How do you know if your email is secure? That’s a great question, and an important one too, if you care at all about your privacy. The truth is that not all of the most secure email services are equal and if encryption and privacy are a priority for you, this is an important conversation to have.
Here’s what you need to know about email security as well as my recommendations for the most secure email providers 2023.
In January 2019, noted security researcher Troy Hunt discovered the largest ever collection of security-compromised emails.
This collection included more than 770 million email addresses and passwords.
Chances are high that your email was part of this major security breach…
…and that should worry you.
Now, there’s a separate conversation to be had about changing your email password and using a secure password manager app for your email, but we’re going to table that for now.
I also think it’s important to point out that, as with any technology, even secure email providers aren’t 100% secure, 100% of the time.
Even secure email providers aren’t 100% secure, 100% of the time.
There’s always a degree of trust you have to have in the company you’re using, which is why recommendations can be so important. This is what we’re going to cover here:
- How Security Differs Between Email Providers
- Most Secure Email Services in 2023
- Protonmail (Overall Best Option)
- Hushmail (Recommended for Healthcare & Law)
- Tutanota (Best Free Secure Email Service)
- Security Tips for Gmail Users
Using the most secure email services in a year like 2023 is shaping up to be is just one of many steps you should be taking to protect yourself online.
Note: Some of the links in this article are affiliate links, which means that at no extra cost to you, I may be compensated if you choose to use one of the services listed. I only recommend what I personally have used, and I appreciate your support!
Not All Email Providers Are Equal
You might be tempted to think that all email services are basically the same and there’s not much difference between their services.
But the truth is that different email companies not only have different email encryption standards, but also different default security standards.
Different email providers have different security standards.
I’m going to discuss the pros and cons of a number of popular email providers, but if you only read this introduction, here’s what’s important to know:
The Bottom Line for Email Security
For average users, Gmail is sufficiently secure as long as you take advantage of its Advanced Protection and follow these Gmail security tips. For those who want end-to-end encryption and maximum security, ProtonMail is my recommended option.
That being said, there are a number of worthy alternatives to Gmail that offer high security. There is no “one size fits all” solution so I’ve listed out a few options so you can see what might work best for you.
These options have been rated based on:
- The type of encryption used by the email provider;
- Geographic location of the parent company;
- Strength of the provider’s privacy policy;
- Various payment methods available;
- Other factors listed below.
Based on these factors, let’s look at this list of the 4 best secure email services on the market today.
Most Secure Email Services 2023
Personally, I have a few Gmail accounts (secured with their Advanced Protection Program and the Titan Security Key) as well as a ProtonMail account.
I obviously have my biases, but I’m going to try to be as impartial as I can with this list of the most secure email services that you can get in 2023.
ProtonMail (Recommended Secure Email Service)
- Rating: 4.7 out of 5 stars
- Company Location: Switzerland
- Target User: Personal & Business
- Encryption: AES, RSA, OpenPGP
*read our ProtonMail review here
Before ProtonMail, I didn’t think it was possible to actually enjoy using a private, secure email provider.
I’ve had some bad experiences with terrible UI design in the past.
Thankfully, ProtonMail changed that.
ProtonMail has been a popular choice among security advocates since it was fist created in 2014. It’s open-source, which means it is available for the public to critique security measures, and there’s even a free version you can use to try before you buy.
Top Features
- Free version available;
- Two-factor authentication;
- End-to-end encryption;
- Doesn’t log IP addresses;
- Excellent mobile apps;
- New Proton Calendar feature
What It Lacks
- The free version lets you have only 500MB storage and you can send just 150 messages per day;
- The free version lets you create only 3 folders;
Since ProtonMail is end-to-end encrypted, even if someone is somehow able to intercept on of your email messages, they won’t be able to read it without the encryption keys.
I’ve used a few of these most secure email services in the past, and one of my biggest complaints has been the user interface.
Most of these private companies don’t have the resources to spend on making the service easy to use and navigate, but thankfully that’s not the case with ProtonMail.
The mailbox looks very similar to what you’d find with a Gmail or Yahoo inbox. While free users are limited to basic functionality and limited space of 500 MB, the premium offering includes plenty of storage space, custom filtering, auto-replies and other features we’ve come to expect with any email provider.
ProtonMail is located in Switzerland, accepts all major forms of payment (including Bitcoin and PayPal) and has a rock-solid privacy policy.
Hushmail (Best for Healthcare & Law)
- Rating: 4.2 out of 5 stars
- Company Location: Canada
- Target User: Personal, Healthcare, & Law professionals
- Encryption: Server-side OpenPGP
Hushmail is another popular secure email provider that is easy to use and shares a look and feel similar to Gmail.
Email is accessed on your browser or using the iOS app (there is no dedicated Android app available yet) and as with each of these providers, all email is end-to-end encrypted.
Hushmail has been around longer than ProtonMail but isn’t as highly favored in the security community for a number of reasons.
- The company is based in Canada, which from a security standpoint has its pros and cons (since it’s one of the countries in the Five Eyes alliance that share information).
- Hushmail’s privacy policy isn’t quite as strict as it could be (although for the average user this won’t be a big deal).
That might sound ominous, but as I’ve mentioned earlier – if you’re relying on a single piece of software to keep you completely secure or anonymous…
…you’re in for a rude awakening.
Hushmail is an excellent service that encrypts your communication better than free options and complies with HIPAA requirements, making it a great choice for healthcare or law professionals.
Top Features
- Simple Interface;
- 14-day free trial;
- 60-day money back guarantee;
- HIPAA compliant web forms and email services;
What It Lacks
- No free account version;
- Based in Canada (part of the Five Eyes alliance);
- Stores IP addresses and other identifiable information on their servers;
- No Android app available;
Hushmail supports two-factor authentication just as ProtonMail does and allows you to filter spam just like Gmail.
One of their biggest advantages are the HIPAA compliant forms that can be embedded on websites, something I haven’t found with any other secure email provider.
One final note: Hushmail’s maximum attachment size is 50MB compared to the 25MB ProtonMail provides, so if you plan to send big files, Hushmail will be a better option.
Tutanota (Best Free Secure Email Service)
- Rating: 4 out of 5 stars
- Company Location: Germany
- Target User: Personal and business
- Encryption: AES-128
Tutanota is a Latin word that translates to “secure message.”
The company is located in Germany, which is a member of the Fourteen Eye spy countries. However, since Germany doesn’t have clear privacy laws, the government doesn’t have the right to forcefully process a person’s information.
The Tutanota privacy policy states that they keep a log of sender and receiver email addresses along with the time the mail was sent, but these logs are cleared after 7 days.
While I applaud the fact that they have spelled this out clearly, it’s still a bit unnerving (for example, who verifies that the data has been wiped after 7 days?).
As with most of the secure email companies listed here, Tutanota offers browser based logins as well as apps for both iOS and Android.
Top Features
- Apps for iPhone and Android;
- Located in Germany so no mandatory government monitoring;
- Free account available;
- Special discounts for non-profit organizations;
What It Lacks
- IP addresses are tracked;
- Temporary logs are maintained;
Similar to ProtonMail, Tutanota offers both premium plans as well as a limited free account that you can use to get a feel for the service.
The free plan gives you 1 GB of storage space (2x’s what you get with the ProtonMail free version). However, you have to use the Tutanota address for your email (as opposed to one from a URL you own).
Security Tips for Gmail Users
But what about Gmail?
There’s a good chance you’re already a Gmail user, and it’s admittedly hard to migrate your email address elsewhere. So if the obstacles to switch to a new, more secure email service are just too high…
…what can you do?
Thankfully, Gmail offers industry-high encryption standards and good security measure. But there are still more things you can do to lock down your Gmail account.
Here are a few to consider.
Secure Gmail Using 2-Factor Authentication
When thinking about securing your Gmail account from hackers, one of the most important steps you can take for any secure email service – not just Gmail – is to enable 2-factor Authentication.
What is 2-Factor Authentication?
2-Factor Authentication, or “2FA” for short, is a second method of identity verification beyond your password to confirm that you are who you say you are. (via What is 2-Factor Authentication?)
2FA can be enabled in one of three methods, with the recommended method listed first:
- 2FA Key (such as Google Titan Security Key or the popular Yubikey)
- Google Authenticator
- SMS Code verification (which is the least secure method, FYI)
Creating that extra security measure is the easiest (and free!) step you can take to make any encrypted email provider more secure.
Use the Gmail Confidential Mode
Did you know that Gmail offers what’s known as the Confidential Mode to send emails?
When composing an email in Gmail, you can click the little icon that looks like a lock with a clock on it (see below).
This gives you the ability to send an email through Gmail that:
- Expires: The email and its attachments can be set to expire on a certain day, and if you like you can even go in later and change this expiration date.
- Requires a Passcode: To make sure only your intended recipient see this email, you can require a passcode to be sent to the phone number you have for them in order to view the email.
Emails sent through Gmail’s confidential mode cannot be forwarded, copied or printed, which is another great security feature.
Turn Off External Image Settings
One way in which the above secure email services differentiate themselves from Gmail is in how they handle external requests.
Because these pose a security threat, they default to blocking them. Gmail, however, defaults to allowing them.
Going into the general settings of your Gmail account and scrolling down, you’ll find a setting called “Images”.
Make sure that this is set to “Ask before displaying external images”.
When you open an email, you’ll be given an option to “Show images”. Unless you know the sender and need to see these images, it’s recommended that you don’t allow this external image request.
Final Thoughts on Secure Email Services
While Gmail isn’t a bad option, and personally I still use them, I still recommend that you open one of these best secure email services for use with sensitive accounts like your banking and investments.
Google’s business model revolves around selling ads using personal information, and if that concerns you (as it should!), it’s worth trying another option.
And even if you continue to use Gmail, make sure you make use of the security settings mentioned above. It’s the same way I recommend you change your Facebook privacy settings.
I’m happy to use Gmail for daily emails related to work and family.
But if I’m truly in need of privacy and security, I turn to Protonmail or one of the other secure email services listed here.
And remember, not one of these services is hack-proof. Make sure you’re creating strong passwords, enabling two-factor authentication and using common sense.
Security isn’t a software; it is a mindset.
This is probably the best technology-related article I have ever seen. I do not personally like computers or this computer era we are in and I have less knowledge of them than like anyone else alive. But I could understand and follow this. My one question I would prefer an answer to is this:
If you are pretty sure you have been hacked, that means the hacker sees you entering your email password at home, right? So how do you become unhacked? I am a total novice.
Hey Diane, thanks for the kind words.
When it comes to being hacked, that doesn’t mean the hacker can now see everything you do on your computer. Usually it just means they have access to a specific account (email, banking, or some other account they’ve hacked). In these cases, when you change your password, they usually won’t be able to see this and will then be locked out of your account.