Gmail is a great email service, but the one thing they’re not known for is respecting your privacy. After all, their business model is to monitor your online activity to serve you “relevant ads”. They may be up-front about it, but that doesn’t excuse it. So what do you do if you want your emails to remain absolutely secret? Here’s how to encrypt your email in Gmail like a secret agent.
Read more: What is encryption?
To encrypt emails in Gmail, there’s the easy way and the hard way. The hard way is to use IMAP to download all of your emails to a local email client, such as Outlook or MacOS Mail, and then install PGP. This requires a steep learning curve. A much easier method is to use a Chrome third-party extension, which also uses PGP, but does all of the heavy lifting for you.
How to encrypt email in Gmail
Many years ago, if you wanted to encrypt your emails, you were faced with the very daunting task of installing PGP onto a local email client, figuring out public and private keys, and hoping you didn’t get anything wrong. You then decided it wasn’t worth the effort and gave up. These days, with the advent of browser extensions, you can now get these processes simplified, to the point where it’s just a case of a simple click and send.
With Chrome, Google only has three possible encryption extensions in the Chrome Web Store. Out of those three, the most highly rated one is FlowCrypt.
Once you’ve installed it, it will ask you to enter an existing PGP key if you have one, or create a new one. For the purposes of this demonstration, let’s assume you don’t have one.
You first need to set up a really secure passphrase, the longer the better. As you type, you’ll be told how secure it is. Get to GREAT at the very least. PERFECT would be even better. Obviously make the passphrase memorable so you don’t forget it. And before you hacker-types get excited, that isn’t my passphrase. I changed it after making this screenshot.
When you click Create and Save, it will direct you to the FlowCrypt website to create your first encrypted message. But if you now go to to your Gmail inbox, you’ll see a new Compose button called Secure Compose. Click that to get started.
A brand new email compose window will now open. Enter the email address you want to send your secret missive to, then click Encrypt, Sign and Send.
When an encrypted email arrives in your inbox, FlowCrypt will automatically decrypt it for you back into plain text. However, if someone was to intercept the email between you and the sender, this is what they would see. Without the decryption key, it’s useless gibberish.
Obviously, the following always applies. Keep your private key private. Keep your passphrase private. If you think either have been compromised, change them immediately.
Read more: How to encrypt your Android device
Does the email recipient need to have the same encryption program as you, to read emails?
The email recipient needs to have some sort of email encryption program, but it doesn’t necessarily have to be the same one you have. When Flow Crypt sends out your email, they also send your public key, so the other person can email you back securely, regardless of what encryption platform they have.
Can you encrypt and decrypt emails on the mobile Gmail app?
As far as Flow Crypt is concerned, there was a 2018 blog entry stating they were starting to test the Android version. No other word has been said since. There doesn’t appear to be an iOS version yet. It’s probably best to stick to the desktop version.