The 5 Best Services for Secure Email

Encrypted email services keep your messages private

Gold Bank Vault
…and only the recipient has the key to unlock your secure email's encryption. kjpargeter/Depositphotos

A secure email service is the easiest way to keep your emails private. Not only do they guarantee secure and encrypted email, they protect anonymity. Most regular free email accounts are just fine for the average user, but if you need to be confident that the messages you send and receive are totally and completely protected, check out some of these providers.

Tip: An encrypted email account is great for obvious reasons, but if you want even more anonymity, use your new email account behind a free anonymous web proxy server or a Virtual Private Network (VPN) service.

01
of 06
ProtonMail
ProtonMail - Best Secure Email Service. Proton Technologies AG

ProtonMail is a free, open-source, encrypted email provider based in Switzerland. It works from any computer through the website and also via the Android and iOS mobile apps.

The most important feature when talking about any encrypted email service is whether or not other people can get a hold of your messages, and the answer is a solid no when it comes to ProtonMail since it features end-to-end encryption.

Nobody can decrypt your encrypted ProtonMail messages without your unique password—not the employees at ProtonMail, their ISP, your ISP, or the government.

In fact, ProtonMail is so secure that it can't recover your emails if you forget your password. The decryption happens when you log on, so they don't have access to a means of decrypting your emails without your password or a recovery account on file.

Another aspect of ProtonMail that's important to state is that the service doesn't  keep any of your IP address information. A no-log email service like ProtonMail means that your emails cannot be traced back to you.

More ProtonMail features:

  • Two-factor authentication option
  • Lets you send password protected, encrypted messages even to non-ProtonMail users
  • Can compose messages with images and rich text formatting
  • Lots of keyboard shortcuts
  • Can download your PGP keys
  • CSV contact imports are supported

Cons:

  • Can't change the default email signature on a free account,  but you can erase it before sending each email
  • Does not support IMAP, SMTP, or POP3

The free version of ProtonMail supports 500 MB of email storage and limits your usage to 150 messages per day.

You can pay for the Plus or Visionary service for more space, email aliases, priority support, labels, custom filtering options, auto-reply, built-in VPN protection, and the ability to send more emails each day. There's also a Business plan available. More »

02
of 06
CounterMail
CounterMail. CounterMail.com

For those seriously concerned with email privacy, CounterMail offers a thoroughly secure implementation of OpenPGP encrypted email in a browser. Only encrypted emails are stored on CounterMail servers.

CounterMail takes things further, though. For one, the servers, which based in Sweden, don't store your emails on hard disks. All data is stored on CD-ROMs only. This helps prevent data leaks, and the moment somebody tries to tamper with the server directly, chances are the data will be irrevocably lost.

Something else you can do with CounterMail is set up a USB drive to further encrypt your email. The decryption key is stored on the device and it, too, is required in order to log in to your account. Decryption in this way is impossible even if a hacker steals your password.

More CounterMail features:

  • Supports IMAP
  • Lets you modify lots of settings for your account
  • Doesn't keep IP address logs
  • Forms can be built to send results to your email
  • Uses anonymous email headers
  • Works in a browser and through an iOS app
  • Includes a built-in password manager called Safebox
  • Supports email filters
  • Includes several identities that you can use to receive mail in your primary CounterMail inbox

Cons:

  • Cannot send encrypted emails to nonusers
  • Not the easiest and friendliest secure email service to use
  • Doesn't include much space for emails (you must pay for more)
  • Free only for one week

The added physical security with the USB device makes CounterMail a bit less simple and convenient to use than other secure email services, but you do get IMAP and SMTP access, which you can use with any OpenPGP-enabled email program, like K-9 Mail for Android.

After the CounterMail one-week free trial, you have to then purchase a plan in order to keep using the service. The trial includes just 3MB of space. More »

03
of 06
Hushmail
Hushmail. Hush Communications Canada Inc.

Hushmail is another encrypted email service provider that's been around since 1999. It keeps your emails secure and locked behind state-of-the-art encryption methods so not even Hushmail can read your messages; only someone with the password.

With this encrypted email service, you can send encrypted messages to both users of Hushmail and nonusers who have accounts with Gmail, Outlook Mail, or another similar email client.

The web version of Hushmail is easy to use and provides a modern interface for sending and receiving encrypted messages from any computer.

When making a new Hushmail account, you can choose from a variety of addresses like @hushmail, @hushmail.me, @hush.com, @hush.ai, and @mac.hush.com.

More Hushmail features:

  • Supports IMAP and POP
  • Two-step verification option
  • Works through the web or the iOS app, although there's also a mobile web version that works on all mobile platforms
  • Contacts can be imported via a CSV file
  • Comes with 10GB of email storage
  • You can sign up to get notifications in any other email account—even non-Hushmail ones—when you get an email in Hushmail
  • Supports setting an email signature
  • Includes a spam filter
  • Auto-response can be enabled
  • Unlimited email aliases can be made with the @nym.hush.com address to mask your identity online
  • Various email settings can be changed

Cons:

  • Free accounts include little storage
  • You must provide an alternative email address when signing up and your phone number for verification

There is both a personal and a business option when signing up for Hushmail, but neither are free. There is a free trial, however, that's valid for two weeks so you can try out all the features before buying. More »

04
of 06
Mailfence
Mailfence. ContactOffice Group sa

Mailfence is security-centric email provider that features end-to-end encryption to ensure that nobody can read your messages but you and the recipient.

What you get is an email address and web service that incorporates OpenPGP public key encryption like any email program would. You can create a key pair for your account and manage a store of keys for people you want to email securely.

That concentration on the OpenPGP standard means you can access Mailfence using IMAP and SMTP using secured SSL/TLS connections with the email program of your choice. It also means you cannot use Mailfence to send encrypted messages to people who do not use OpenPGP and have no public key available.

Mailfence is based in Belgium and is subject to EU and Belgian laws and regulations.

More Mailfence features:

  • Emails are digitally signed to prove authorship
  • Supports two-factor authentication
  • Doesn't use ads
  • Blocks spam messages
  • Email settings are open for customization and tweaking
  • Can buy credits to send faxes and text messages
  • Contacts can be imported from Outlook, CSV file, vCard, LDIF, or Gmail
  • Messages in the EML format can be imported
  • Includes a calendar and file storage for documents
  • Can send mail through the address you used to sign up such as your Gmail address

Cons:

  • Little online storage
  • Must enter an existing email address at signup to receive your activation key
  • Keeps private keys on Mailfence servers 
  • Email encryption code is not available for inspection as is the case with open source software
  • Cannot send encrypted email to everybody, only Mailfence or OpenPGP users

For online storage, a free Mailfence account nets you a mere 200MB, although paid accounts offer ample space, together with the option to use your domain name for your Mailfence email address.

Unlike ProtonMail, Mailfence's software is not available for inspection because it's not open source. This detracts from the system's security and privacy. 

Mailfence stores your private encryption key on Mailfence servers but insists, "...we can't read it since it is encrypted with your passphrase (via AES-256). There is no root key that would allow us to decrypt messages encrypted with your keys."

Something else to consider here to readjust your trust level is to realize that since Mailfence uses servers in Belgium, it's only through a Belgian court order that the company can be forced to reveal private data. More »

05
of 06
Tutanota
Tutanota. Tutao

Tutanota is similar to ProtonMail in its design and security level. All Tutanota emails are encrypted from the sender to the receiver and decrypted right on the device. The private encryption key is not accessible to anyone else.

To exchange secure emails with other Tutanota users, this email account is all you need. For encrypted email outside the system, just specify a password for the email for the recipients to use when viewing the message in their browser. That interface lets them reply securely, too.

The web interface is easy to use and understand, letting you make an email private or not private with one click. However, there isn't a search function so it's impossible to search through past emails.

Tutanota uses AES and RSA for email encryption. Servers are located in Germany, which means that German regulations apply.

You can create a Tutanota email account with any of the following suffixes: @tutanota.com, @tutanota.de, @tutamail.com, @tuta.io, @keemail.me.

More Tutanota features:

  • Free accounts include 1 GB of space
  • Open source
  • Apps for iOS and Android
  • Custom folders can be made to organize emails
  • Any email address can be marked as spam to prevent future messages
  • File attachments are supported
  • Passwords are salted and hashed with bcrypt

Cons:

  • Supports sending only plain text emails
  • Aliases are not supported for free accounts
  • Email rules are only supported in paid accounts
  • Cannot import contacts in bulk
  • Does not support IMAP

Several features in this email provider are only available if you pay for the Premium service. For example, the paid edition lets you purchase up to 100 aliases and expands the email storage to 1TB. More »

06
of 06

Additional Steps to Keep Email Secure and Private

If you use a secure email service that offers end-to-end encryption, you have taken a huge step toward making your email truly secure and private.

To make life difficult for even the most dedicated hackers, you can take a few more precautions:

  • Beware of keylogging software that captures what you type right from your keyboard. These can completely thwart all encryption if the password is all the hacker needs to access your account.
  • Do not leave your mobile devices and computers unguarded. Also, make sure your devices themselves are protected with strong passwords or biometrics and do not allow for guest accounts or similarly unprotected access.
  • Be vigilant of social engineering. Phishing attempts often come by email, instant messages, VoIP, or social networking messages, and can be cleverly designed or tailored specifically to you. These are tricks that get you to hand out personal details such as passwords and bank information.
  • Do not write down or share any passwords. Never make a note of the password that lets you decrypt secure emails. That is unless you store it in a secure password manager.
Was this page helpful?