What options are available for encrypted email? That’s a great question, and an important one too, if you care at all about your privacy. There are a number of alternatives to Gmail that encrypt your messages and remove the ads, and in this article we’re going to do a direct comparison of the best secure email providers to understand the pros and cons of each.
In order to develop a first-hand understanding of each encrypted email service, I paid for an account with each one and used it for a month. Here’s a quick comparison table to visualize each feature that we’ll cover in more detail below.
 Proton Mail |  Tuta |  Mailfence |  StartMail |  Hushmail | |
|---|---|---|---|---|---|
| Open Source | ✅ | ✅ | Partially | Partially | ❌ |
| Location | Switzerland | Germany | Belgium | Netherlands | Canada |
| Launch Year | 2014 | 2011 | 2013 | 2013 | 1999 |
| Calendar | ✅ | ✅ | ✅ | ❌ | ❌ |
| Drive/Docs | ✅ | ❌ | ✅ | ❌ | ❌ |
| 2FA Key | ✅ | ✅ | ❌ | ❌ | ❌ |
| Aliases | Unlimited* | Limited | Limited | Unlimited | Unlimited |
| Mobile App | ✅ | ✅ | ✅ | ❌ | ✅ |
| Custom Domain | ✅ | ✅ | ✅ | ✅ | ✅ |
| Pricing | $48 | $38 | $42 | $60 | $50 |
| Try Proton | Try Tuta | Mailfence | StartMail | Hushmail |
There’s a bit more nuance to each of these feature rows, which is why we’re going to dive into each provider individually. At the end of the day, it’s important to stress that all of these services represent a more secure alternative to Gmail, Yahoo Mail or Outlook.
But which is right for you? Here’s what we’re going to cover:
- Secure Email Features
- Most Secure Email Services in 2024
- Proton Mail (Overall Best Option)
- Tuta (formerly Tutanota)
- Mailfence
- Startmail
- Hushmail
- Security Tips for All Email
Using the most secure email services in 2024 is just one of many steps you should be taking to protect yourself online.
Note: Some of the links in this article are affiliate links, which means that at no extra cost to you, I may be compensated if you choose to use one of the services listed. I only recommend what I personally have used, and I appreciate your support!
Important Features for Secure Email
You might be tempted to think that all email services are basically the same and there’s not much difference between their services.
But the truth is that different email companies not only approach email security in different ways, but they also offer a variety of features that appeal to different users.
So as we compare each of these top encrypted email services, here are key features we’re going to focus on:
- Length of Service: How long have they been in business? Migrating to a Gmail alternative can be risky because, as we’ve seen in the past, if that email service goes out of business or gets bought up, it’s a hassle to move again.
- Open Source: Security is a factor of trust: how much can you trust these companies with your email data? Having open source code is one of many ways they can earn this trust and while none of the companies on this list are fully open source, they represent different levels of transparency.
- Jurisdiction: Which country and jurisdiction do each of these email providers fall under? We’re going to look at how the location of the company and its servers plays a role in the overall security.
- Calendar / Cloud Drive: Does the email service provide an encrypted calendar and/or cloud drive? This may or may not be required for every user, but it’s good to know which services offer this as an option.
- 2FA Key Security: What’s the value of having secure email if you can’t effectively protect that account login? It’s good to understand how these encrypted email providers allow you to lock down your account.
- Aliases / Custom Domain: How many email aliases do each of these companies allow you to create? And can you use your own domain? Learn about the five types of email aliases.
- Mobile App: Surprisingly, not every email provider has a dedicated mobile app for iOS and Android. If you use email on your mobile device, it’s important to understand the difference between a dedicated app and a web app.
Of course, we’re going to cover the type of encryption that is available for each of these services, including encryption levels for both the software architecture as well as how messages are stored and sent.
So with this foundation of important features to consider, let’s dive into an individual look at each service.
Most Secure Email Services 2024
Personally, I have a few Gmail accounts (secured with their Advanced Protection Program) and I don’t have any plans to get rid of them. However,
I obviously have my biases, but I’m going to try to be as impartial as I can with this list of the most secure email services that you can get in 2024.
Proton Mail | Recommended Secure Email
If security and privacy are important to you when choosing from different alternatives to Gmail, there’s little that competes with Proton Mail (see my full Proton Mail review here).
In my experience, a lot of these secure email providers don’t necessarily have a good user experience, but thankfully that’s not true for Proton Mail.
In addition to an intuitive user-interface, Proton Mail offers a number of great security features including:
- Zero Knowledge Encryption: Even if Proton is given a court order to hand over data (which has happened in the past), their zero-knowledge encryption means that they have nothing of value to share.
- Self-Destructing Messages: If you’d like, you can set a message to self-destruct after a certain period of time using Proton Mail.
- Open Source Cyrptography: Since we don’t have access to Gmail code, we have no way to verify security features. ProtonMail uses only trusted algorithms that have been tested by the security community.
- Blockchain Email Verification: Proton is the first company to test the use of blockchain to store the public keys for any email recipient. Proton launched the beta of Key Transparency in late 2023 and promote the fact that it makes man-in-the-middle or spoofing attacks significantly harder.
- Calendar & Drive: In 2023, Proton starting making their calendar a core feature of the security suite, and Proton Calendar is a great alternative to Google Calendar. Additionally, every Proton Mail account has a cloud drive that allows you to store files securely.
Top Features
- Swiss-based since 2014;
- Free version available;
- Two-factor authentication;
- End-to-end encryption;
- Key Transparency (blockchain security)
- Excellent mobile apps;
- New Proton Calendar and Drive
What It Lacks
- The free version lets you have only 500MB storage and you can send just 150 messages per day;
- The free version lets you create only 3 folders;
The mailbox looks very similar to what you’d find with a Gmail or Yahoo inbox. While free users are limited to basic functionality and limited space of 500 MB, the premium offering includes plenty of storage space, custom filtering, auto-replies and other features we’ve come to expect with any email provider.
Tuta (formerly Tutanota)
Tuta, which is short for “tutanota,” is a Latin word that translates to “secure message.”
The company is located in Germany and has been serving customers since 2011. In addition to the regular email features, they’ve also launched a popular calendar app that integrates seamlessly with the inbox.
Users love Tuta for a number of different reasons, not the least of which is an open-source approach to building their product.
Top Features
- Apps for iPhone and Android;
- Calendar integration
- Located in Germany;
- Free account available;
- 2FA key support;
- Special discounts for non-profit organizations;
What It Lacks
- No encrypted cloud drive (yet)
- Temporary logs are maintained;
Similar to Proton Mail, Tuta offers both premium plans as well as a limited free account that you can use to get a feel for the service.
The free plan gives you 1 GB of storage space (2x’s what you get with the Proton Mail free version). However, you have to use the Tuta address for your email (as opposed to one from a URL you own).
Mailfence Secure Email
I started using Mailfence a few months ago and have really enjoyed a number of features that are not common in other secure email providers.
For example, when I’m using Mailfence I can take advantage of:
- Multiple Encryption Options: I can use both password encryption or OpenPGP encryption to send secure emails to other people.
- Email Forwarding: Mailfence seems to understand what others don’t – I use other email addresses as well. Instead of forwarding the whole email to my Gmail address (eliminating the benefits of encrypted email), I instead get a simple email letting me know that my Mailfence account has a new email.
- Secure Calendar/Documents Integration: Using the calendar and encrypted cloud storage features is simple and intuitive. Just click the tab on the top and it works just like you expect Google’s Calendar and Drive.
Top Features
- Includes Calendar & Cloud Drive
- Located in Belgium (EU)
- Partially open source
- Free account available;
- Custom mobile app for iOS & Android
What It Lacks
- No 2FA key support
In the end, Mailfence is a very affordable entry point into secure email that I like just as much as Proton Mail. You can try them both for free and see which one you prefer.
StartMail (Unlimited Aliases)
Startmail is an encrypted email provider offered by the same company that created the privacy-focused search engine Startpage.
The company is based in the Netherlands and has been in operation since 2013. The primary benefit of this service is their approach to privacy, 20GB of storage, one custom domain (for personal plans), a very pleasing design and unlimited aliases.
That final feature is a big one. While most of the other providers on this list offer limited alias options (even Proton is limited unless you opt for their highest tier), Startmail gives you the ability to create as many as you like.
Hushmail (Best for Healthcare & Law)
Hushmail is another popular secure email provider that is easy to use and shares a look and feel similar to Gmail.
Email is accessed on your browser or using the iOS app (there is no dedicated Android app available yet) and as with each of these providers, all email is end-to-end encrypted.
Hushmail has been around longer than Proton Mail but isn’t as highly favored in the security community for a number of reasons.
- The company is based in Canada, which from a security standpoint has its pros and cons (since it’s one of the countries in the Five Eyes alliance that share information).
- Hushmail’s privacy policy isn’t quite as strict as it could be (although for the average user this won’t be a big deal).
That might sound ominous, but as I’ve mentioned earlier – if you’re relying on a single piece of software to keep you completely secure or anonymous…
…you’re in for a rude awakening.
Hushmail is an excellent service that encrypts your communication better than free options and complies with HIPAA requirements, making it a great choice for healthcare or law professionals.
Top Features
- Simple Interface;
- 14-day free trial;
- 60-day money back guarantee;
- HIPAA compliant web forms and email services;
What It Lacks
- No free account version;
- Based in Canada (part of the Five Eyes alliance);
- Stores IP addresses and other identifiable information on their servers;
- No Android app available;
Hushmail supports two-factor authentication just as Proton Mail does and allows you to filter spam just like Gmail.
One of their biggest advantages are the HIPAA compliant forms that can be embedded on websites, something I haven’t found with any other secure email provider.
One final note: Hushmail’s maximum attachment size is 50MB compared to the 25MB Proton Mail provides, so if you plan to send big files, Hushmail will be a better option.
Security Tips for Gmail Users
But what about Gmail?
There’s a good chance you’re already a Gmail user, and it’s admittedly hard to migrate your email address elsewhere. So if the obstacles to switch to a new, more secure email service are just too high…
…what can you do?
Thankfully, Gmail offers industry-high encryption standards and good security measure. But there are still more things you can do to lock down your Gmail account.
Here are a few to consider.
Secure Gmail Using 2-Factor Authentication
When thinking about securing your Gmail account from hackers, one of the most important steps you can take for any secure email service – not just Gmail – is to enable 2-factor Authentication.
What is 2-Factor Authentication?
2-Factor Authentication, or “2FA” for short, is a second method of identity verification beyond your password to confirm that you are who you say you are. (via What is 2-Factor Authentication?)
2FA can be enabled in one of three methods, with the recommended method listed first:
- 2FA Key (such as Google Titan Security Key or the popular Yubikey)
- Google Authenticator
- SMS Code verification (which is the least secure method, FYI)
Creating that extra security measure is the easiest (and free!) step you can take to make any encrypted email provider more secure.
Use the Gmail Confidential Mode
Did you know that Gmail offers what’s known as the Confidential Mode to send emails?
When composing an email in Gmail, you can click the little icon that looks like a lock with a clock on it (see below).
This gives you the ability to send an email through Gmail that:
- Expires: The email and its attachments can be set to expire on a certain day, and if you like you can even go in later and change this expiration date.
- Requires a Passcode: To make sure only your intended recipient see this email, you can require a passcode to be sent to the phone number you have for them in order to view the email.
Emails sent through Gmail’s confidential mode cannot be forwarded, copied or printed, which is another great security feature.
Turn Off External Image Settings
One way in which the above secure email services differentiate themselves from Gmail is in how they handle external requests.
Because these pose a security threat, they default to blocking them. Gmail, however, defaults to allowing them.
Going into the general settings of your Gmail account and scrolling down, you’ll find a setting called “Images”.
Make sure that this is set to “Ask before displaying external images”.
When you open an email, you’ll be given an option to “Show images”. Unless you know the sender and need to see these images, it’s recommended that you don’t allow this external image request.
Final Thoughts on Secure Email Services
While Gmail isn’t a bad option, and personally I still use them, I still recommend that you open one of these best secure email services for use with sensitive accounts like your banking and investments.
Google’s business model revolves around selling ads using personal information, and if that concerns you (as it should!), it’s worth trying another option.
And even if you continue to use Gmail, make sure you make use of the security settings mentioned above. It’s the same way I recommend you change your Facebook privacy settings.
I’m happy to use Gmail for daily emails related to work and family.
But if I’m truly in need of privacy and security, I turn to Proton Mail or one of the other secure email services listed here.
And remember, not one of these services is hack-proof. Make sure you’re creating strong passwords, enabling two-factor authentication and using common sense.
Security isn’t a software; it is a mindset.
