Zum Hauptinhalt springen
Better Password Generator

Email encryption protects the content of your messages from unauthorized access during transmission and storage. An encrypted email can only be decrypted by the intended recipient — not by the email provider, not by authorities, not by attackers.

Without encryption, emails are like postcards: anyone who intercepts them in transit can read them.

Types of Email Encryption

Transport Encryption (TLS/SSL)

TLS (Transport Layer Security) encrypts the connection between email clients and servers. This basic encryption is now standard and is automatically used by all major providers.

Limitation: TLS only protects data in transit. Emails on the provider's servers are stored unencrypted.

End-to-End Encryption

With true end-to-end encryption (E2E), only the recipient can decrypt the message. Not even the email provider can read the content.

Methods: S/MIME and PGP/OpenPGP

S/MIME – Enterprise Email Encryption

S/MIME (Secure/Multipurpose Internet Mail Extensions) is the standard for end-to-end encryption in Outlook and other business email clients.

Requirements:

  • A digital certificate (free from Comodo/Sectigo or paid)
  • The recipient must also support S/MIME

Set up in Outlook:

  1. File → Options → Trust Center → Trust Center Settings → Email Security
  2. Select imported certificate
  3. Enable "Encrypt outgoing messages"

PGP/GPG – Encryption for Advanced Users

PGP (Pretty Good Privacy) / OpenPGP is the open standard for email encryption and is used with the free tool GPG (GNU Privacy Guard).

How it works:

  • Each user has a key pair: Public key (for encryption) + Private key (for decryption)
  • The sender encrypts using the recipient's public key
  • Only the recipient can decrypt with their private key

For beginners:

  1. Install Thunderbird with the Enigmail plugin
  2. Generate a GPG key pair
  3. Share your public key with your communication partners

Encrypting Gmail

Gmail supports:

  • TLS: Automatically active for all Gmail-to-Gmail messages
  • S/MIME: Only in Google Workspace (paid)
  • End-to-End: Not natively — Thunderbird + GPG as an alternative

ProtonMail: For privacy-conscious private users: ProtonMail (proton.me) — a free email service with built-in end-to-end encryption.

Email Encryption and Passwords

Email encryption protects the content — but not the account itself. Combine encryption with:

Frequently Asked Questions

Related Topics

Secure Your Email Password →Encrypt Cloud Data →Encryption Software →Two-Factor Authentication →Digital Signature →