Top 5 Secure Email Services by Dominique René


Whenever you are surfing the Internet nowadays, your privacy is potentially at risk. Governments and major international corporations are known to engage in covert online surveillance. Cybercriminals, in their turn, have plenty of techniques on their hands to spy on regular users as well. Although the motivations are different in the above scenarios, the consequences of privacy violation are equally adverse regardless of the interested party.

Whereas it seems that we all have to take this uncomforting state of affairs for granted, doing nothing about it is a lame response. In fact, there is a simple and effective way to be a moving target in the prying eyes of cyber-encroachers. It boils down to encryption.

There is no denying the fact that email is one of the indispensable elements of everybody’s online routine. Popular email services, such as Gmail or Yahoo Mail, may deliver a decent level of security, but there is a caveat. Many mainstream providers have gained notoriety for mistreating users’ data, scouring inboxes for keywords to generate targeted advertisements, and missing spam that delivers computer viruses. 

Below is a list of the top 5 easy-to-use email services that ensure strong encryption of your data and thereby prevent it from being accessed by third parties. On a side note, most of these providers are based in the European Union, where GDPR (General Data Protection Regulation) has been in effect since May 2018. Be advised that although the services in question won’t disclose your sensitive information to other organizations and advertisers, they may be obliged to share it with law enforcement agencies based on official inquiries.

  • ProtonMail

Headquartered in Switzerland, ProtonMail provides encrypted email accounts that add a robust layer of privacy to your online posture. It stems from CERN, the European Organization for Nuclear Research. Created by scientists working on this famous particle physics research project, ProtonMail boasts a unique electronic infrastructure located deep under the ground in an impregnable bunker that will stay intact even in case of a nuclear attack.


  • Free subscription providing 500 MB of storage and up to 150 emails per day
  • Both individual and enterprise subscription plans are available. Enterprise subscription is based on the number of users and available storage
  • Two-step verification
  • Ability to use your own domain
  • Supports mobile devices (Android and iOS apps)
  • Configurable self-destruction of emails – if you opt for this feature, your messages will be automatically removed from the recipient’s inbox after a specified period of time
  • A combo of RSA, AES, and OpenPGP cryptosystems used
  • Open source code
  • Tutanota

Tutanota, another secure email service, has a German origin. With “Google-free” experience at its core, it is marketed as an alternative to Gmail, Yahoo, and GMX. The provider has recently launched the free encrypted calendar feature. Encrypted cloud storage is another great initiative they are allegedly working on.


  • Free single-user subscription with 1 GB of storage
  • Basic service is free for private usage. Prices for business accounts depend on storage capacities.
  • Enterprise subscription option
  • No fees for non-profit organizations
  • Ability to use your own domain
  • 2FA (two-factor authentication)
  • Open source code
  • IT infrastructure relies entirely on “green” electricity

Here’s another noteworthy peculiarity of Tutanota: if you are up to sending a message to somebody who is using a different email provider, you will need to come up with a password and enter it in a separate field when composing the email. The non-Tutanota recipient will only be able to unlock the message if they have the above-mentioned password. Then, they will be prompted to click a link that leads to the message proper. This link stays valid until the person receives another encrypted email from you.

  • Hushmail

Hushmail is a reputable Canada-based oldie in the encrypted email industry, having been launched back in 1999. It focuses on ensuring user-friendly controls combined with top-notch security features. Interestingly, its sign-in form says “Passphrase” rather than “Password”, which emphasizes the importance of complex, hard-to-guess authentication details these days.


  • Free 14-day trial (no need to enter credit card information)
  • There is no free plan. Personal use subscription has an annual fee and business plans depend on the number of users
  • 2FA
  • iOS app supporting two-step verification
  • Allows using your own domain
  • An account gets locked over too many failed attempts to log in
  • Accessible via third-party email software, such as Mac Mail, Outlook, or Thunderbird
  • Malware and spam filters
  • A mix of OpenPGP and TLS/SSL encryption standards

When sending a message to an external recipient who isn’t using Hushmail, you need to enable the Encrypted checkbox. This way, the person will be able to read your email on a secure web page. You can also add a security question that the recipient has to answer to view your message.

  • CounterMail

Based in Sweden, CounterMail is an easy-to-use email service that utilizes OpenPGP protocol with 4096-bit encryption keys to anonymize your communication. Despite the old-school and somewhat obsolete design of their website, the provider takes your privacy seriously and protects your data against contemporary online threats.


  • Free 7-day trial
  • Flexible paid subscription model (6, 12, 24 months)
  • All plans go with 4 GB of encrypted storage for emails (extra space available for a fee)
  • Works with Android devices
  • Supports IMAP
  • Unique “diskless” web servers: rather than use hard drives, the servers start from a CD-ROM for more anonymity. According to the provider, this set-up prevents customers’ IP addresses from being leaked
  • USB-key feature complements your regular password-based authentication with an additional layer of security. It is an effective barrier against unauthorized access through brute-force attacks and the use of keystroke loggers
  • OpenPGP encryption
  • Protection against MITM (man-in-the-middle) attacks
  • Runbox

Runbox is a secure email provider located in Norway. Complying with the country’s rigid privacy legislation, it is committed to the best practices of personal data protection.


  • Free 30-day trial
  • Paid subscription for individuals includes 1 GB of email storage plus 100 MB of file storage space, current rates can be found on their website
  • Annual rates for businesses go with at least 25 GB of email storage, 2 GB of file storage, and 25 email domains allowed
  • Multiple payment channels spanning credit cards, debit cards, bank transfers, PayPal, Bitcoin, international money orders, and even cash
  • 60-day money-back guarantee
  • Ability to use your own domain
  • Calendar (currently in beta)
  • End-to-end encryption
  • No ads; spam and malware filters included
  • Accessible via IMAP, POP, SMTP, and Web
  • “Hydropowered” (the servers run on 100% renewable energy sources)


It’s in your best interest to make sure that the information you send and receive over email remains private. Encrypted email is what does the trick in this regard. Yes, there are plenty of other mechanisms to safeguard your private online correspondence via encryption tools, for example virtual private networks. but sometimes it might take a tech-savvy user to do it right. That being said, encrypted email services appear to strike a golden mean for the average person.

About the Author:

Dominique René is a young writer inspired by the present-day groundbreaking technological progress. Dominique’s overwhelming enthusiasm for tech matters stems from her current research in college and innate aspiration to expand her academic outlook. She’s committed to staying on top of innovative trends in computer security, online privacy, threat intelligence, cryptocurrencies, and cloud solutions.




September 16, 2019


Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023