In today’s world, there are few things more valuable than information – and that’s why information is one of the top targets for theft, especially when it comes to email and online communication.
Using a strong password is one thing that can help, but nobody is ever error-free or completely invulnerable. When sending important, sensitive, or outright secret information over Gmail, you need to be careful.
This guide to email encryption in Gmail will teach you everything you need to know about keeping all of your work, social, and personal information safe online.
How to Send Encrypted Emails With Gmail Confidential Mode
Sending and receiving encrypted emails is simple and efficient in Gmail, thanks to a function Google calls “Confidential Mode“.
Confidential mode locks the content of emails behind a verification wall – if the recipient cannot verify their identity, they cannot open the message.
Using it is much easier than you might think – simply follow these steps:
1. Click “Compose” to create a new email.
2. In the bottom of the draft window, click the “Confidential Mode” icon. It looks like a padlock placed next to a clock:
3. Choose an expiration date. After the expiration date on a confidential email passes, no one will be able to access the contents of the email – not even you:
4. Make sure the option for “SMS Passcode” is turned on. This is what enables Google to lock your confidential message to everyone but the person you are trying to send the message to:
5. Type your email message, and attach any documents (when using Confidential Mode, it’s best to use non-encrypted attachments, since the email itself will be encrypted):
6. Click “Send”. A new prompt will appear, asking you to enter your recipient’s phone number. This is what Google will use to verify the recipient’s identity before allowing them access to the email:
Once you enter the phone number, your confidential email will be sent.
How to Open an Encrypted Email in Gmail
If someone sends you a confidential email, you’ll need your phone handy if you want to open it.
Opening a confidential email is a simple 3-step process:
1. Click on the confidential email in your inbox:
2. Click “Verify Identity” and wait for a verification code to be texted to your phone:
3. Enter the verification code and click “Submit”
4. Read your confidential mail:
Every time you open the confidential mail, you’ll have to enter a new passcode so that Gmail can re-verify your identity. Want to open the confidential email 5 different times? You’ll also be verifying your identity 5 different times.
Why Confidential Mode Might Be Better Than Encrypting Documents
If you’re sharing sensitive information through email attachments, you may be wondering why you can’t simply encrypt the attachment before sending it instead of using Confidential Mode.
This is certainly an option, and it might be your best option if you need the recipient to download or print the attachment you’re sending them. But, there is one big reason why Confidential Mode should be your first choice: identity verification.
The use of identity verification makes Gmail’s Confidential Mode one of the most secure ways to send and receive sensitive information. No passwords need to be written down or shared, making Confidential Mode even harder to crack than standard document encryption.
Think about it: a standard document encryption still requires you to share a password with the recipient so they can open the document. That means they have to store the password somewhere, likely accessible through their email address.
If someone hacks into that Gmail account or gets access to their computer, it won’t be hard for them to find the password for encrypted files, either.
To put it simply: if your Gmail password can be breached, so can the password on an encrypted document.
Gmail’s Confidential Mode, on the other hand, ensures security by requiring two types of verification to access: the email account and an associated phone number. With Confidential Mode, you can have your email account compromised but still retain the integrity of secure emails.
The Limitations of Gmail’s Encrypted Mode
For all the benefits you get from Confidential Mode, there are still some drawbacks. The two largest drawbacks are illustrated below:
No Saving, Downloading, Printing, or Copying
When you send a confidential email, the recipient will not be able to save, download, print, or even copy any of the content. This is also true for attachments: they are, in Confidential Mode, “Read Only”.
If you need the person receiving the email to do anything other than simply read and reply, Confidential Mode might not be the best choice. In those cases, it’s usually better to password-protect a document on your computer or share it through Google Drive.
Susceptible to Human Error: “SMS Passcode” is Not the Default
Before you think we’re getting nit-picky about this one, consider that the entire point of Confidential Mode is to provide complete security for Gmail messages, but the one feature that actually guarantees it is turned off by default.
That simply doesn’t make sense. Furthermore, when you’re in a rush, it’s easy to forget that one tiny step, which can lead to you or others in your organization sending sensitive information that isn’t completely secure.
For example, if you send a Confidential Email to the wrong person, and you forget to use “SMS Passcode” you haven’t stopped that person from seeing the sensitive information. You’ve only stopped them from downloading/printing it.
In a world full of data breaches and leaks, one would hope that Gmail sees this as an issue and works to remedy it soon!
How to Password-Protect Documents to Send in Gmail
Because one of the major drawbacks of Gmail’s Confidential Mode is that recipients can’t download attachments, it’s important to know how to encrypt them before attaching them to an email.
That way, you can send a protected document inside a normal email, giving the recipient the ability to download and store the document on their own device.
Here’s how it’s done:
How to Encrypt a PDF On a Mac Computer
- Find the PDF in Finder
- Open it with Preview
- Click “File”, then “Export”
- Check the box next to “Encrypt”
- Choose a password, then click “Save”
- Upload your PDF to an email and send it.
How to Encrypt a File on a PC with Windows 10
- Find your document in Windows Explorer
- Open the file in the corresponding program (Word, Excel, etc)
- Click “File”, then “Info”
- Click “Protect Document”, then “Encrypt with Password“
- Enter a password, and save your file.
- Upload the file to your email and send it.
- Open a file in Adobe Acrobat Reader
- Click “Tools”, then “Protect”
- Select “Encrypt”, then “Ecrypt with Password”
- Click the box that says “Require a password to open the document”.
- Enter a password that will lock the document.
- Acrobat Reader has several different settings you can use to adjust people’s ability to print, copy, or edit the PDF file. Choose the settings you feel appropriate for your document, then click “OK”.
- Confirm your changes and click “OK” again.
- Attach your PDF to an email and send it.
FAQ: Encrypting Emails in Gmail
No – you can view confidential emails at any time without a passcode if you are the sender of the email.
This stands in contrast to other forms of encryption, like document encryption, where you have to enter a password every time no matter whether or not you were the one who did the encryption.
Yes – all you need is the recipient’s email and phone number to send secure information through email without risking a breach.
The person you’re sending the confidential email to only needs to open the email and verify their identity using their phone number. That means it doesn’t matter what email service a person uses, or where they live – you can send a completely secure email to them in Gmail.
No – at least in Gmail, you cannot attach a password-protected document inside a confidential email.
Technically, you can, but the recipient wouldn’t be able to download and open the file because Confidential Mode doesn’t allow downloading.
So, it’s best to choose one or the other, not both, when it comes to Gmail encryption options.
If you do not choose the option for “SMS Passcode” when composing a confidential email, the recipient won’t have to verify their identity in order to view it.
The only active feature when “SMS Passcode” is not selected is the expiration date.
This is a fine option for semi-sensitive emails, but any truly sensitive information should be sent as a confidential email with an SMS Passcode securing it.