Anyone concerned about unwanted third parties such as big businesses or even hackers accessing sensitive data or conversations carried out via email might be interested in this quick guide which shows you how to protect your communications. Encrypting email helps protect sensitive information from being read by anyone other than the intended recipients.
There are several methods for encrypting email, but the most common method is to use a technology known as Public Key Infrastructure (PKI). To make sure your email is in read by unwanted third parties you can use Email clients that supports encryption, such as Microsoft Outlook, Mozilla Thunderbird.
Or perhaps a web-based service that supports encryption like ProtonMail or Tutanota or a monthly fee. To help you set up encryption using two of the popular mail client,s we have explained how to encrypt your emails on both the Apple Mail app included with Mac OS and Microsoft Outlook popular with Windows users.
What is encryption?
Encryption is a method of converting information or data into a code to prevent unauthorized access and different methods provide different levels of encryption. It’s a critical component of secure communication and data protection in the digital age.
When data is encrypted, it is transformed into a transport layer security format that is unreadable without a decryption key. This process involves using an algorithm to convert the original readable data, known as plaintext, into an unreadable format, known as ciphertext. There are two main types of encryption.
Types of email encryption
Symmetric
Also known as private-key cryptography: Symmetric encryption uses the same key for both encryption and decryption. The sender and receiver must both have access to the same key, which poses a challenge for secure key exchange.
Asymmetric
Also known as public-key cryptography : Asymmetric encryption encryption uses two different keys, one for encryption and one for decryption. The public key, which is available to everyone, is used to encrypt the data, while the private key, which is kept secret by the recipient, is used to decrypt the data. This method is widely used because it resolves the key exchange problem of symmetric encryption.
Encryption is widely used in many applications, including secure email communication, secure browsing (HTTPS), secure file storage (like encrypted hard drives or cloud storage), and in cryptocurrencies like Bitcoin. The goal of encryption is to ensure confidentiality and prevent unauthorized access to data. It also plays a role in data integrity, authentication, and non-repudiation.
Encrypting Apple Mail
To encrypt emails using the Mail app on macOS, you first need a personal certificate (also known as a digital ID) installed on your Mac. This certificate will allow you to sign and encrypt emails. Here is a step-by-step guide:
1. Getting a Digital Certificate (Digital ID):
The certificate you need is an S/MIME (Secure/Multipurpose Internet Mail Extensions) certificate. You can obtain one from a trusted certificate authority. Some popular providers include Comodo, GlobalSign, and Symantec. Follow their procedures to obtain the certificate.
Once you receive the certificate, install it on your Mac. This typically involves double-clicking the certificate file and following the prompts to add it to your Keychain.
2. Configuring Mail to Use Your Certificate:
Once you’ve installed your certificate, you can configure Mail to use it:
– Open the Mail app.
– From the Mail menu, select Preferences.
– Click Accounts and then select the account you want to use to send encrypted email.
– Click Advanced, and then select the checkbox next to Sign outgoing messages with S/MIME. If your certificate isn’t selected, click “Choose” and then choose your certificate.
3. Sending an Encrypted Email:
Before you start composing a message and encrypting an email to someone, you’ll need their public key. They can send this to you by sending you a signed email. Once you’ve received a signed email from them, you can send them an encrypted email:
– Click to create a new email.
– After you’ve composed your email, click on the lock icon to the right of the recipient’s email address. The lock will turn blue and show a tooltip saying Encrypt. If the lock is grayed out, it means you don’t have the recipient’s public key.
4. Reading an Encrypted Email Messages:
When you receive an encrypted email, the Mail app should automatically decrypt it using your private key.
Send a message from Outlook email
If you have Microsoft Outlook, you will be pleased to know it supports S/MIME encryption. Here’s how you can set it up:
1. Get a Digital Certificate:
First, you’ll need to obtain a digital certificate from a Certificate Authority (CA) like Comodo, DigiCert, or GlobalSign. This digital certificate will be used to sign and encrypt your emails.
2. Install the Certificate:
Install your certificate on your Windows computer. This usually involves downloading the certificate and then double-clicking the certificate file. Windows will open a wizard that guides you through the process.
3. Set up Outlook to use your Certificate:
Now that your certificate is installed, you need to configure Outlook to use it.
– Open Outlook and go to the File tab.
– Click Options > Trust Center > Trust Center Settings > Email Security.
– Under Digital IDs (Certificates), click Import/Export to import your certificate.
– Follow the prompts to import your certificate. You’ll need to browse to the location where your certificate file is saved, and you might also need to enter a password that was provided when you downloaded the certificate.
4. Send an Encrypted Email:
Now that you have your certificate set up, you can send an encrypted email.
– Compose a new email in Outlook.
– Before sending, go to the Options tab and click on the Encrypt button.
– If you haven’t previously received a signed email from the recipient (which would include their public key), you’ll be prompted to find their digital ID before you can send an encrypted email.
Sending and Receiving Encrypted Email
Remember, you must keep your private key secure. If someone else gains access to it, they will be able to decrypt any emails encrypted with your public key. Also, the recipient must have their own digital certificate in order to decrypt the emails you send them, and they must also have your public key in order to send you encrypted emails.
It’s important to check with and remind your recipients about these requirements. Email encryption requires both the sender and the recipient to have their own digital certificates. The recipient will also need to follow a similar process to install a digital certificate on their computer and configure their email client to use it.
Third-party encrypted email providers
Services listed below offer end-to-end encryption. They also provide other security features. This guarantees that only intended recipients can read your emails. No single service is perfect for everyone, and the best one for you will depend on your specific needs and circumstances.
Consider factors like the location of the company (which affects the legal protections for your data), the specific security features offered, the cost, and the usability of the service.
– ProtonMail: Based in Switzerland, ProtonMail is one of the most popular secure email services. It uses end-to-end encryption and doesn’t log IP addresses.
– : This Germany-based service offers end-to-end encryption for email, contacts, and calendar. It’s also open source, which allows anyone to inspect the code for potential security issues.
– Hushmail: A Canada-based service that has been around since 1999, Hushmail offers encrypted email with both personal and business plans.
– Zoho Mail: While Zoho is better known for its suite of productivity applications, it also offers a secure email service with end-to-end encryption.
– Mailfence: Based in Belgium, Mailfence offers end-to-end encryption and digital email signatures. It also includes a calendar and contacts feature.
– Runbox: A Norway-based service, Runbox uses strong encryption and is committed to privacy, with servers powered by renewable energy.
– Posteo: This is a Berlin-based paid service that offers strong encryption and a high level of privacy, with anonymous signup and payment options.
– StartMail: From the creators of the private search engine Startpage, StartMail offers email encryption with a focus on simplicity and ease of use.
– Kolab Now: Also based in Switzerland, Kolab Now offers a secure email service that’s part of a larger suite of productivity apps.
Please note that no method is 100% secure, and they all have trade-offs, typically balancing security, usability, and convenience. So, the best method for you depends on your specific needs.
Troubleshooting encryption issues
If you’re having trouble sending encrypted emails, there are a few things you can check:
– Make sure you have the recipient’s public key. You can only send encrypted emails to recipients whose public key you have. If you don’t have their key, ask them to send you a signed email.
– Check your certificate. Make sure it’s installed correctly and selected in the Mail app’s preferences.
– Verify that the recipient’s email address matches the one in the certificate. The email encryption won’t work if there’s a mismatch.
It can be easy to forget to encrypt emails, especially if you’re in a hurry. If you’re sending sensitive information, always double-check that the lock icon is blue before you send the email. If you regularly send sensitive emails, consider setting encryption as the default for all emails.
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.