How to Encrypt Email in Gmail

As of 2020, there were around 1.8 billion active users of Gmail. With that in mind, there’s a good chance that you – and the people you email daily – have a Gmail account in 2024. But how do you know that the emails that you send are secure? Gmail uses TLS (Transport Layer Security) […]

How to Encrypt Email in Gmail

As of 2020, there were around 1.8 billion active users of Gmail. With that in mind, there’s a good chance that you – and the people you email daily – have a Gmail account in 2024.

But how do you know that the emails that you send are secure?

Gmail uses TLS (Transport Layer Security) as a standard for keeping your emails secure. While both the sender and the receiver’s email providers need TLS enabled to work, there’s no need to worry – most email providers support TLS. If your email provider doesn’t, you may want to consider moving to one of the many that do.

While TLS keeps your email safe when being delivered from one email inbox to another, it doesn’t have the added security of keeping that email safe after it has arrived in the inbox.

However, you can do this fairly simply in both free and paid Gmail accounts.

Here are the step by step guides to both:

For Free Gmail Accounts, Use Gmail Confidential Mode

Google recently released confidential mode, so we’ll look at that first.

Step 1. As you might suspect, you’ll first need to log in to Gmail.

Step 2. Click the Compose button as you usually would when sending a regular email.

Step 3. Write the email as you normally would.

Step 4. When you’ve finished, you need to locate the Confidential button. You can find this in the bottom right of the lower ribbon.

Step 5. You should get a popup like this.

Step 6. From the Set Expiry dropdown menu, you need to choose how long you want the email to be live before it expires. You can choose one week, one month, three months, and – a little strangely – five years.

Step 7. Then, choose whether you want the recipient to use an SMS passcode. This is done via the radio buttons. No SMS passcode means the recipient will receive the password via email if they don’t have Gmail. Selecting an SMS passcode means the recipient will receive the passcode via SMS.

Step 8. Click Save. You should see a box, like in the image below.

Step 9. Send your confidential email.

Additional Reading: The Ultimate Email Encryption Guide

Pros and Cons of Confidential Mode

As with anything that you get for free, there are a few drawbacks. Here’s a quick look at the pros and cons of using confidential mode in free Gmail accounts.


  • This is an easy way for regulated industries to be able to send a secure email.
  • It takes out the extra step that you need to set up for sending a secure email if you use Gmail.


  • It does require a few steps by the sender of the email – and they have to do this every time.
  • You will need to have the recipient’s mobile number on hand so that they can receive the SMS, which may not always be the case.
  • This process also requires extra steps on the recipient’s side, taking precious time out of their already hectic day.

pros and cons of email encryption

For Paid Gmail (Google Workspace) Accounts Use S/MIME

S/MIME stands for Secure/Multipurpose Internet Mail Extension, which supports encryption in transit and encrypts your outgoing emails.

Its big drawback is that both the sender and the receiver need to have it enabled for it to be able to work.

Here is how to enable S/MIME in your Google Workspace.

Step 1. Head over to your Google Admin console.

Step 2. Then, select Apps > Google Workspace > Gmail > User settings.

Step 3. On the left navigation, choose the domain or organization that you want to enable S/MIME in.

Step 4. Scroll down and select Enable S/MIMEencryption for sending and receiving emails.

Step 5. From here, you will need to go through the optional settings. As this is different for each setup, you will need to follow the advice that Google provides here.

Step 6. Click Save, and you’re all set up.

How To Check That Your Email Will Be Encrypted

Step 1. Start composing your email as you would normally.

Step 2. Then, add the recipient into the To field.

Step 3. To the right of the recipient’s name, you should now see a little lock icon. This indicates the level of encryption that the receiver of the email has on their email provider.

Step 4. By selecting the lock, you’ll be able to do two things. You can change your S/MIME settings, and you can also learn more about the level of your recipients’ level of encryption.

Additional Reading: 10 Best Alternatives to Gmail in 2024

How to Check That the Encrypted Email Was Received

Step 1. Open up your received email.

Step 2. If you are opening on an Andriod device, you’ll need to select View details followed by View security details. If you’re viewing from an iPhone, you only need to tap View details.

Step 3. You should now see a colored icon that lets you know the level of encryption that the sender used.

But what do the different colored icons mean?

 this is S/MIME enhanced encryption. This is the highest level, and only the recipient with the corresponding private key will be able to decrypt and ultimately see the message.

this is TLS or standard encryption. TLS or Transport Layer Security is used as a standard when an email service does not support S/MIME.

 this icon means that the email is unencrypted.

There you have it! Whether you use a paid or free account, there is a way to encrypt your Gmail messages relatively easily.

Top 3 Email Encryption Tools to Use for Gmail

top 3 email encryption tools for gmail

1. ZixEncrypt

The first tool on the list is Zix. You can set encryption standards based on keywords, or even departments within your organization. Then, according to these policies, Zix does the rest — simplifying your encryption process.

Aside from policy settings, other features include “Best Method of Delivery,” content filters, and great customer support.

Pricing: ZixEncrypt pricing is available upon request for a quote.

2. Trustifi

Trustifi is an email encryption service that allows you to encrypt your messages with an easy-to-use interface. It is compliant with data protection laws, and integrates seamlessly into Gmail.

The solution is cloud-based, using an API integration that just takes moments to set up. Features include two-factor authentication, two-way encryption, no registration, and data configuration that automatically encrypts important data like credit cards to eliminate human encryption oversights.

You can even block users, revoke access and set expiration dates for added security.

Pricing: You can request a quote for pricing information.

3. Virtru

Virtru is one of the best Gmail encryption services on the market today. This cloud-based platform allows you to have control over who interacts with your emails.

You can open your encrypted emails directly within Gmail, and administrators can create policies around encryption for the entire organization.

Features include watermarks, encrypted attachments, controlled forwarding and even file-sharing privileges to give you added peace of mind. An admin dashboard makes it easy to manage all of these policies in features from one place.

Pricing: Virtru begins at $60 per user per year.

Right Inbox

Track emails, email reminders & templates in Gmail for free

Upgrade Gmail with the features it’s missing

Add to Gmail

David Campbell

David Campbell is the editor of the Right Inbox blog. He is passionate about email productivity and getting more done in less time.


Start spending less time in your inbox

Add to Gmail It's free!