How to send a secure email in Outlook
Want to send a secure email in Outlook but not sure how? In this guide we walk you through the steps to send a secure email in Outlook or Hotmail and help you find a better secure solution that even encrypts the subject line.
In today’s business world, email is still very important and most likely here to stay for decades to come. Thus, it’s also important to learn sending a secure email in Outlook - as Outlook is still one of the most common email tools in corporate environments.
If you’re an Outlook mail user, you might want to send a secure email in Outlook, particularly in a business context you will need to send confidential information at some point that needs proper end-to-end encryption. But how do you send a confidential email in Outlook? As email and security experts, we at Tuta Mail have all your secure email sending questions covered in this detailed guide! And, if sending a secure email from Outlook is too complicated and expensive, we discuss a better privacy focused provider that makes sending encrypted emails super easy and best of all: it’s free - Tuta Mail.
To learn more, watch our YouTube video on how to send a secure email in Outlook, Gmail and Tuta Mail.
End-to-end encryption for best security
Emails in Outlook can be encrypted in multiple ways to make sure that nobody can monitor your confidential messages. It is important tounderstand the different types of encryption and to know what is the best option to secure the entire email, including its subject line, body and attachments.
Sending confidential info via email can be risky as normal emails are as public as postcards.
It’s necessary to encrypt confidential info – with proper end-to-end encryption, not just TLS. When encrypting an email end-to-end, the encryption algorithms scramble your texts into unreadable data that only the recipient can decrypt and make it readable again. By using encryption to secure your Outlook emails for personal or business use, you make sure that nobody can monitor your emails. Using encryption is also the most secure option for sending files.
Table of Contents:
• How to encrypt an email in Outlook.com
• Encrypting emails in the Outlook desktop app (S/MIME)
• A free and secure email solution exists, including encryption of subject lines!
When you send an email in Outlook, it automatically uses its standard encryption, which is transport layer encryption (TLS) that today most email providers use to protect your emails while traveling the web.
But there is a way to boost your security and use Outlook’s enhanced encryption to send more secure emails – but of course, encrypting emails in Outlook has a big catch: You need to have a paid subscription to encrypt emails in Outlook.
Continue reading as we go more into detail on how to send secure emails and how to encrypt emails in Outlook – or to check out another solution that is completely free and uses quantum-safe encryption for emails!
How Outlook encrypts emails?
By default Outlook uses TLS (Transport Layer Security) to encrypt your emails. TLS creates a tunnel from email server to email server to make sure that no one spying on the web traffic can decipher your emails. TLS can be enhanced with other protocols like DANE, DNSSEC and MTA-STS as done by Tuta Mail, but it’s still only a tunnel for your plain text data.
Thus, TLS is not secure enough for truly confidential information as the tunnel that secure the data is decrypted every time the email passes a server, and then re-encrypted as it travels on. This opens a large attack vector to sensitive messages and puts your privacy at risk. In addition, TLS only works if the email recipient’s email provider supports it as well.
As said by Microsoft, “with TLS, the message might not stay encrypted after the message reaches the recipient’s email provider” – or at any server it is stored in-between until the email reaches the recipient.
So you might think your private, TLS-encrypted emails you send to your lawyer, doctor, or colleagues are secure and private but in fact, your email’s security with TLS is not good enough; the better solution is end-to-end encryption. TLS is not end-to-end encryption, meaning Outlook keeps the encryption key to your private emails so they have access to them, too.
Encryption only available on paid plans
Outlook only offers proper end-to-end encryption to paying customers. You should know that sending a truly private and confidential email in Outlook simply doesn’t exist if you have a free plan. Unfortunately with Microsoft’s Outlook, a free email account comes at a loss of privacy! There is a much better Outlook alternative: Tuta Mail. It is free and uses end-to-end encryption by default – a much better privacy focused email solution that lets you send encrypted emails easily, to anyone, and for free!
While Microsoft claims that Outlook doesn’t scan the contents of your emails for ad targeting purposes, they have been caught working closely with US intelligence agencies, and they can collect and give email contents to third parties. In addition to this, the latest version of Outlook is causing mass concern amongst security and privacy experts. In short, the latest version of Outlook shares the unencrypted content of your mailbox, calendar events, contact lists and even sensitive login information like your passwords with the Microsoft servers in the US - a huge risk to your privacy and security.
So you can use Outlook for “free”, but unfortunately if you want to use their enhanced encryption function, you’ll need to upgrade to a paid plan like the Microsoft 365 Family or Microsoft 365 Personal plan. In short, get your bank card out and fork out more money to a big tech company to send emails securely.
But why pay when you can get full privacy and security with Tuta Mail for FREE! Sign up now for the best private email provider that lets you send secure emails in seconds. This YouTube video shows you how easy the encryption works in Tuta Mail.
How to encrypt an email in Outlook.com
If you have an eligible paid subscription like a Microsoft 365 Family or Microsoft 365 Personal, you can encrypt your private emails by using Office Message Encryption (OME) on Outlook.com by following these steps:
- Open your Outlook email and compose your email as normal
- In the menu at the top of the email click the Encrypt button
- Select Encrypt or Encrypt & Prevent Forwarding
Note: Office Message Encryption (OME) is only available for paid subscriptions like a Microsoft 365 Family or Microsoft 365 Personal subscription.
How to open an encrypted email
To read or respond to an email that’s encrypted with OME:
- If the recipient uses Microsoft 365, Outlook.com, the Outlook mobile app or Mail app in Windows 10, they can simply sign in, open the email and reply to it as a usual email.
- If the recipient uses Outlook for Mac, Outlook for Windows or a third-part email app, they will receive an email with instructions on how to read the message.
- If the recipient has a Yahoo or Gmail account, they can authenticate by using their Google or Yahoo account or use a temporary code.
- For recipients with a different email provider like Tuta Mail, Outlook will send a temporary passcode to access and decrypt the email.
The disadvantages of email encryption in Outlook.com
Encryption in Outlook has not only the downside of needing to pay for it, it also can’t be considered the most secure optin and Outlook does not encrypt the subject line. Here’s a list of downsides to the Outlook encryption protocol:
- Outlook sends the passcode to access the encrypted mail to the same email address: If your account is ever hacked or compromised, the attackers can easily gain access to these encrypted messages.
- The Encrypt & Prevent Forwarding option sets the illusion of extra security but someone can easily take a screenshot of the email and capture the private information that way.
- In the past, Outlook’s encryption was flawed on purpose for enabling surveillance. Given this precedence it’s hard to trust Outlook to do security right today. This could only be verified if Outlook published their code as open source like Tuta Mail - which they didn’t to date.
How to encrypt a single email
- Open a window to compose a new email
- Click File
- Go to Properties
- Click Security Settings
- Select the Encrypt message contents and attachments check box
- Compose your email as usual and click Send
How to encrypt all outgoing emails
If you decide to encrypt all outgoing emails by default in Outlook, you can compose emails as usual but the email recipient will need to have your digital ID to decode and view the email contents.
- Click File
- Choose Options
- Go to Trust Center then Trust Center Settings
- Go to the Email Security Tab
- Under Encrypted Email select the Encrypt contents and attachments for outgoing messages check box
Encrypting emails in the Outlook desktop app (S/MIME)
If you use Outlook mail from the Outlook desktop app and have the correct version of the app or a premium paid subscription, you can enable S/MIME encryption. S/MIME, short for Secure/Multipurpose Internet Mail Extensions encrypts emails end-to-end with user-specific keys so that only the intended email recipient can decrypt and view the email contents.
To use this type of encryption, you will have to enable S/MIME for Outlook and upload a personal S/MIME certificate from an certificate authority. Once S/MIME is enabled, you can encrypt all your emails in the Outlook app on your Windows desktop.
Note: Encrypting emails using Microsoft 365 Message Encryption (OME) is also available on the Outlook desktop app but for specific subscriptions – again, these are paid subscriptions.
Before you encrypt with S/MIME
Before you can encrypt your emails with S/MIME, you will need to add a certificate to the keychain on your computer. Once the signing certificate has been set up on your computer, you need to configure it in Outlook. Here’s how to configure a signing certificate in Outlook:
- Go to File
- Select Options
- Select Trust Center
- Select Trust Center Settings
- Go to Email Security
- Under Encrypted Email click Settings
- Under Certificates and Algorithms, click Choose
- Select S/MIME certificate
- Click Ok
After configuring the signing certificate, you can compose your email as usual and select to encrypt it with S/MIME.
Steps to send a secure email
To encrypt an email using S/MIME encryption from the Outlook app on Windows, follow these steps:
- Open your Outlook email and compose your email as normal
- Click Options
- Click Encrypt
- Click Encrypt with S/MIME
The recipient of the email also needs to have S/MIME enabled with a valid S/MIME certificate. If the recipient doesn’t have S/MIME enabled, as you click to send the email an “Encryption Problems” warning will pop up and you will have the option to either cancel the send, or send the email unencrypted – yes, we also think this process is complex and might give you a headache!
Decrypt the secure email
How to open an email encrypted with S/MIME
- If the recipient has S/MIME with a valid S/MIME certificate, they will have no problem opening the email which is then decrypted.
- As mentioned above, if the recipient doesn’t have S/MIME enabled, you won’t be able to send the email encrypted. Instead you will only have the option to send it unencrypted.
The downsides of encrypting with S/MIME
- You need a paid Microsoft account that is eligible for S/MIME.
- An administrator has to enable S/MIME: Setting it up is a technical task and not a simple solution to encrypting emails.
- S/MIME has a centralized system of certificate authorities and can be compromised.
- With this type of encryption, you can’t send encrypted emails to a regular Outlook account or another email provider that doesn’t have S/MIME support.
A free and secure email solution exists, including encryption of subject lines!
Now that you’ve done your research on the complex and expensive options Outlook gives you to send a secure email that’s encrypted, we won’t be surprised if this has put you off completely. While Outlook makes encrypting emails a costly, time-draining ordeal, there are email providers that use end-to-end encryption by default like Tuta Mail.
If you’re wondering how to send a secure email or looking for the best practices for secure email communication, Tuta Mail is the solution. Privacy focused email providers like Tuta Mail, make sending secure emails easy and free - all you need to do is create a Tuta account in seconds and download the Android or iPhone app to start sending end-to-end encrypted emails.
With Tuta Mail the entire mailbox is end-to-end encrypted. This means that the subject line of your email, of course the whole message and attachments as well as the Tuta Calendars and Tuta Contacts are encrypted.
In Tuta Mail only the sender and intended email recipient can view the email – not even Tuta employees have access to this content. Nobody can monitor your emails, instead your privacy is respected 100%.
Tuta mail is fully open source, uses end-to-end encryption by default, offers two factor authentication (2FA), has phishing protection and session handling. In addition, Tuta is created and run from Germany, a great location for data protection, operating under the GDPR, fully adheres to all EU standards and sets a high precedence for email privacy and security – one big tech email providers like Gmail and Outlook will never provide for free!
It’s time to delete Outlook, and get end-to-end encryption by default with Tuta Mail.
Tuta Mail is free, has zero ads and no tracking. Plus, it makes sending secure emails easy! Click here to create a free email account with Tuta Mail today.