Secure Email Providers

While many of us use forego instant messaging over email these days, it still has it’s place.

Unfortunately, emails outdated technology and contain very little privacy and security. Unfortunately, statistics show that email crime is a profitable and large scale operation. Therefore you should look to make your emails more private.

Not only this, but companies also look to steal your data. For example, did you know that Google scans your emails in order to serve you more relevant ads?

If those two pieces of information don’t worry you enough to get a secure email address, then we don’t know what will.

The best thing is that the best secure email providers are just as easy to use as normal email accounts!

Best Secure Email Providers

In short, these are the best secure email providers that you can choose from. Each one has it’s own pros and cons, and you should keep reading to find out about each one in more detail.

1. ProtonMail
2. Tutanota
3. Mailfence
4. Hushmail
5. Posteo

Secure Email Providers In-depth

Like with many tools and services, secure email services aren’t created equal. They all have their pros, cons and individual selling points. Therfore, what suits one person, might not be useful for the other. The order that we’ve ranked them is the order that we believe will suit the average person. However, let’s have a look at them in-depth so you can choose the right one for you.

1. ProtonMail

Pros:

• Servers based in Switzerland
• Complete End-to-End encryption
• Open-source
• No-logs Policy

Cons:

• Limited customer service
• Not the cheapest

ProtonMail is the best known secure email service in the market, and for an extremely good reason. They are dedicated to user privacy and have a top-notch team behind them.

The company was founded in Switzerland by a team of engineers working at CERN. They launched it 2013 after the Snowden leaks and it has quickly become the most known and respected secure email platform on the planet.

Not only is the company based in Switzerland, but its servers are based in a bunker underneath the mountains and are able to withstand even a bomb blast. Alongside this, they use end-to-end encryption and are under strict Swiss privacy laws. If that isn’t enough, they are fully open source and all of their code has been independently audited. Thereby your data is secure and protected.

On top of this, ProtonVPN is available on all operating systems and their UX is beautiful. In all honesty, using ProtonVPN is hardly different from using a normal email account. This is where their true magic happens – you don’t even realize you’re using an end to end encrypted email service.

Unfortunately, with paid plans starting at $48 per year it is on the more expensive side. Furthermore, their support, albeit knowledgeable, isn’t 24/7.

Overall, if you want an easy to use a secure email client that works without any extra fuss then we’d recommend ProtonMail.

2. Tutanota

Pros:

• End-to-end encryption
• Great pricing
• Open-source

Cons:

• Keeps minor metadata logs

Tutanota is based in Germany which might seem a bit odd. However, German privacy laws are also extremely secure and will help protect your identity. Its name is derived from the Latin tuta and nota meaning secure message, which is a perfect description of this company.

Unlike other services, it foregoes PGP encryption and uses AES instead. There are debates about whether this is a good idea or not, however, for the moment we won’t mark them down on it. However, it does use end-to-end encryption to ensure no-one else can get access to your emails.

Tutanota also encrypts the meta-data making it even more difficult to track your emails. It has support for all operating systems and mobile apps thereby making it easy to use wherever you go. It also offers a free plan which will allow you to test this secure email provider.

Unfortunately, additional mail storage is expensive and it does store some metadata logs for 5 days in order to keep its service running smoothly.

To sum it up Tutanota is a great, and cheaper, alternative to ProtonMail.

3. Mailfence

Pros:

• Good free plan
• Suitable security
• Alternative to GSuite

Cons:

• No cross-device support

Mailfence is located in Belgium and was launched in 2013, though the company has been around since the 90s. It definitely has a lot of pros, but there are some huge gaps in its service.

On the security front, Mailfence meets all the requirements. It has OpenPGP, end-to-end encryption, and 2FA. While Belgium does have great privacy laws, it is a member of the 14 Eyes countries which can be a worry to some.

Alongside email storage, Mailfence also provides a calendar and file storage which makes it a suitable alternative to GSuite or even Office 365. They also provide a huge range of customization for business that want to secure their employees.

Unfortunately, Mailfence is only available on desktop or through an internet browser. This is highly disappointing in this fast-moving world, but they say they are in the process of developing this.

On the whole, Mailfence is a great provider and with some improvements they could look to become the best.

4. Hushmail

Pros:

• Easy to Use
• Free plan
• Good security

Cons:

• Deactivated after 3-week of inactivity
• Not compatible with macOS

Hushmail is located in Canada and was launched in 1999, and it has grown significantly since then. While it primarily targets the healthcare and legal markets it doesn’t make it any less of a decent provider.

Like many other providers on this list, Hushmail allows you to get your secure emails free of charge. Its motto revolves around simplicity and security. It’s simple to use and has all of the security features that you might require.

Additionally, it also has a useful iOS so that you can easily access your emails on the go. Additionally, if you send an email to an unencrypted recipient you can choose to ask them a security question before they can view its contents.

Unfortunately, it is based in Canada, and while it does have an end to end encryption it should be of concern.

At just over $4 per month, it’s an affordable service and worth trying out.

5. Posteo

Pros:

• A Green Company
• Superb value for money
• Ad free

Cons:

• Based in Germany
• No end-to-end encryption

Posteo is a completely private and self-financed company that was founded in 2009.

If you’re looking for complete security then Posteo definitely won’t be your choice. However, it’s a green company with plenty to offer its users. At $1 per month, it’s also the cheapest provider on the market.

Unfortunately being based in Germany and not supporting end-to-end encryption is a huge downfall.

While it’s not perfect, if you’re looking for something a bit different then you should take Posteo for a spin.

Free Secure Email Providers

As the saying goes, there’s no such thing as a free lunch. This holds true in most walks of life. For example, Gmail might provide you with a free email account but Google mines and harvests your data. The better version is when providers have a free version in order to tempt you in the door and sell you their premium products. The latter is the case with most of the secure emails providers on this list.

At the time of writing, we’re unaware of a completely free and unlimited secure email provider and we’d be careful even if one came to market. Usually, these services end up selling your data to third party services, instead of caring about your security and privacy.

Features to Look For

When choosing your secure email provider, here are the main features that you should look out for. These are also the factors that we’ve used to help determine the most secure email providers.

Ease of Use & Email Clients

Email privacy has been slow on the uptake because it’s previously been hard to use and implement. However, services like ProtonMail have made it extremely easy like Gmail.

It’s also important that they have user-friendly email clients and a huge added bonus if they have apps for all operating systems including iOS and Android.

Custom Domain

Having a secure email service is all fun and games but many times, especially if you’re a business, you’d like to use your own domain. Unfortunately, [email protected] doesn’t exude the same amount of professionalism as [email protected] If this is something that’s important to you, then make sure your chosen provider offers this.

End-to-End Encryption

End-to-End Encryption is encryption whereby only the person sending and receiving the messages is able to view its contents. Thereby, not even the company that provides the service is able to view the contents of your inbox. This is important because even if they are subpoenaed to hand over your files, it will remain encrypted unless they have your login details.

PGP Encryption

PGP stands for Pretty Good Privacy. Don’t let the name “Pretty Good” put you off, in fact, it’s excellent. I won’t go into it in too much detail but in short, it’s the best email encryption at the moment. Some providers use other encryption, however, this doesn’t necessarily make it weaker. Unfortunately, this does mean it might not be able to receive and send encrypted emails with other providers.

Two-Factor Authentication

Two-factor authentication is when a website requires an additional piece of information alongside your password before you can log in. Traditionally speaking this was something as straight forward as your mother maiden name, or your favorite pet’s name. However, now the possibilities for 2FA are endless. There is FaceID, fingerprint confirmation, authentication USB keys, and a host of other options. Therefore, using 2FA is as simple

Open Source

At WePrivacy we’re constantly advocating open-source software. This is for one simple reason, if it’s open-source it’s harder to hide something malicious or a backdoor in the code. Open source simply means that the code is available and open to the public. However, open-source is not enough by itself, an audit is also required so an independent party can verify that the code is secure, does what is intended, and doesn’t have any hidden secrets.

Unfortunately, being open source does have a negative side. Whereby, it allows people with malicious intent to try and find weaknesses. They, of course, wouldn’t disclose this, and instead, use it for illegal purposes.

Metadata

Metadata is data about data. Most of us don’t notice that an email can contain a considerable amount of data outside of our message. If you go to your email provider and click “View as HTML” you’ll see that your email contains a lot of additional email data about you such as your IP address and other factors that can be used to identify you.

Server Ownership

What many people don’t realize or know is that more companies do not own their own servers. Instead, they usually rent from a company and only operate it. While this is definitely more cost-effective for the company, it’s a huge risk for yourself. This means that if an entity requesting access to your data through legal means such as a subpoena, they could bypass your email provider. The agency or institution could go directly to the people who own the servers and get information on you that way. Of course, if the company is worth their salt then all of the information on the server will be encrypted so there will be nothing useful to use.

Locations

Most providers use end-to-end encryption therefore even if someone gets ahold of your data files, they won’t be able to do anything with it. However, it an added bonus if they are located away from prying eyes in a country such as Switzerland or offshore territories.

Terms and Privacy Policy

It’s extremely important to look at an email provider’s Terms and Conditions, and Privacy Policy. This is important, because no matter how secure and well-implemented their service is if they are willing to hand your data when they are served with a legal request. While privacy laws have come a long way, governments and companies can still submit requests to get a hold of your data.

IMAP, POP, SMTP Support

Most of us have at least 2-3 email accounts, if not more. Personally, due to my job and some other factors, I have over 10! Unfortunately, keeping track of these would be a pain if I had to look at each of them individually on a daily basis. This is what IMAP, POP, and SMTP support comes in. In short, these protocols allow your emails to be imported/ exported automatically in real time. This is also useful if you’re using an email manager software such as Outlook.

Add-ons

Generally speaking, it’s best to use a dedicated tool for everything. For example, AV companies don’t make the best VPNs, and VPN companies don’t make the best password managers. However, getting extra tools included in the price is always welcome, even if it isn’t the best in its field. Most secure email services will provide you with an add on or another. Whether it’s storage space or something else depends on the service.

Other ways to secure your account

While having an encrypted and secure email is a great way to increase your online privacy, it doesn’t mean that everything is peachy and great. Unfortunately, there are some other ways that your account could be compromised, so here are some additional ways to protect yourself.

Password Manager

Passwords are something we see come up regularly. You commonly see passwords such as password and 123456 make the worst password lists every year. We completely agree that memorizing a hold variety of passwords is neither practical nor easy. However, thanks to the advancements in technology, it’s now easy to use password managers on all of your devices. This way you only have to remember one password – but make sure that you make it strong!

Use a name alias

Most of us use an email that’s easy to remember and identifies us, so we end up going with a [email protected] or similar. Due to this, others can often guess our email address within a few attempts as long as they have our name. By using an alias, say your nickname, you’ll be able to overcome people trying to guess your email address.

On the flip side, using your nickname can also have its downsides. Most of us use the same digital nickname all over the net. Therefore, if someone knows your nickname, and it’s unique, then they will be able to gather more information on you by simply Google-ing it.

Do not make it public

The last and probably the most obvious way to make your email account secure is by making sure it stays private. While many social networks allow you to make it public, we recommend never doing so. If possible, always keep all of your email address private. Unfortunately, this isn’t always possible with work accounts.

FAQs

Conclusion

On the whole keeping, your emails private and secure is extremely important in our opinion. Hopefully, this list will help you find the ideal one for you and you’ll be sending us encrypted emails in no time.