How to Send Encrypted Email in Gmail

Gmail is a fantastic tool for communicating with all the important people in your life, whether that’s for work, family or play. However, you may be interested in the security options that Google, the makers of Gmail, offer for sending your all-important emails. 

Email in Gmail is not encrypted by default. If you want your emails to be more secure when you send them, you must take advantage of Gmail’s Confidential Mode (if you are using Gmail’s free version), but this is not an encryption service.

If you access Gmail through work or school, then you will be able to use Google’s other encryption option, S/MIME (Secure/Multipurpose internet Mail Extensions). S/MIME essentially hides the contents of the email so only the user with the correct key can decrypt it and read the contents. Your email is protected from unwanted parties gaining access. 

Can I send an encrypted email through Gmail?

It’s absolutely possible to send an encrypted email through Gmail although you’ll need to make sure you have S/MIME enabled, which is only available through Google Workspace’s paid accounts. You’ll need access to the admin console to turn on S/MIME for all your users of Google Workspace, and the recipient of your email will also need to have S/MIME enabled. 

Ready to transform how you work in Gmail?

Teams love Keeping because you can collaborate on a shared inbox without ever leaving Gmail. It's not magic, but it feels magical.

Find Out More

When S/MIME is turned on, each email you send will have a padlock icon included next to the recipient of the email. The color of the padlock tells you the level of encryption for the email, ranging from green for enhanced encryption (S/MIME), gray for standard encryption (TLS, or Transport Layer Security), and red for unencrypted. 

Why is email security important? 

Email security is important because it makes it easier to prevent malicious parties gaining access to your emails. Especially if your emails contain personal or sensitive data, you want to make sure it reaches only the intended recipient. 

The idea of email security is to make sure your email is secure while in transit and also while inside your recipient’s inbox. That’s why Gmail has introduced features that allow you to not only ensure your email is secure when it is sent, but control what happens to it when it arrives. 

When you send confidential email over the internet you need to make sure that not just anyone can read it. Better encryption and privacy is desirable, especially if you are dealing with clients and customers, in which case a data breach would result in a severe loss of faith in the business. Even internally, businesses are often dealing with restricted information that would have a negative impact if it was hacked. 

There also may be times when you need to send sensitive information through your email, such as to a medical professional, in which case you’d be wise to encrypt all your emails to prevent potential hackers from gaining access. 

What is the advantage of sending a secure email in Gmail? 

There are several advantages of sending a secure email in Gmail, and the first set of advantages relate to using Confidential Mode. 

The advantages of Confidential Mode are: 

• Set an expiration date for access to your email. 
• You can remove access to the email at any time. 
• You can require a passcode to access the email that is sent via email or SMS. 
• The recipient will not be able to download, forward, print or copy your email. 

All these features mean that you can keep your email more secure and increase the chances that only the intended recipient has access to the information contained within it. 

Confidential mode is available to anyone with a free Gmail account, although you will need to turn it on every time you want to send a new email that you want to make private. 

What is the disadvantage of sending a secure email in Gmail? 

The disadvantage of Confidential Mode is that it does not actually encrypt your email, and you will need to turn to S/MIME for extra security which is only available through certain Google Enterprise and Education accounts. It’s important to remember that Confidential Mode is not an email encryption service, but simply gives you more control over how your emails are used. 

Also, when you delete an email on your recipient’s servers, the original email is still held by Google in Gmail’s sent folder. You must manually delete that copy of the email and then empty your trash folder in order to remove it entirely. 

Your email is still vulnerable to hackers because your email is not actually encrypted, and anyone can theoretically gain access to your email. 

How to send encrypted emails in Gmail

To enable Gmail to encrypt your email, you need to be an admin for Google Workspace. You must access the Google Admin console to turn encryption on. 

Follow these steps: 

• Navigate to Apps > Google Workspace > Gmail > User settings to access the encryption settings. 
• From the left-hand menu, select the domain that you would like to enable encryption for. 
• Scroll down the page and then choose ‘Enable S/MIMEencryption for sending and receiving emails’. 
• There will be some more custom settings that you need to select depending on your setup. 
• When you’re finished, select ‘Save’ and your emails will be ready to be encrypted. 

Remember that while you can turn on S/MIME for Gmail, it must also be enabled on your recipient’s end to work properly. 

How do I send an encrypted email?

To send an encrypted email in Gmail, all you have to do is make sure S/MIME is turned on. This requires a paid Google Workspace account for business or education. Bear in mind that encryption will only work if the recipient is also using an encrypted email server. 

To find out whether your new email is encrypted, simply compose a new email and enter a recipient. Check the padlock sign next to the recipient and see whether it is green, gray or red. A green padlock means it has the highest level of enhanced encryption. 

How to turn on Confidential Mode in Gmail

Gmail’s free alternative to email encryption is to use Confidential Mode to send emails that are more secure. You can turn on Confidential Mode for each new email that you send. 

Here’s how to do it: 

• Make sure you are logged into your Gmail account. 
• Compose a new email using the Compose button on the top left-hand corner of the screen. 
• In the window that opens, enter your recipient, subject line and body text of the email. 
• At the bottom of the Compose window, select the icon for ‘Toggle confidential mode’, which looks like a padlock with a clock. 
• In the window that opens, choose the expiration date for the email, which can be set times ranging from 1 day to 5 years. 
• Decide whether you want to set a passcode for your email – you will need to enter the recipient’s phone number. 
• Select Save. 
• You will now see a message showing that your email is in confidential mode, and the top of the email will turn blue. 
• Send your email as normal – you will be prompted to enter the recipient’s phone number if you have asked for an SMS passcode. 

Now, when you send your email to the recipient, you will retain control over how the email is used including being able to revoke access early. 

How to revoke access to an email early

When you send an email in Confidential Mode, you set the expiration date for the email to be deleted which can range from 1 day, to 1 week, to 5 years. If you decide you want to revoke access early, you can do this in Gmail. 

• Make sure you are logged into Gmail. 
• Navigate to your sent folder and open the email you want to revoke. 
• Select the ‘Remove access’ text in the body of the email. 
• This will remove the email from your recipient’s servers. 
• If you change your mind, you can ‘Renew access’ from the same email in your Gmail inbox Sent folder. 

It’s a good idea to use this option if you want to send a temporary email to your recipients. Note that Confidential Mode doesn’t prevent your recipients from taking screenshots of your email, despite not being able to copy, forward or print it. 

Does Gmail have end to end encryption?

End to end encryption is when only you and your recipient can read your email at any time. Gmail is not end to end encrypted because your email is always held on Google’s servers, and can be read by Google at any time. 

It’s also important to note that Gmail’s encryption only works if both parties are using Gmail accounts to send and receive email. If you send an email to someone using another email service provider, then Google is no longer able to protect the email with encryption. 

Does Gmail Confidential Mode encrypt?

Gmail’s Confidential Mode does not encrypt your email – it enables recipients to view a copy of your sent email while remaining on Google’s servers. It’s not end-to-end encryption but it does enable an extra level of security for your emails when compared to sending a completely unencrypted email. 

The advantage of Gmail’s Confidential Mode is the ability to set your emails to view-only, and to delete your email from their inbox after a set period of time. However, it’s important to note that only encrypting some of your emails may send a red flag to hackers who will notice these emails are more appealing targets. 

Confidential Mode doesn’t offer more encryption than standard Gmail emails but it does enhance the level of security available when it comes to sending email, ultimately enabling you to send a secure email. 

Is Gmail Confidential Mode secure?

Gmail Confidential Mode is not actually that secure, since it doesn’t use enhanced encryption and simply makes your emails view-only. Using S/MIME is a much better way to make your Gmail emails more secure, except this requires a paid Google Workspace account and for your recipient to have S/MIME enabled. 

Gmail Confidential Mode does add some extra security features designed to protect your emails from unwanted recipients. It doesn’t use the same level of encryption as S/MIME but is more secure than sending an email without using Confidential Mode at all. 

Can I encrypt an email in Gmail?

Gmail automatically equips your email with a certain level of encryption but it does not currently offer end-to-end encryption – the highest level of encryption possible. When you turn on S/MIME with a paid Google Workspace account, you can analyze the level of encryption for each of your emails. 

Gmail uses TLS as a standard level of encryption for every email but it must also be enabled by the recipient of your email. Both parties – the sender and receiver – must cooperate in order for TLS to work. 

Wrapping up

If you want your emails sent through Gmail to be more secure, consider using features such as Confidential Mode or S/MIME. Although neither is a guarantee of email safety, it’s still better than nothing for when you want to send emails with an added layer of security. 

The aim is to protect your emails from attackers, and people who might misuse the information contained within them. As a medium, email is not immune from security breaches but is still a popular method of communication for businesses, customers and personal connections. 

Being able to control the level of security for each of the emails you send is one of the great functions of Gmail. Although not the most secure email provider on the market, it does provide basic tools for both encrypting your emails and keeping them private, ensuring that your communications do not go awry.