What Is Secure Email and How It Works?
Back when email entered limited use in the 1960s and 1970s, security wasn't anyone's top priority. Today, our security requirements are radically different, yet email hasn't changed all that much. The internet email message format, as it's defined by RFC 5322, specifies a syntax for text messages that are sent between computer users, but it doesn't deal with encryption or any other means of preventing unauthorized access to personal information exchanged via email.
Over the years, many technical workarounds to ensure better privacy of email communication have been implemented by email providers, and several secure email services have emerged, offering high levels of privacy and security.
All best email service providers today have implemented transport level encryption using TLS, which is a cryptographic protocol that provides communications security over a computer network. Without TLS, the communication between email servers is transmitted as plain text, and anyone with relatively rudimentary knowledge of computer networks can intercept it and read it.
However, most secure email providers go a step further and offer full end-to-end encryption, meaning the data is encrypted and decrypted only at the endpoints. In practice, end-to-end encryption allows you to encrypt an email at your end and send it to someone using a secure email service without any possibility of the email being decrypted by the secure email service.
The most popular data encryption standard that allows anyone to send and receive end-to-end encrypted email messages is OpenPGP. If you're wondering how to send a secure email using OpenPGP, we recommend you read this excellent tutorial from The Privacy Guide.
But you can also skip the reading because most free secure email providers make end-to-end encryption incredibly easy by hiding all the complicated technical stuff behind an intuitive user interface. In the next part of this article, we talk about 6 most secure email providers and the services they offer.
6 Most Secure Email Providers
If you're curious to know what is the most secure email provider today, our answer may disappoint you: there's none. Secure email service providers generally keep quiet about their low-level security practices to make it harder for cybercriminals and professional hackers to breach their systems.
The only way how to reliably assess how secure an email provider is to look at its security history. We've selected 6 best secure email providers with flawless security track records that allow you to send secure email messages with ease while charging very little for their services.
1. ProtonMail
ProtonMail was founded in 2014 at the CERN research facility by Andy Yen, Jason Stockman, and Wei Sun. This highly rated provider of secure email services is based in the Canton of Geneva, and its servers are located at two locations in Switzerland and protected by strict Swiss privacy laws, placing them outside the reach of both EU and US.
All emails that come through ProtonMail are secured automatically with end-to-end encryption, which means that even ProtonMail can't read them. To create a secure email account with ProtonMail, you're not required to submit any personal information, and ProtonMail doesn't even keep any IP logs which could be linked to your anonymous email account.
👍🏼 Pros:
- Open source
- Reliable
- No-logs policy.
👎🏼 Cons:
- Lacking customer service.
2. Hushmail
Headquartered in Canada, Hushmail was founded by Cliff Baltzley in 1999 as an encrypted proprietary web-based email service offering PGP-encrypted email using OpenPGP standards. Today, Hushmail serves both business customers and individual home email users. Hushmail has recently released an app for the iPhone. The app supports two-step verification, Touch ID, and multiple accounts and aliases, making it one of the most secure email clients for iOS.
Hushmail is known for occasionally being inaccessible. If you don't intend to use it as your primary email, you will most likely never even notice when it's down. However, it's stability issues could quickly become annoying when relying on it as your only email provider. What could also become a problem is how limited free users are in terms of storage space. Without upgrading to a premium subscription, you only get 25 MB, and that's really not a lot in this day and age.
👍🏼 Pros:
- Touch ID support on iOS
- Auto-reply and auto-forwarding.
👎🏼 Cons:
- Occasionally inaccessible
- Only 25 MB of email storage.
3. Tutanota
Tutanota (Latin for the words "secure" and "message") is an open-source end-to-end encrypted email service from Germany with over 2 million users. Tutanota automatically encrypts all your data on your device, ensuring that your mails, as well as your contacts, stay private. We like that Tutanota is licensed under GPL v3 and hosted on Github, so everyone can see the source code, review it, and even modified it for use in other projects.
We like that the free version of Tutanota includes 1 GB of email storage, but we don't like that the cheapest premium plan also includes just 1 GB. If you want more space than that, you have to purchase the Pro plan for 60 EUR a year (or 6 EUR monthly), which will get you 10 GB. In addition to the extra storage space, you'll also get access to more customization options and priority support.
👍🏼 Pros:
- 1 GB of storage for free
- Strong security policies
- Licensed under GPL v3.
👎🏼 Cons:
- Doesn't support PGP
- Extra storage is expensive.
4. CounterMail
CounterMail's mission is to provide the most secure email services on the Internet, with excellent support and at no cost at all. CounterMail is known for its absolute transparency and automatic end-to-end encryption that relies on OpenPGP with 4096 bits encryption keys. Unlike many other providers of private email services, CounterMail's servers are diskless, which means they don't have any hard drives capable of storing users' data. Instead, the servers start from a CD-ROM.
CounterMail is based in Sweden, a country that falls under the jurisdiction of 14 Eyes. Swedish authorities could potentially legally force CounterMail to provide full access to its servers, so it's good news that users have the option to delete their private keys from CounterMail's servers and store them locally on their computers. Without this option, CounterMail wouldn't make it on this list of the most secure email providers.
👍🏼 Pros:
- Diskless servers
- Transparency.
👎🏼 Cons:
- Stores credit card information for 14 days
- Based in Sweden.
5. Mailfence
Mailfence is an encrypted email service that offers OpenPGP based end-to-end encryption and digital signatures. It was launched in 2013, with the first public beta version being made available in 2016. Mailfence benefits from the strength of Belgian privacy protection law, and the service promises that it doesn't use any third-party advertising or marketing trackers. It's also completely free from ads and supported by financial donations and money from premium plans, which include large storage space but the same level of security as the free plan.
When it comes to user interface, the latest version of Mailfence shares many similarities with Microsoft Outlook, and it provides multiple email-related services to help you manage your digital life, including contacts, calendars, and document storage. The business version of Mailfence can be heavily customized to meet the unique needs of each and every customer, making it a solid choice for privacy-conscious businesses.
👍🏼 Pros:
- Includes a calendar and document storage space
- Accepts cryptocurrencies.
👎🏼 Cons:
- Not open source
- Based under the jurisdiction of 14 Eyes.
6. Librem Mail
Librem Mail is the newest addition to the Libre One, a growing suite of privacy-respecting services from Purism. This End-to-end encrypted email is based on K-9 Mail, a popular email application for Android, which was available as Free/Open Source Android Software under the Apache License version 2.0. Librem Mail shares the rather spartan user interface of K-9 Mail and combines it with OpenPGP to create a brand-new secure email service.
Unfortunately, it's still very evident that Librem Mail is the new kid on the block because it crashes often and catastrophically. Unless you're already using the Libre One bundle, we recommend you wait a while until its developers fix some of the more obnoxious bugs.
👍🏼 Pros:
- Uses OpenPGP
- Based on K-9 Mail.
👎🏼 Cons:
- Lacks polish
- Crashes often.
How Can Clean Email Help?
Clean Email is an intuitive inbox cleaner that knows how to stop spam emails from occupying pression space in your inbox. You simply sign in with your free or paid email service, let Clean Email group your emails into convenient bundles using its privacy-conscientious algorithms that analyze only email headers and never the content itself, and then apply a number of different actions to easily remove, move, add labels to entire groups of emails.
You can also tell Clean Email to apply certain actions automatically, which is a very effective way how to block unwanted emails or ensure that only the most important emails remain visible in your inbox. For example, you can mark certain emails as read, move them to your email archive, or delete them.
Privacy Guard by Clean Email is a comprehensive safety net, which regularly checks your email against known data breaches and security incidents. If there are emails that meet the parameters of known data breaching incidents, Privacy Guard will let you know. Once you’re notified of the issue, Privacy Guard will suggest you change your password to maintain the security of your account.
In the event of a potential breach, you should always change your passwords and enable two-factor authorization as soon as possible.
Using this system and maintaining a close connection with third-party auditors has ensured that Clean Email has never had a security incident to date. We continue to maintain safety by undergoing independent security assessments, in addition to the safety protocols Clean Email employs daily.
Wondering how to protect your mailbox? Learn more about how an email spammer gets your address and what an email spam checker is.
Conclusion
Even though email was not designed with security and privacy in mind, there are many secure email services that offer user-friendly implementations of end-to-end encryption. There's also Clean Email, a sophisticated yet ease-to-use inbox cleaner that can protect your from spam and other unwanted messages with its extensive Automation features and help you keep your inbox organized with its intelligent email recognition algorithms.
Most Secure Email Providers - FAQs
Is Gmail a secure email?
Gmail is a moderately secure email. The system uses TLS (Transport Layer Security) to protect user messages. However, this email system only protects your email while transferring data while your emails rest using 128-bit encryption. Gmail does offer many different ways to fortify your account, such as adding better encryption, strong password, and two-step verification.
Is ProtonMail safer than Gmail?
Yes, ProtonMail is safer than Gmail. ProtonMail automatically secures your email interactions with end-to-end encryption. While Gmail only uses a TLS cryptographic protocol, ProtonMail uses a pair of RSA keys specific to your ProtonMail account. With this type of encryption, not even ProtonMail can access your messages.
Can ProtonMail be hacked?
In short, yes, your ProtonMail can be hacked. However, if your ProtonMail account does get hacked, chances are, it will not affect your user data. The reason is ProtonMail's end-to-end encryption and zero-access encryption. While there is always going to be a threat, there are multiple steps to a successful hack. Fortunately, ProtonMail can thwart hacking attacks before they gain any useful information, even if they initially gain access to your account.
What is the most secure free email account provider?
ProtonMail is the most secure free email account provider. This safety is due to the service provider offering end-to-end encryption, but it also has to do with the physical location of the ProtonMail headquarters in Switzerland. The reason this is important is that Switzerland has extremely strict privacy laws. Therefore, in addition to ProtonMail’s exceptionally precise encryption, the privacy laws protect users from both American and European hackers.
Who has the most secure email?
Whether you’re paying or using the free service, ProtonMail remains the most secure email service. Forbes hailed ProtonMail as “The Only Email System The NSA Can’t Access.” Yet, Forbes is not alone in their praise of ProtonMail and its high security. There are plenty of reputable news sources in the tech and business sector that are impressed by the level of protection that ProtonMail provides users. If you decide to pay for ProtonMail, you can also take advantage of multiple email addresses, a VPN with the same security as the email service, and even a cloud service.
FAQs
The Most Secure Email Providers. Updated in 2022? ›
- Comparing the Best Encrypted Email Services.
- #1) Titan.
- #2) Protonmail.
- #3) Tutanota.
- #4) Mailfence.
- #5) CounterMail.
- #6) Hushmail.
- #7) Posteo.
- ProtonMail.
- Titan.
- Gmail.
- Zoho Mail.
- Bluehost.
- Outlook.
- Startmail.
Is Protonmail safer than Gmail? Yes. End-to-end encryption is king when it comes to data protection. All data stored on ProtonMail is encrypted, so neither hackers nor ProtonMail employees can read the contents of your messages.
Is Yahoo safer than Gmail? ›Which is safer, Gmail or Yahoo? Because Gmail has a shorter session expiry time than Yahoo Mail, it is more secure. In addition, it has security features that force the user to use a safer and stronger password and two-step authentication, which increases the security of any account.
Is ProtonMail more secure than Outlook? ›Unlike Gmail or Outlook, email you send with ProtonMail is encrypted before it's sent to the ProtonMail servers. That means that no hacker intercepting emails sent from ProtonMail will be able to decrypt and read your emails.
Has ProtonMail ever been hacked? ›ProtonMail, a Switzerland-based encrypted email provider, was forced offline on Thursday after hackers held the company's internet connection for ransom by using a distributed denial of service (DDoS) attack.
Is Outlook more secure than Gmail? ›Gmail is much more secure out of the box
Both Gmail and Outlook both offer more or less the same security features: multi-factor authentication, encryption in transit, spam, phishing, and malware detection.
- ProtonMail.
- Mailfence.
- Tutanota.
- Librem Mail.
- Thexyz.
- CounterMail.
- Soverin.
- Zoho Mail.
ProtonMail is much more secure than any other mail provider and is the ideal place for password resets and bank account statements. Best of all, it's free!
Which is better Tutanota or ProtonMail? ›Both offer end-to-end encryption that even they don't have the keys to decrypt. Tutanota encrypts more spaces within its ecosystem, but we give a slight edge to Proton Mail. Proton Mail has a restrictive spam filter, complete anonymity, and RSA 256-bit encryption compared to Tutanota's 128-bit protocol.
What is the least hacked email provider? ›
ProtonMail - best ratio between price and privacy
Started in 2013 by CERN scientists in privacy-friendly Switzerland, ProtonMail became arguably the most popular and the best secure email provider. This open-source service has a strict no-logs policy and uses end-to-end encryption.
What can be traced. As part of their service, ProtonMail does temporarily log some metadata such as IP addresses. This could potentially be used to identify you, or at least where you live. Subject lines of emails, as well as the recipient and sender addresses, are not encrypted during transmission.
Is Hotmail safer than Gmail? ›Gmail is less secure since it analyzes users' emails to send ads. Hotmail can be considered more secure, as users' emails are not scanned to send ads. Encryption Protocol: SSL and TLS are both supported as encryption protocols in Gmail.
What happened to ProtonMail? ›Thursday 18th August 2022
We are currently experiencing some technical difficulties affecting Proton Mail, Proton Calendar and Proton Drive, resulting in some users being unable to access these services. Our team is working to bring the services back online as soon as possible.
| Company | Website | Company Size |
|---|---|---|
| Resco Products, Inc. | rescoproducts.com | 500-1000 |
| STATUS SOLUTIONS LLC | statussolutions.com | 50-200 |
| iDATA Corporation | idata.net | 1-10 |
| The Osthoff Resort | osthoff.com | 200-500 |
ProtonMail Prioritizes Data Protection and Secure Messaging
ProtonMail encrypts all data on the server so that it is rendered useless to anyone without the key to decrypt it. In the case of a security breach, data swiped from ProtonMail's servers wouldn't be of any use.
Beginning January 15, 2021, automatic forwarding of emails from your Yahoo inbox to another email account will no longer be a feature of free Yahoo Mail accounts. Upgrade to Yahoo Mail Pro or for US only accounts, subscribe to Access + Forwarding to use the auto forwarding feature at this time.
Does anyone use Yahoo anymore? ›Yes, people still use Yahoo Mail. According to one report from late 2019, there are more than 200 million active Yahoo email users responsible for more than 26 billion emails every day—all by themselves.
Should I create a Yahoo or Gmail account? ›In Summary
When you're choosing your email service provider, you can't go wrong with either Gmail or Yahoo. Each has its pros: Gmail has the might of Google behind it, and offers a rich variety of functions; Yahoo offers astonishingly large storage and top-notch virus protection.
All ProtonMail data at rest and in transit is encrypted. However, subject lines in ProtonMail are not end-to-end encrypted, which means if served with a valid Swiss court order, we do have the ability to turn over the subjects of your messages. Your message content and attachments are end to end encrypted.
What email does Snowden use? ›
Lavabit received media attention in July 2013 when it was revealed that Edward Snowden was using the Lavabit email address Ed_Snowden@lavabit.com to invite human rights lawyers and activists to a press conference during his confinement at Sheremetyevo International Airport in Moscow.
How much does ProtonMail cost? ›How Much Does ProtonMail Cost? We recommend that you start out with the free edition, to see how it suits you. If you like it fine but run up against its limitations, or if you want those premium-only features, you pay $5 per month or $48 per year.
Can ProtonMail with a VPN be traced? ›ProtonMail also logs your IP address on their servers, and your ISP can see that you are accessing ProtonMail, unless you use a VPN. There are various interpretations of the word “traced.” In this context, it refers to other people being able to track you down.
Which email is best? ›Gmail is the overall best email service. Outlook is good for multiple app integrations. Yahoo has good spam blocking capabilities. Zoho Mail is the best option for home businesses.
Does ProtonMail record IP address? ›IP addresses are not retained and stored for such analytics. 2.2 Account creation: It is not necessary to provide personal information in order to create an Account, but you may provide an external email address for notification or password recovery purposes.
Is Yahoo Mail 2022 secure? ›Google, Microsoft, and Yahoo are clearly not the most secure email providers. None of them encrypt your messages end-to-end, and none take your privacy very seriously.
Is Outlook more secure than Gmail? ›Gmail is much more secure out of the box
Both Gmail and Outlook both offer more or less the same security features: multi-factor authentication, encryption in transit, spam, phishing, and malware detection.
Gmail is less secure since it analyzes users' emails to send ads. Hotmail can be considered more secure, as users' emails are not scanned to send ads. Encryption Protocol: SSL and TLS are both supported as encryption protocols in Gmail.
Has ProtonMail ever been hacked? ›ProtonMail, a Switzerland-based encrypted email provider, was forced offline on Thursday after hackers held the company's internet connection for ransom by using a distributed denial of service (DDoS) attack.