The 5 Best Secure Email Services for 2019

Encrypted email services keep your messages private

Most regular, free email accounts are fine for average users, but if you need to be ultra-confident the messages you send and receive are 100% protected, check out the secure email services below. These services provide an easy way to keep emails private, with guaranteed secure, encrypted email.

An encrypted email account protects your privacy. If you want more anonymity, use your secure account behind a free, anonymous web proxy server or a Virtual Private Network (VPN) service.

01
of 05

ProtonMail

ProtonMail
What we like
  • Two-factor authentication.

  • Send password-protected, encrypted messages to anyone.

  • Import CSV contact lists.

What we don't like
  • Can't change the default signature on free accounts.

ProtonMail is a free, open-source, encrypted email provider based in Switzerland. It works from any computer through the website and also through the Android and iOS mobile apps.

The most important feature when talking about any encrypted email service is whether or not other people can get a hold of your messages, and the answer is a solid no when it comes to ProtonMail since it features end-to-end encryption.

Nobody can decrypt encrypted ProtonMail messages without your unique password, including employees at ProtonMail, their ISP, your ISP, or the government.

ProtonMail is so secure that it can't recover your emails if you forget your password. The decryption happens when you log on, so the service doesn't have a means of decrypting emails without your password or a recovery account on file.

ProtonMail also doesn't keep your IP address information. With a no-log email service like ProtonMail, emails can't be traced back to you.

Additional helpful features include:

  • Compose messages with images and rich text formatting.
  • Keyboard shortcuts.
  • Download PGP keys.

The free version of ProtonMail supports 500 MB of email storage and limits usage to 150 messages per day.

Pay for the Plus or Visionary service for more space, email aliases, priority support, labels, custom filtering options, auto-reply, built-in VPN protection, and the ability to send more emails each day. A Business plan is also available.

02
of 05

CounterMail

CounterMail
What we like
  • Supports IMAP.

  • Doesn't keep IP address logs.

  • Includes Safebox, a built-in password manager.

What we don't like
  • Can't send encrypted emails to non-users.

  • Limited storage space.

  • One-week free trial period.

If you're seriously concerned with email privacy, CounterMail offers a secure implementation of OpenPGP encrypted email in a browser. Only encrypted emails are stored on CounterMail servers.

Additionally, the servers (which are based in Sweden) don't store emails on hard disks. All data is stored on CD-ROMs only. This method helps prevent data leaks, and the moment someone tries to tamper with the server directly, the data is likely lost.

With CounterMail you can also set up a USB drive to further encrypt email. The decryption key is stored on the device and it, too, is required to log in to your account. This way, decryption is impossible even if a hacker steals your password.

Additional helpful features include:

  • Modify account settings.
  • Build forms to send results to your email.
  • Supports email filters.
  • Uses anonymous email headers.
  • Works in a browser and through an iOS app.
  • Includes several identities to receive mail in your primary inbox.

The added physical security of the USB device makes CounterMail less simple and convenient to use than other secure email services, but you do get IMAP and SMTP access, which you can use with any OpenPGP-enabled email program, such as K-9 Mail for Android.

After the one-week free trial, purchase a plan to keep using the service. The trial includes 3 MB of space.

03
of 05

Hushmail

Hushmail
What we like
  • Supports IMAP and POP.

  • Optional two-step verification.

  • Import contacts from a CSV file.

  • Spam filter and auto-responder.

  • Includes 10 GB of storage.

What we don't like
  • Free account includes little storage.

  • Must use an alternate email address and phone number during sign-up and verification.

Hushmail is another encrypted email service that's been around since 1999. It keeps emails secure and locked behind state-of-the-art encryption methods. Not even Hushmail can read your messages; only someone with your password can do so.

With this service, you can send encrypted messages to users of Hushmail as well as nonusers who have accounts with Gmail, Outlook Mail, or other similar email clients.

The web version of Hushmail is easy to use and provides a modern interface to send and receive encrypted messages from any computer.

When creating a new Hushmail account, choose from a variety of domains to use in your address, such as @hushmail, @hushmail.me, @hush.com, @hush.ai, and @mac.hush.com.

Additional features include:

  • Works through the web or the iOS app; the mobile web version works on all mobile platforms.
  • Sign up to get notifications of received emails in any other email account, even a non-Hushmail account.
  • Supports email signatures.
  • Unlimited email aliases can be made with the @nym.hush.com domain name to mask your identity online.

There are both personal and business options when you sign up for Hushmail, but neither is free. There is a free trial, however, that's valid for two weeks so you can test all the features before buying.

04
of 05

Mailfence

Mailfence
What we like
  • Digital email signatures prove authorship.

  • Supports two-factor authentication.

  • Includes spam blocker.

  • Import contacts from Outlook, CSV file, vCard, LDIF, or Gmail.

  • Calendar and file storage for documents.

What we don't like
  • Limited online storage.

  • Requires alternative email address to receive activation key.

  • Private keys kept on Mailfence servers.

  • Encrypted email can only be sent to Mailfence or OpenPGP users.

  • Email encryption code not available for inspection.

Mailfence is a security-centric email service that features end-to-end encryption to ensure nobody but you and your intended recipient can read your messages.

The service includes an email address and web interface that incorporates OpenPGP public key encryption. Create a key pair for your account and manage a store of keys for people you want to email securely.

This OpenPGP standardization means you can access Mailfence using IMAP and SMTP with secured SSL/TLS connections through the email program of your choice. You cannot use Mailfence to send encrypted messages to people who don't use OpenPGP and have no public key available.

Additional features include:

  • Doesn't use ads.
  • Email settings are open for customization and tweaking.
  • Buy credits to send faxes and text messages.
  • Import messages in the EML format.
  • Send mail through the address you used to sign up (such as your Gmail address).

For online storage, a free Mailfence account provides 200 MB, while paid accounts offer ample space as well as the option to use your own domain name for your Mailfence email address.

Mailfence's software is not available for inspection because it's not open source, making it less secure and private.

Mailfence stores your private encryption key on Mailfence servers but insists it can't be read because it's encrypted with your passphrase (via AES-256), and there's no root key that would allow the service to decrypt messages encrypted with your keys.

Mailfence uses servers in Belgium, so it's only through a Belgian court order that the company can be forced to reveal private data.

05
of 05

​Tutanota

Tutanota
What we like
  • Apps for iOS and Android.

  • Includes 1 GB of storage space.

  • Open source.

  • Supports spam filtering.

What we don't like
  • Features like aliases and email rules only available to paid accounts.

  • Doesn't support IMA.

  • Can't import contacts in bulk.

Tutanota is similar to ProtonMail in its design and security level. All Tutanota emails are encrypted from the sender to the receiver and decrypted on the device. The private encryption key isn't accessible to anyone else.

This email account is all that's needed to exchange secure emails with other Tutanota users. For encrypted email outside the system, specify a password for the recipient to use when viewing the message in a browser. That interface allows them to reply securely, too.

The web interface is easy to use and understand, make an email private or not with one click. However, there's no search function, so it's impossible to search past emails.

Tutanota uses AES and RSA for email encryption. Servers are located in Germany, which means that German regulations apply.

Create a Tutanota email account with any of the following domains: @tutanota.com, @tutanota.de, @tutamail.com, @tuta.io, and @keemail.me.

Additional features include:

  • Custom folders to organize messages.
  • Supports attachments.
  • Passwords are salted and hashed with bcrypt.

Several features in this service are only available with the Premium service. For example, the paid edition lets you purchase up to 100 aliases and expands the storage to 1 TB.

Additional Steps to Keep Email Secure and Private

If you use an email service that offers end-to-end encryption, you've taken a huge step toward making your email secure and private. Additional steps you can take to make life difficult for dedicated hackers include the following precautions:

  • Beware of keylogging software that captures what you type on the keyboard. These programs can thwart encryption if the password is all the hacker needs to access an account.
  • Don't leave mobile devices or computers unguarded. Also, make sure devices are protected with strong passwords or biometrics and don't allow for guest accounts or similarly unprotected access.
  • Be vigilant of social engineering. Phishing attempts often come by email, instant messages, VoIP, or social networking messages, and can be designed or tailored specifically to you. These communications are tricks to get you to hand out personal details such as passwords and banking information.
  • Don't write down or share passwords. Never make a note of the password that lets you decrypt secure emails unless you store it in a secure password manager.