How to password protect an email—complete guide and alternative solutions

Learn how to password protect an email in our in-depth guide. We’ll also help you explore alternatives that provide a higher level of security than passwords!
Email viewing window with obscured password input.
Some messages we send via email are more confidential than others, and it’s only natural we want to make them more secure. One of the ways to do this is to learn how to password-protect an email. We’ve put together a comprehensive guide, which you can use to explore:
Fortify your emails with SkiffAlong with robust security measures, Skiff offers password protection shielding you from unauthorized access
Sign up

How does sending a password-protected email work?

Using a password-protected email is one of the simplest ways to increase the security and privacy of your online correspondence. While most popular email service providers (ESPs) provide a certain level of email security by default, taking this extra step will give you peace of mind.Password protection may work differently depending on the email platform you’re using. In most cases, the process entails:
  • Composing an email
  • Creating a password
  • Sending the password separately to the email recipient
  • Sending the email
  • Entering the password and accessing the email (the recipient)
Let’s see how the process works with two specific ESPs—Google’s Gmail and Microsoft’s Outlook.

How to send a password-protected email in Gmail

In Gmail, password protection exists through a feature called “Confidential Mode.” Besides allowing you to password protect an email, Confidential Mode also increases email privacy by preventing recipients from:
  • Downloading any accompanying email attachments
  • Printing the contents of the email
  • Copying the email or forwarding it to third parties
With Confidential Mode, you can also:
  1. Set an expiration date for the message, after which the recipient won’t be able to access it
  2. Revoke the access manually at any time
The core of Confidential Mode is adding a passcode that’s necessary to open the email. Here’s a step-by-step guide to turning on this particular feature:
  1. Open Gmail
  2. Click on the Compose option in the top left corner to write a new email
  3. Click on the lock icon on the bottom bar to turn on Confidential Mode
  4. Pick an expiration date for the message presented on the screen. Your options are:
    1. A day
    2. A week
    3. A month
    4. Three months
    5. Five years
  5. Choose between No Passcode and SMS Passcode. Pick the latter if you want to password-protect your email. On the next screen, enter the phone numbers of all email recipients. Once you send the email, they’ll receive the required passcode via SMS.
If you choose the No Passcode option, you’ll still get the other benefits of the Confidential Mode listed above, but without password protection

How to password-protect an email attachment in Gmail

When you want to send a secure email in Gmail, the accompanying attachment is sometimes equally vital and private as the body. If you want to secure an email attachment with a password in Gmail, turn on the Confidential Mode and use the passcode option. By password-protecting the email, you’re doing the same for your attachment.In Confidential Mode, your recipient won’t be able to download the files you’ve attached to the email—they can only preview the file through Gmail. The email platform lets users preview the following files:
  • Images
  • Text files
  • PDFs
  • Audio files
  • Video clips
  • RAR and ZIP files
Send protected attachmentsEnd-to-end encrypted email, document, drive, and calendar.
Sign up

How to password-protect an email in Outlook

Unfortunately, you can’t password-protect an email in Outlook since the provider doesn’t support that particular function. This ESP provides a different way to keep your emails private—encryption.

What is email encryption?

Email encryption is a method of making your correspondence unreadable to anyone but the intended recipient. Most encryption methods work by creating a cipher that distorts the contents of your message and requires a decryption key to be deciphered. Only the intended recipient has the key, which means no one else can access the email or its attachments.This is crucial because emails don’t go directly from the sender to the recipient. Before the message reaches its final destination, it passes through multiple web applications and network servers. Encryption ensures the message can’t be intercepted en route and while resting on servers.ESPs use various encryption protocols—here’s a breakdown of the different types:
Type of encryption Explanation
In-transit encryptionProtects emails while they’re in transit from the sender to the recipient but leaves them vulnerable while resting on servers
At-rest encryptionProtects the data while it’s stored on the network servers
End-to-end encryption (E2EE)Protects data on the device level, encrypting emails before they’re uploaded to a server. This ensures the highest level of protection
Here are the specific encryption protocols used by Outlook and Gmail:
Protocol nameDescriptionAvailability
Transport Layer Security (TLS)Industry-standard email encryption that provides basic in-transit protectionUsed by Gmail and Outlook by default
Secure/Multipurpose Internet Mail Extensions (S/MIME)More advanced at-rest protectionAvailable only to paying clients (G-Suite accounts on Gmail and Microsoft 365 subscribers on Outlook)
Microsoft Office 365 Message Encryption (OME)Microsoft's proprietary encryption Available only to Microsoft 365 subscribers

Email encryption vs. password protection

For most EPSs, email encryption is the primary security method. Password protection is used as a secondary security measure, or in the case of Outlook, not at all.There are a few good reasons for that:
  1. Password protection often relies on additional devices and information—such as Gmail’s Confidential Mode passcodes that require the use of smartphones. The passcode feature works only if you know the recipient’s phone number, which isn’t always the case
  2. There are ways to access or break a password if someone’s device is compromised, which is why email encryption is more dependable
Choose a fully encrypted email providerYou don't have to compromise your email security as Skiff Email offers an accessible and safe environment
Sign up

Why is end-to-end encryption the most secure encryption method?

None of the three protocols we’ve mentioned above are end-to-end encryption (E2EE) protocols, meaning Gmail and Outlook don’t provide the highest level of security to your email communication.In Gmail and Outlook, the ESP generates and configures your encryption keys, and you’re not the only one with access to them. Their server-based encryption methods are unreliable because hackers who infiltrate their servers can also access your emails.E2EE protocols encrypt your messages and attachments at the device level. The recipient owns the decryption key and nobody, not even the provider enabling the transmission, has access to it. As a result, your messages remain safe even in the event of an email attack on the server. The attackers could never decipher the email data because the end-to-end encryption service doesn’t store copies of decryption keys. This also prevents your ESP from accessing emails and misusing them.The reason people still default to Big Tech email services is the convenience, ease of use, and additional functionalities. Most E2EE providers have outdated UIs and offer limited features for free users, but that all changes with Skiff. Sign up for a free plan, and you can enjoy complete online privacy while effortlessly navigating the intuitive platform and using its comprehensive productivity suite.

Upgrade your email security with Skiff

Skiff enables you to retain complete ownership of your data and correspond safely on the web.The platform’s E2EE protocol entails the use of two mathematically related keys—a public and a private one. Both are generated on your device instead at the ESP’s server.When you send a secure document or message to another Skiff Mail user, it’s encrypted with the recipient’s public key. The message can only be deciphered with the corresponding private key, which is stored on the recipient’s device. This public-key encryption is the most secure way to exchange emails.No one can read your emails or attachments—not even Skiff can access them. That means no scanning of your private emails for ad targeting either—your ownership and control over the data are uncompromised.Skiff isn’t only a dependable, secure ESP—it’s a productivity suite that provides E2EE security to every aspect of your work.The platform features a modern interface and ease of use you’d typically find with the less secure, mainstream productivity tools—but without compromising on security and stability. Besides Skiff Mail, you can access:
  • Skiff Calendar—it integrates with Skiff Mail and keeps your schedule end-to-end encrypted and completely private
  • Skiff Drive—a storage space where you can upload, download, share, and keep all types of files
  • Skiff Pages—a secure workspace with decentralized notes, pages, and wikis. You can collaborate with your team and create and edit docs in real time
You can access all products from your browser and an iOS or Android app.

Sending encrypted emails with Skiff is easier

Creating a Skiff account is simple:
  1. Go to the Skiff signup page
  2. Choose an email and password
  3. Start using all the available Skiff products
Skiff is open-source and transparent about their encryption model. You can learn about its privacy practices in detail in:Web3 enthusiasts will be delighted to learn that Skiff supports integration with crypto wallets like MetaMask. You can use your MetaMask credentials to seamlessly log into Skiff. From there, you’re free to collaborate, send emails, or conduct crypto transactions with complete privacy.Skiff’s free plan gives you all of the essentials you need for secure, private, and anonymous email communication and online collaboration, such as:
  • 10 GB of storage
  • 4 aliases
  • Text search function
  • Auto-respond, undo send, and custom signature options
The Essential, Pro, and Business tiers provide even more useful features—they come with custom domains, up to 15 aliases, unlimited daily messages, and unlimited collaborators on your Skiff workspaces.Skiff’s E2EE protocol will safeguard your emails far better than password protection ever could—create a free Skiff account today and stop compromising on your online security!

Join the community

Become a part of our 1,000,000+ community and join the future of a private and decentralized internet.

Free plan • No card required