How do you know if your email is secure? That’s a great question, and an important one too if you’ve been reading the news. The truth is that not all email providers are the same and if security and privacy are a priority for you, who you choose to host your email is critical. Here’s what you need to know about email security as well as my recommendations for the most secure email providers.
In January 2019, noted security researcher Troy Hunt discovered the largest ever collection of security-compromised emails. This collection included more than 770 million email addresses and passwords.
Chances are high that your email was part of this major security breach…and that should worry you.
Now, there’s a separate conversation to be had about changing your email password and using a secure password manager app for your email, but we’re going to table that for now.
I also think it’s important to point out that, as with any technology, even secure email providers aren’t 100% secure 100% of the time. There’s always a degree of trust you have to have in the company you’re using, which is why recommendations can be so important.
Using a secure email provider is just one of many steps you should be taking to protect yourself online.
Not All Email Providers Are Equal
You might be tempted to think that all email providers are basically the same and there’s not much difference between their services. But the truth is that different email providers have different security standards.
Different email providers have different security standards.
I’m going to discuss the pros and cons of a number of popular email providers, but if you only read this introduction, here’s what’s important to know: For average users, Gmail is sufficiently secure as long as you take advantage of its Advanced Protection; for those who want end-to-end encryption and maximum security, ProtonMail is hands-down the best choice.
That being said, there are a number of worthy email providers with high security. There is no “one size fits all” solution so I’ve listed out a few options so you can see what might work best for you. These options have been rated based on:
- The type of encryption used by the email provider;
- Geographic location of the parent company;
- Various payment methods available;
- Other factors listed below.
Let’s dive in!
Note: Some of the links below are affiliate links, which means that at no extra cost to you, I may be compensated if you choose to use one of the services listed. I only recommend what I have used or tested myself and meets my standards for security. I appreciate your support of my work!
Most Secure Email Providers 2019
Personally, I have a few Gmail accounts (secured with their Advanced Protection Program and the Titan Security Key) as well as a ProtonMail account. I obviously have my biases, but I’m going to try to be as impartial as I can with this list.
1. ProtonMail | Recommended Secure Email Provider
- Rating: 4.5 out of 5 stars
- Company Location: Switzerland
- Target User: Personal & Business
- Encryption: AES, RSA, OpenPGP
Before ProtonMail, I didn’t think it was possible to actually enjoy using a private, secure email provider.
ProtonMail has been a popular choice among security advocates since it was fist created in 2014. It’s open-source, which means it is available for the public to critique security measures, and there’s even a free version you can use to try before you buy.
- Free version available
- Two-factor authentication
- End-to-end encryption
- Doesn’t log IP addresses
What It Lacks
- The free version lets you have only 500MB storage and you can send just 150 messages per day
- The free version lets you create only 3 folders
Since ProtonMail is end-to-end encrypted, even if someone is somehow able to intercept on of your email messages, they won’t be able to read it without the encryption keys.
I’ve used a few different secure email providers in the past, and one of my biggest complaints has been the user interface. Most of these private companies don’t have the resources to spend on making the service easy to use and navigate, but thankfully that’s not the case with ProtonMail.
The mailbox looks very similar to what you’d find with a Gmail or Yahoo inbox. While free users are limited to basic functionality and limited space of 500 MB, the premium offering includes plenty of storage space, custom filtering, auto-replies and other features we’ve come to expect with any email provider.
2. Hushmail | Highly-Rated Email Service
- Rating: 4.2 out of 5 stars
- Company Location: Canada
- Target User: Personal, Healthcare, & Law professionals
- Encryption: Server-side OpenPGP
Hushmail is another popular secure email provider that is easy to use and shares a look and feel similar to Gmail. Email is accessed on your browser or using the iOS app (there is no Android app available) and as with each of these providers, all email is end-to-end encrypted.
That might sound ominous, but as I’ve mentioned earlier – if you’re relying on a single piece of software to keep you completely secure or anonymous…you’re in for a rude awakening. Hushmail is an excellent service that encrypts your communication better than free options and complies with HIPAA requirements, making it a great choice for healthcare or law professionals.
- Simple Interface;
- 14-day free trial;
- 60-day money back guarantee;
- HIPAA compliant web forms and email services;
What It Lacks
- No free account version;
- Based in Canada (part of the Five Eyes alliance);
- Stores IP addresses and other identifiable information on their servers;
- No Android app available;
Hushmail supports two-factor authentication just as ProtonMail does and allows you to filter spam just like Gmail. One of their biggest advantages are the HIPAA compliant forms that can be embedded on websites, something I haven’t found with any other secure email provider.
One final note: Hushmail’s maximum attachment size is 50MB compared to the 25MB ProtonMail provides, so if you plan to send big files, Hushmail will be a better option.
3. Tutanota – German-Secured Email
- Rating: 4 out of 5 stars
- Company Location: Germany
- Target User: Personal and business
- Encryption: AES-128
Tutanota is a Latin word that translates to “secure message.” It is located in Germany, which is a member of the Fourteen Eye spy countries. However, since Germany doesn’t have clear privacy laws, the government doesn’t have the right to forcefully process a person’s information.
As with most of the secure email providers listed here, Tutanota offers browser based logins as well as apps for both iOS and Android.
- Apps for iPhone and Android
- Located in Germany so no mandatory government monitoring
- Free account available
- Special discounts for non-profit organizations
What It Lacks
- IP addresses are tracked
- Temporary logs are maintained
Similar to ProtonMail, Tutanota offers both premium plans as well as a limited free account that you can use to get a feel for the service. They allow for only 1 GB of storage with the free plan, but you have to use the Tutanota address for your email (as opposed to one from a URL you own).
Final Thoughts | Best Secure Email Provider
You might notice the fact that Gmail isn’t listed above, despite the fact that I use them and really like them as a secure email provider. The reason for this is not necessarily that Google is a for-profit company (all the companies listed here are for-profit) but rather because their business model revolves around selling ads using personal information.
I’m happy to use Gmail for daily emails related to work and family. But if I’m truly in need of privacy and security, I turn to Protonmail or one of the other secure email providers listed here.
And remember, not one of these services is hack-proof. Make sure you’re creating strong passwords, enabling two-factor authentication and using common sense. Security isn’t a result of software; it is a minset.