How to send a secure email in Gmail—learn to protect your online communication!

Learn how to send a secure email in Gmail—we’ll tell you everything you need to know about encryption and other ways to protect your online correspondence!
Gmail security badges.
Over 1.5 billion people use Gmail for email services, and all of them have one thing in common—the desire for convenience. Still, since we use email to share personal, business, and even financial information, keeping that data safe from interference or prying eyes is equally important.Password protection and email encryption are excellent ways to ensure your online communication is secure, and Gmail enables both. The question is whether that is enough to maintain the privacy of your digital correspondence.In this article, we’ll give you all the info you need to send secure emails in Gmail. You’ll learn:
  • How to password-protect email in Gmail
  • How to send secure email attachments in Gmail
  • How to encrypt email in Gmail
  • How to open an encrypted email in Gmail
You will also learn about more secure alternatives to Gmail and other G-Suite apps to keep your online work and communication completely private.
Secure your emails with SkiffSkiff Email ensures total email security by using the only reliable encryption protocol
Sign up

How to password-protect email in Gmail

Digital password protection is practically as old as computers—and you can use it to protect your emails in Gmail with a feature called “Confidential Mode.” In this mode, recipients can’t download, print, copy, or forward your email.Here’s a quick step-by-step guide to using it:
  1. Open your Gmail account and use the Compose button to start working on a new email
  2. Click on the tiny lock icon at the bottom of the window to begin writing an email in confidential mode
  3. Choose an expiration date on the screen that pops up. You can pick between:
    1. Five years
    2. Three months
    3. One month
    4. One week
    5. One day
  4. Choose SMS Passcode. Enter the recipient’s phone number, and they’ll get an SMS with the passcode they'll have to enter to read the email. If you go with the No Passcode option, recipients will be able to open the email but not copy or download it

How to send secure email attachments in Gmail

Sometimes, the text in the body of your email isn’t the only thing that’s confidential. Most of us attach various files to our emails, and we want them to stay as private and confidential as the email itself.If you want to secure your email attachments with a passcode, the procedure is identical to password-protecting your email—turn on Confidential Mode for the email containing the attachment, and no one will be able to download the file without the accompanying passcode.

Downsides of password protection in Gmail

In practice, Confidential Mode works as intended. Still, it’s not the ideal form of securing emails for two reasons:
  1. You’re dependent on another person’s phone—You must be sure that the recipient’s smartphone is secure, not to mention they can lose or misplace it, compromising the safety of your email communication
  2. The process is complicated—While password protection with Gmail makes email correspondence more secure, it is also frustrating because of the manual work involved. You must inform the recipient to expect an SMS with the passcode to minimize confusion, and they need to check and enter it to access the email, which can be lengthy and complicated. There’s also the question of what happens when you want to send a password-protected email to someone whose phone number you don’t know
This doesn’t mean Gmail’s Confidential Mode wasn’t designed properly. Password protection is merely an additional layer of security for individual emails—the primary one is email encryption.
Secure your sensitive dataAs an end-to-end encrypted service, Skiff seamlessly protects you from unauthorized access
Sign up

What is email encryption?

Almost every email service provider (ESP) uses some form of encryption to secure the contents of your emails. These encryption methods are complex algorithms that make email data “jumbled” and illegible to anyone but the person with the decryption key—ideally, only the recipient.Most ESPs provide email encryption by default, but not all use the same encryption protocols. Broadly speaking, there are three types:
Type of encryption protocolDefinition
At-rest encryptionProtects data while it rests, i.e., is not moved between email servers or devices
In-transit encryptionProtects data while it travels from the sender to the recipient when it’s most vulnerable to tampering by third parties like hackers. This encryption method is used by most mainstream email service providers
End-to-end encryptionEncrypts data on the device level before it’s uploaded to an email server, ensuring it stays in encrypted form until it reaches the recipient. Only they have the key to decipher the message. This is the safest type of encryption available, provided only by a handful of ESPs, such as Skiff

How to encrypt an email in Gmail

Gmail uses two specific encryption protocols:Unfortunately, Google doesn’t provide both encryption protocols to all users, as presented in the table below:
Type of Google accountAvailable encryption protocol
Personal Google Account (free)Transport Layer Security (TLS)
G-Suite Account (paid)Secure/Multipurpose Internet Mail Extensions (S/MIME)

How to open an encrypted email in Gmail

Google’s encryption method is automatic for the sender and the recipient. If someone has sent you an encrypted email created in Confidential Mode, you’ll need to check your phone for an SMS with the passcode.Once you enter the passcode, remember that you can’t read the message and access the attachments after the expiration date. The sender could also decide to remove access early, and you won’t be able to forward, download, copy, or print the email.

How to check my encryption in Gmail

You can check the encryption used in your emails only with a G-Suite Account. A free Google account doesn’t provide such an option.Here’s the step-by-step guide on the process:
  1. Click on Compose to start writing an email
  2. Click on the To field and add your recipients
  3. Check the small lock icon that will appear on the right. The color of this icon will determine which encryption you’re using:
    1. Green means you have higher S/MIME protection
    2. Gray means you have standard TLS protection
    3. Red means your emails aren’t encrypted
If you’re sending the email to multiple people and they have different encryption levels, the lock icon will show the lowest one.
Unencrypted, secure, and encrypted badges.
Source: Google

Benefits of end-to-end email encryption

The encryption protocols implemented by Gmail, Outlook, and similar ESPs don’t provide complete safety and privacy in email communication. The encryption keys are configured and owned by Gmail, not you, so someone else could theoretically access them.Historically, ESPs have used data obtained from email services for ad targeting, and security breaches of their servers have resulted in data leaks. While at-rest and in-transit encryption methods protect email data at different points of its journey from the sender to the recipient, they are susceptible to network- and server-based email attacks.That’s why end-to-end (E2EE) encryption is the ultimate form of email security. Since E2E email encryption happens at the device level, it provides complete protection of your data all the way to the recipient. The key is owned by the user, not the email provider, so nobody but the intended recipient has access to it. Even if a server is breached, the provider doesn’t store a copy of the decryption key, keeping your data ineligible to hackers.Among a few ESPs offering this level of protection, Skiff is the one providing ease of use, beautiful design, and a comprehensive product suite in one package. With Skiff Mail, every email and attachment you send remains private and confidential, thanks to its E2EE-powered security. Skiff’s encryption model entails two mathematically related keys—one for encryption and the other for decryption. The latter is safely stored on the recipient’s device, so intercepting and stealing it is impossible.The server host can’t access your attachments or read your emails—and neither can anyone else, including Skiff. Third-party services can’t analyze the contents of your private emails to target you with personalized ads, so you have complete control and ownership of your data.

How Skiff upgrades the security of your online communication

Numerous ESPs provide decent email security but fail to become a worthy alternative to Gmail because of their UI. Besides the safety of end-to-end encryption, your chosen ESP service should also feature a modern, well-designed interface that gives you all the ease of use you’d expect from a mainstream tech giant like Google.Skiff Mail provides precisely that—a modern interface designed for highly intuitive use combined with supreme data ownership and security. Besides the encrypted email client, Skiff offers a full suite of web-based productivity tools. Registering for a free Skiff account gives you access to:These browser-based tools come with a corresponding iOS and Android app, so you can access secure data on the go.You can forget about tampering with email settings, checking encryptions, or creating passcodes—sending an encrypted email with Skiff Mail is as easy as it gets:
  1. Go to the Signup page
  2. Create a Skiff account
  3. Start using the product suite
Skiff compose window.
Source: SkiffSkiff offers a generous free plan suitable for the average user’s needs, such as 10 GB of storage space, an email search option, four aliases, and custom signatures. The platform is also open source and completely transparent about its privacy practices—check out the public whitepaper for detailed information on Skiff’s end-to-end encryption model.Skiff also enables you to use your crypto wallet as login credentials—you can complete transactions and collaborate with fellow web-3 enthusiasts in a completely anonymous environment.Register for a Skiff account today, and use email correspondence as you were always supposed to—with total privacy and security.

Join the community

Become a part of our 1,000,000+ community and join the future of a private and decentralized internet.

Free plan • No card required