The 5 Best Secure Email Services for 2019

Encrypted email services keep your messages private

An illustration indicating an unsafe email on a laptop that needs to have a secure email service.

 South_agency/Getty Images

Most regular, free email accounts are just fine for average users, but if you need to be ultra-confident the messages you send and receive are 100 percent protected, check out the secure email services below. These services provide an easy way to keep your emails private, with guaranteed secure, encrypted email.

An encrypted email account is great for protecting your privacy, but if you want even more anonymity, use your secure account behind a free, anonymous web proxy server or a Virtual Private Network (VPN) service.

01
of 05

ProtonMail

ProtonMail
Proton Technologies AG

What we like

  • Two-factor authentication.

  • Send password-protected, encrypted messages to anyone.

  • CSV contact imports are supported.

What we don't like

  • Can't change the default signature on free account.

  • Doesn't support IMAP, SMTP, or POP3.

ProtonMail is a free, open-source, encrypted email provider based in Switzerland. It works from any computer through the website and also via the Android and iOS mobile apps.

The most important feature when talking about any encrypted email service is whether or not other people can get a hold of your messages, and the answer is a solid no when it comes to ProtonMail since it features end-to-end encryption.

Nobody can decrypt your encrypted ProtonMail messages without your unique password, including employees at ProtonMail, their ISP, your ISP, or the government.

In fact, ProtonMail is so secure that it can't recover your emails if you forget your password. The decryption happens when you log on, so the service doesn't have a means of decrypting your emails without your password or a recovery account on file.

ProtonMail also doesn't keep any of your IP address information. With a no-log email service like ProtonMail, your emails can't be traced back to you.

Additional features some users may find helpful:

  • Can compose messages with images and rich text formatting.
  • Lots of keyboard shortcuts.
  • Can download your PGP keys.

The free version of ProtonMail supports 500 MB of email storage and limits your usage to 150 messages per day.

You can pay for the Plus or Visionary service for more space, email aliases, priority support, labels, custom filtering options, auto-reply, built-in VPN protection, and the ability to send more emails each day. A Business plan is also available.

02
of 05

CounterMail

CounterMail
CounterMail.com

What we like

  • Supports IMAP.

  • Doesn't keep IP address logs.

  • Includes Safebox, a built-in password manager.

What we don't like

  • Can't send encrypted emails to non-users.

  • Limited storage space.

  • Free trial period is just one week.

If you're seriously concerned with email privacy, CounterMail offers a thoroughly secure implementation of OpenPGP encrypted email in a browser. Only encrypted emails are stored on CounterMail servers.

Additionally, the servers (which are based in Sweden) don't store your emails on hard disks. All data is stored on CD-ROMs only. This method helps prevent data leaks, and the moment someone tries to tamper with the server directly, the data is likely lost.

With CounterMail you can also set up a USB drive to further encrypt your email. The decryption key is stored on the device and it, too, is required to log in to your account. This way, decryption is impossible even if a hacker steals your password.

Additional features some users may find helpful:

  • Lets you modify lots of settings for your account.
  • Forms can be built to send results to your email.
  • Supports email filters.
  • Uses anonymous email headers.
  • Works in a browser and through an iOS app.
  • Includes several identities you can use to receive mail in your primary inbox.

The added physical security of the USB device makes CounterMail less simple and convenient to use than other secure email services, but you do get IMAP and SMTP access, which you can use with any OpenPGP-enabled email program, like K-9 Mail for Android.

After the one-week free trial, you must purchase a plan to keep using the service. The trial includes just 3 MB of space.

03
of 05

Hushmail

Hushmail
Hush Communications Canada Inc.

What we like

  • Supports IMAP and POP.

  • Optional two-step verification.

  • Contacts can be imported using a CSV file.

  • Includes a spam filter and auto-responder.

  • Includes 10 GB of storage.

What we don't like

  • Free account includes little storage.

  • Must use an alternate email address and phone number during sign-up and verification.

Hushmail is another encrypted email service that's been around since 1999. It keeps your emails secure and locked behind state-of-the-art encryption methods. Not even Hushmail can read your messages; only someone with your password can do so.

With this service, you can send encrypted messages to users of Hushmail as well as nonusers who have accounts with Gmail, Outlook Mail, or other similar email clients.

The web version of Hushmail is easy to use and provides a modern interface for sending and receiving encrypted messages from any computer.

When creating a new Hushmail account, you can choose from a variety of domains to use in your address, like @hushmail, @hushmail.me, @hush.com, @hush.ai, and @mac.hush.com.

Additional features some users may find helpful:

  • Works through the web or the iOS app, and there's also a mobile web version that works on all mobile platforms.
  • You can sign up to get notifications of received emails in any other email account, even a non-Hushmail one.
  • Supports email signatures.
  • Unlimited email aliases can be made with the @nym.hush.com domain name to mask your identity online.

There are both personal and business options when you sign up for Hushmail, but neither is free. There is a free trial, however, that's valid for two weeks so you can test all the features before buying.

04
of 05

Mailfence

Mailfence
ContactOffice Group sa

What we like

  • Digital email signatures prove authorship.

  • Supports two-factor authentication.

  • Includes spam blocker.

  • Contacts can be imported from Outlook, CSV file, vCard, LDIF, or Gmail.

  • Includes calendar and file storage for documents.

What we don't like

  • Limited online storage.

  • Requires alternative email address to receive activation key.

  • Private keys kept on Mailfence servers.

  • Encrypted email can only be sent to Mailfence or OpenPGP users.

  • Email encryption code not available for inspection.

Mailfence is a security-centric email service that features end-to-end encryption to ensure nobody but you and your intended recipient can read your messages.

The service includes an email address and web interface that incorporates OpenPGP public key encryption as any email program would. You can create a key pair for your account and manage a store of keys for people you want to email securely.

This OpenPGP standardization means you can access Mailfence using IMAP and SMTP with secured SSL/TLS connections through the email program of your choice. You cannot use Mailfence to send encrypted messages to people who don't use OpenPGP and have no public key available.

Additional features some users may find helpful:

  • Doesn't use ads.
  • Email settings are open for customization and tweaking.
  • Can buy credits to send faxes and text messages.
  • Messages in the EML format can be imported.
  • Can send mail through the address you used to sign up (such as your Gmail address).

For online storage, a free Mailfence account gives you 200 MB, while paid accounts offer ample space as well as the option to use your own domain name for your Mailfence email address.

Mailfence's software is not available for inspection because it's not open source, making it less secure and private.

Mailfence stores your private encryption key on Mailfence servers but insists it can't be read because it's encrypted with your passphrase (via AES-256), and there's no root key that would allow the service to decrypt messages encrypted with your keys.

Something else to consider here is that Mailfence uses servers in Belgium, so it's only through a Belgian court order that the company can be forced to reveal private data.

05
of 05

​Tutanota

Tutanota
Tutao

What we like

  • Apps for iOS and Android.

  • Includes 1 GB of storage space.

  • Open source.

  • Supports spam filtering.

What we don't like

  • Features like aliases and email rules only available to paid accounts.

  • Doesn't support IMA.

  • Can't import contacts in bulk.

Tutanota is similar to ProtonMail in its design and security level. All Tutanota emails are encrypted from the sender to the receiver and decrypted right on the device. The private encryption key isn't accessible to anyone else.

This email account is all you need to exchange secure emails with other Tutanota users. For encrypted email outside the system, you specify a password for the recipient to use when viewing the message in their browser. That interface allows them to reply securely, too.

The web interface is easy to use and understand, letting you make an email private or not with one click. However, there's no search function, so it's impossible to search through past emails.

Tutanota uses AES and RSA for email encryption. Servers are located in Germany, which means that German regulations apply.

You can create a Tutanota email account with any of the following domains: @tutanota.com, @tutanota.de, @tutamail.com, @tuta.io, and @keemail.me.

Additional features some users may find helpful:

  • Custom folders available to organize messages.
  • Attachments are supported.
  • Passwords are salted and hashed with bcrypt.

Several features in this service are only available if you pay for the Premium service. For example, the paid edition lets you purchase up to 100 aliases and expands the storage to 1 TB.

Businessman pressing e-mail security button on virtual screens for internet and e-mail security. Business, technology, internet and virtual reality concept
 Parasit photo/Getty Images

Additional Steps to Keep Email Secure and Private

If you use an email service that offers end-to-end encryption, you've taken a huge step toward making your email truly secure and private. Additional steps you can take to make life difficult for even the most dedicated hackers include the following precautions:

  • Beware of keylogging software that captures what you type right from your keyboard. These programs can completely thwart all encryption if the password is all the hacker needs to access your account.
  • Don't leave your mobile devices or computers unguarded. Also, make sure your devices themselves are protected with strong passwords or biometrics and don't allow for guest accounts or similarly unprotected access.
  • Be vigilant of social engineering. Phishing attempts often come by email, instant messages, VoIP, or social networking messages, and can be cleverly designed or tailored specifically to you. These communications are tricks to get you to hand out personal details such as passwords and banking information.
  • Don't write down or share passwords. Never make a note of the password that lets you decrypt secure emails unless you store it in a secure password manager.