get a bit technical. That’s why I’ve simplified the process with easy-to-follow step-by-step guides below.

Read on to find out how to encrypt an email in Gmail, Yahoo, and Outlook, and on Mac, Android, and iOS. I also describe how to encrypt emails on any email service using third-party tools.

Besides encryption, antiviruses are essential to thoroughly protect your emails. Security suites like Norton provide anti-phishing protection and real-time protection from malware, protecting your emails from all forms of online threats.

TRY NORTON

How to Encrypt Emails on Gmail

Gmail automatically encrypts emails during transit using TLS (Transport Layer Security), and if this is enough for you, there’s nothing you should do on your end. However, note that this way, both your email provider and the recipient’s provider can access the content of stored emails on their servers.

Gmail also has S/MIME end-to-end encryption available, which makes sure only the sender and intended recipient can read the email content. However, you can use it only if you have a business or education account (with the permission of the administrator), and both you and the recipient will need to have it enabled.

To encrypt your emails using S/MIME with Gmail (once it’s been enabled by the admin):

1. Open Gmail and compose a message.
2. Click on the lock icon that appears next to the recipient’s name.
3. Choose View Details to customize your encryption level. The icon’s color represents its security level. Green is for S/MIME, gray indicates it only has TLS encryption, and red means your email is completely unprotected.

If you want end-to-end encryption on a personal account, you’ll need to get third-party software.

How to Encrypt Emails on Yahoo

Yahoo automatically encrypts emails during transit like Gmail. However, unlike Gmail, you don’t get any additional options for end-to-end encryption.

I don’t recommend sticking to this type of encryption only when using Yahoo — the company has had a history of crippling data breaches, so it’s best to always pair it up with a third-party encryption app to get advanced encryption for your personal accounts.

How to Encrypt Emails on Outlook

Outlook encrypts your emails during transmission using TLS, but If you’re a business or organization owner with a S/MIME certificate, you can also benefit from end-to-end encryption via the S/MIME protocol. Plus, Outlook lets you mark your emails with a digital signature — if it’s edited or gone, you know the email has been tampered with.

1. Start by getting a S/MIME certificate from your IT administrator or helpdesk.
2. Install the S/MIME control app.
3. Open Outlook and click on the Settings menu, then the S/MIME option.
4. Choose Add a digital signature to all messages I send.
5. If you want this to be permanent, click Automatically choose the best certificate for digital signing.
6. Return to Outlook and compose a message. If you set it up during the prior step to automatically sign emails, you should see a lock icon to indicate that it’s protected.
7. To manually encrypt an email, click on More options.
8. Choose Encrypt this message (S/MIME).  Then, return to your message and send it.

If you have a free personal Outlook account, you should consider third-party solutions to get end-to-end encryption.

How to Encrypt Emails on Mac

Mac comes with built-in S/MIME protection for Apple Email (as always, Apple products show up the rest of the competition in terms of security). This means you can protect emails without needing any extra software, but you’ll have to get a self-certificate first. You need one for both yourself and for anyone you plan on sending an email to.

The steps for enabling and using S/MIME protection on Apple Email vary depending on your MacOS. I’ve included general steps for Mac users, but note that your steps could look different.

To create a certificate:

1. Open the Keychain Access app.

2. From the top menu, click Keychain Access, then choose Certificate Assistant from the drop-down menu.

3. Choose Create a Certificate Authority.

4. In the pop-up menu, fill in your name and make sure you select Self-Signed Root for the identity type and S/MIME for the certificate type. Enter your email at the bottom and click Create.

5. Verify your certificate. A screen will appear telling you that it worked.

6. Click on the Certificate Authority that you just made. This will create a pop-up menu. Once there, make sure your options are set to Always Trust.

7. Now that you have your certificate authority, you can create the self-certificate that lets you use your email account to send encrypted emails. In Certificate Assistant, click Create a Certificate.
8. Choose an identity type and then your type of certificate. You’ll want to make sure you’re checking Self-Signed Root for the identity type and S/MIME for the certificate type. Make sure Let me override defaults is checked.
9. Click Create and then verify your decision.

Now, you’ll need to do steps 7–9 for each recipient you plan on sending an email to. Instead of entering your email address during the creation, enter their email address. If you follow these steps for yourself, but not for the recipient, they won’t be able to receive or send you encrypted messages.

Now that we have the proper authorities and certificates, we can get to the fun part, which is sending the email!

1. Open up your Mail app and start a new message. Make sure you use the correct email address and that the recipient’s email address has a certificate.

2. Click on the lock icon and enter your master password.

3. If everything is done correctly, you’ll see a closed lock icon to indicate that your message is protected. Send the message as normal.

How to Encrypt Emails on Android

Android has no built-in options to encrypt your email. Individual email services will have their own security — meaning Gmail or Outlook will still encrypt messages during transit, even on Android.

The only way to encrypt your emails end-to-end on Android, unless you have a business or education account with Gmail or Outlook, is to use a third-party app.

The simplest to use is Proton Mail, which uses zero-knowledge encryption, meaning unlike other forms of encryption the company doesn’t keep a copy of your security key. You can find the steps on how to encrypt your emails with Proton Mail Bridge here.

How to Encrypt Emails on iOS

iOS devices come with built-in S/MIME encryption options. You can easily toggle them on or off for Apple Mail in your settings menu. To enable this:

1. Open your Settings app.

2. Choose Mail and then Accounts.

3. Tap on your email address.

4. Pick Account Settings.

5. Tap Advanced.

6. Then turn on Encrypt by Default. You can toggle it on and off from this screen.

Just remember that while this protects emails sent from Apple Mail, it won’t protect other services you use on your iOS, like Gmail.

How to Encrypt Emails With Third-Party Tools On Any Email Service

For most email providers, your best bet is to use a third-party product that encrypts emails for you, like Proton Mail Bridge or Mailvelope. These apps work as an intermediary between your device and the email provider, encrypting your emails before they’re sent.

For example, Proton Mail Bridge acts as a proxy between Proton Mail and your regular email account. The Bridge encrypts emails locally on your device using Proton Mail’s end-to-end encryption. Once the email is encrypted on your device, it’s sent to Proton Mail’s servers. Proton Mail further adds S/MIME-level encryption for secure transmission to the recipient.

Proton Mail uses zero-knowledge encryption, meaning unlike other forms of encryption, the company doesn’t keep a copy of your security key — so it never has access to the decrypted content of your emails, and it doesn’t store copies of them in an unencrypted form.

Here’s how you can encrypt an email from Proton Mail Bridge, using Outlook 2019 as an example.

1. Install Proton Mail Bridge. Make sure you’re using the official website.
2. Follow the setup prompts.
3. Sign into your Proton Mail account. If you don’t have one, pick up a plan and create your account following the links within the app.
4. Link your email account using the Proton Mail Bridge app.
5. Open Outlook and click on the File tab, then Account information. Select Add account.
6. Open the Advanced options and select Let me set up my account manually.
7. Choose IMAP.
8. Enter all of the relevant account information and click Enter.
9. Enter the password that is generated for you on Proton Mail Bridge. Do not use your normal password.
10. Click Connect.
11. Next, choose your Proton account and click Change.
12. Open the Mail settings and check Do not save copies of sent items and Purge items when switching folders while online.
13. Open Outlook and compose a new email. This new email will be sent to your Proton Mail Bridge and encrypted before being sent to the recipient.

If you need a third-party app for Gmail and Yahoo, which don’t support most bridging services like Proton Mail Bridge, Mailvelope is a great alternative. It integrates directly into your browser and uses Pretty Good Privacy (PGP) to encrypt your emails within your browser before they’re sent. Unlike Proton Mail Bridge, which uses Proton Mail’s infrastructure, Mailvelope works on top of your email service — so Gmail and Yahoo handle the delivery of encrypted emails but don’t participate in the encryption or decryption process.

The downside of third-party apps like these is there’s no guarantee it’ll work with your email provider. Even if it is for now, it’s possible that future updates from either the email company, the app you use, or even from your phone could cause compatibility issues. These problems can result in you losing your emails. While this is rare, it is possible, so you can’t say I didn’t warn you.

Benefits and Drawbacks of Encrypting Emails

Encrypting your emails is great for privacy, but it comes with challenges. The benefits include:

• Enhanced security. The biggest benefit is the massive improvement to your security. Encrypting prevents hackers and your email provider from reading your emails, stops man-in-the-middle attacks, and protects you against data breaches.
• Maintaining confidentiality. You can avoid having your emails read by anyone except those with a copy of your security key. This means you can send any email without losing confidentiality.
• Phishing Protection. Encryption tools can help protect against phishing attacks by verifying the identity of the sender. When you use encryption, the sender’s public key is required to encrypt the message. The recipient can then verify the authenticity of the sender by checking the encryption key used.
• Private conversations. The final benefit is that your conversations can’t be spied on. This is especially good for business owners who discuss important topics via email.

The potential problems you might face are:

• Complexity. It isn’t always easy to secure your email. Third-party software can be complicated and require more technical expertise than you’d expect. Even the official steps for each email can be cumbersome. You introduce a lot more micro-management and a layer of complexity when you start encrypting emails.
• Compatibility issues. When you use third-party software, there’s no guarantee it’ll remain compatible with your email provider. This could result in you losing your encrypted emails. On top of that, not all apps are compatible with all emails, so if you don’t pay careful attention when installing the encryption software, you could lose anything you just encrypted.
• Limited search functions. Secure emails won’t appear when you use search or index functions, making them harder to find. You need to manage each of them yourself so you can find them in the future. Losing one can be very frustrating (speaking from experience).
• Security key management. When encrypting an email, you need to be sure you’re properly managing your encryption keys. Losing one can result in you being unable to access it forever, and there’s no way to recover it through your email’s backup feature.

More Ways to Protect Your Emails

Encrypting an email is a great first step to protect your privacy, but there’s more to do. Encryption prevents data breaches and man-in-the-middle attacks, but you’re still vulnerable to malware and email phishing scams. Here’s how you can protect your email (and whole network) from other online threats:

• Keep your software up-to-date. Software designers constantly put out security patches that improve your defenses against hackers. Without having your apps or system up-to-date, you leave your system vulnerable. Be sure to regularly update everything from your computer to your email app to your browser.
• Use an email provider with zero-knowledge encryption. Some email providers, like Proton Mail, use end-to-end encryption and zero-knowledge encryption by default, which prevents companies from keeping a copy of your encryption key.
• Download a VPN. Encrypting an email doesn’t help the rest of your outgoing network data. That’s where a VPN comes in. A VPN automatically encrypts all of your data, so not even your ISP (Internet Service Provider) will be able to see what you’re doing online. Just make sure to pick a VPN with an airtight no-logs policy, meaning it won’t keep logs of your online activities. All of the best VPNs have this policy in place to keep you safe (ExpressVPN is especially good).
• Use web protection tools. Web protection software, like Norton’s, is designed to protect you from insecure websites and online phishing scams by flagging them and stopping you from accessing them. Norton also provides spam filtering, stopping your inbox from getting bogged down by phishing scams and ads. Good web protection tools go a long way in keeping you safe online, especially while checking your emails.
• Install a good antivirus. Speaking of Norton, an antivirus will help beat malware in general. It’s possible to accidentally contract a virus that lingers in the background of your computer and collects data from your browser activities. This means it would transmit your email information every time you access it. Without a good antivirus, you’re left exposed to thousands of threats. Good antiviruses often include web protection tools and bundled VPNs too, giving you comprehensive email security.

Read Review

Save 58% on Norton 360 Deluxe!

Get Norton 360 Deluxe for only $49.99*!

Get Deal

Editors' Note: ExpressVPN and this site are in the same ownership group.

Frequently Asked Questions

What does encryption do?

Encryption scrambles your data so that only the person with the right “key” can read it. For emails, encryption turns your email into a code that looks like gibberish to anyone trying to snoop on it and assigns it a unique key that can decipher it. That key is stored locally (and by the company unless it’s zero-knowledge encryption), and only the intended recipient can unlock and read the real message.

There’s a lot to consider about your method of encryption. For example, Gmail encrypts its emails, but only during transit. Once it’s stored in your inbox, it’s left unprotected, and if you need to encrypt it you’ll have to do it manually either through built-in tools which are available to premium users, or via third-party software.

Does a VPN automatically encrypt my emails?

No, VPNs don’t fully encrypt your emails. VPNs encrypt your entire traffic, which prevents your ISP and any third party like a hacker from spying on your emails, but they’re still visible to the email provider or anyone that accesses its servers. For instance, If a hacker manages to get into those servers, they’ll also be able to see your emails.

So while I definitely recommend using a VPN to maintain your privacy, you’ll need to fully encrypt sensitive emails via other means if you want them to be completely private.

Are there any drawbacks to encrypting my email?

There are no security drawbacks, but there are some complications. Encrypting your email on most popular services like Google and Outlook requires you to have a business or education account, and even then you have to go through several steps each time to make sure your emails are encrypted.

If you’re on a free personal account, you’ll need a third-party app, which comes with potential compatibility issues.

There are also accessibility problems that can come up down the road. Many cloud services, like Google Drive, cannot store your encrypted emails. You also won’t be able to find them through your index or search functions.

Do any email services provide automatic encryption?

Proton Mail is one of the only top email providers that automatically provide end-to-end and zero-knowledge encryption. This means that your emails are encrypted from the moment they leave your device until they reach the recipient, and even Proton Mail’s servers can’t read or access the contents of your messages because they don’t store the decryption keys.

Gmail and Outlook also automatically encrypt email, but only during transit. Once they reach the provider’s servers, the emails are decrypted, allowing the service provider to access and potentially read their contents.