How to Encrypt Email in Gmail

As of 2018, there were around 1.5 billion active users of Gmail. With that in mind, there’s a good chance that you – and the people you email daily – have a Gmail account.

But how do you know that the emails that you send are secure?

Gmail uses TLS (Transport Layer Security) as a standard for keeping your emails secure. While both the sender and the receiver’s email providers need TLS enabled to work, there’s no need to worry – most email providers support TLS. If your email provider doesn’t, you may want to consider moving to one of the many that do.

While TLS keeps your email safe when being delivered from one email inbox to another, it doesn’t have the added security of keeping that email safe after it has arrived in the inbox.

However, you can do this fairly simply in both free and paid Gmail accounts.

Here are the step by step guides to both:

For Free Gmail Accounts, Use Gmail Confidential Mode

Google recently released confidential mode, so we’ll look at that first.

Step 1. As you might suspect, you’ll first need to log in to Gmail.

Step 2. Click the Compose button as you usually would when sending a regular email.

Step 3. Write the email as you normally would.

Step 4. When you’ve finished, you need to locate the Confidential button. You can find this in the bottom right of the lower ribbon.

Step 5. You should get a popup like this.

Step 6. From the Set Expiry dropdown menu, you need to choose how long you want the email to be live before it expires. You can choose one week, one month, three months, and – a little strangely – five years.

Step 7. Then, choose whether you want the recipient to use an SMS passcode. This is done via the radio buttons. No SMS passcode means the recipient will receive the password via email if they don’t have Gmail. Selecting an SMS passcode means the recipient will receive the passcode via SMS.

Step 8. Click Save. You should see a box, like in the image below.

Step 9. Send your confidential email.

Pros and Cons of Confidential Mode

As with anything that you get for free, there are a few drawbacks. Here’s a quick look at the pros and cons of using confidential mode in free Gmail accounts.


  • This is an easy way for regulated industries to be able to send a secure email.
  • It takes out the extra step that you need to set up for sending a secure email if you use Gmail.


  • It does require a few steps by the sender of the email – and they have to do this every time.
  • You will need to have the recipient’s mobile number on hand so that they can receive the SMS, which may not always be the case.
  • This process also requires extra steps on the recipient’s side, taking precious time out of their already hectic day.

For Paid Gmail (Google Workspace) Accounts Use S/MIME

S/MIME stands for Secure/Multipurpose Internet Mail Extension, which supports encryption in transit and encrypts your outgoing emails.

Its big drawback is that both the sender and the receiver need to have it enabled for it to be able to work.

Here is how to enable S/MIME in your Google Workspace.

Step 1. Head over to your Google Admin console.

Step 2. Then, select Apps > Google Workspace > Gmail > User settings.

Step 3. On the left navigation, choose the domain or organization that you want to enable S/MIME in.

Step 4. Scroll down and select Enable S/MIMEencryption for sending and receiving emails.

Step 5. From here, you will need to go through the optional settings. As this is different for each setup, you will need to follow the advice that Google provides here.

Step 6. Click Save, and you’re all set up.

How To Check That Your Email Will Be Encrypted

Step 1. Start composing your email as you would normally.

Step 2. Then, add the recipient into the To field.

Step 3. To the right of the recipient’s name, you should now see a little lock icon. This indicates the level of encryption that the receiver of the email has on their email provider.

Step 4. By selecting the lock, you’ll be able to do two things. You can change your S/MIME settings, and you can also learn more about the level of your recipients’ level of encryption.

Additional Reading: 10 Best Alternatives to Gmail in 2021

How to Check That the Encrypted Email Was Received

Step 1. Open up your received email.

Step 2. If you are opening on an Andriod device, you’ll need to select View details followed by View security details. If you’re viewing from an iPhone, you only need to tap View details.

Step 3. You should now see a colored icon that lets you know the level of encryption that the sender used.

But what do the different colored icons mean?

 this is S/MIME enhanced encryption. This is the highest level, and only the recipient with the corresponding private key will be able to decrypt and ultimately see the message.

this is TLS or standard encryption. TLS or Transport Layer Security is used as a standard when an email service does not support S/MIME.

 this icon means that the email is unencrypted.

There you have it! Whether you use a paid or free account, there is a way to encrypt your Gmail messages relatively easily.


Start spending less time in your inbox

Add to Gmail It's free!