Guides

How to send a secure email in Outlook (2026 guide)

Want to send a secure email in Outlook but not sure how? In this guide, we explain how to encrypt emails in Outlook and what security options are available.

How to send a secure email with Outlook.com and how to encrypt the subject line.

Even though many teams now use messaging tools for quick communication, email still remains one of the most important communication channels for businesses and individuals. Because Microsoft Outlook is one of the most widely used email clients, understanding how to protect sensitive messages is essential. In this guide, we take a look at how you can send secure emails in Outlook, what encryption methods it offers, and the best email solution for securing emails.

Because Outlook is owned by the Silicon Valley big tech, Microsoft, many question if it is actually possible to send confidential emails from this provider - and this is a fair concern since in Outlook emails are primarily encrypted using TLS encryption. If you’re an Outlook mail user, you might want to send a secure email, particularly for business email. In this case, it’s recommended to use a best business email provider.

As email and security experts, we at Tuta Mail are here to help and answer all your secure email sending questions in this detailed guide!

And, if sending a secure email via Outlook is too technical to set up or too expensive now that Microsoft is increasing its 365 plans from July 2026, we will also briefly look at alternative email providers that offer built-in encryption.

🎬 Watch how to send a secure email in Outlook, Gmail and Tuta Mail on Youtube.

Claim our Birthday Deal:

Sending emails securely requires end-to-end encryption

Outlook offers different encryption options to make sure that nobody can monitor your confidential messages. But before we jump into the steps of how to send a safe email in Outlook, it is helpful to understand the different types of encryption and to know what the best option is to secure the entire email.

-Mails sind wie Postkarten. Senden Sie vertrauliche Informationen per E-Mail nur mit Ende-zu-Ende-Verschlüsselung! -Mails sind wie Postkarten. Senden Sie vertrauliche Informationen per E-Mail nur mit Ende-zu-Ende-Verschlüsselung! Emails are like postcards. Send confidential info via email only with end-to-end encryption!

It’s necessary to encrypt confidential messages – with proper end-to-end encryption, not just Transport Layer Security (TLS). When encrypting an email end-to-end, the encryption algorithms scramble your texts into unreadable data that only the recipient can decrypt and make it readable again. By using encryption to secure your Outlook emails for personal or business use, you make sure that nobody can monitor your emails.

When you send an email in Outlook or in Gmail, it typically uses its standard encryption, which is transport layer encryption (TLS) that today most email providers use to protect your emails while traveling the web. But beware: This is NOT end-to-end encryption.

There is a way to boost your security and use Outlook’s enhanced encryption to send more secure emails – but of course, encrypting emails in Outlook has a big catch: You need to have a paid subscription to encrypt emails in Outlook end-to-end.

Continue reading as we go more into detail on how to send secure emails and how to encrypt emails in Outlook – or to check out another solution that is completely free and uses quantum-safe encryption for emails!

Claim our Birthday Deal:

How does Outlook encrypt emails?

By default, Outlook uses TLS (Transport Layer Security) to encrypt your emails in transit. TLS creates a tunnel from email server to email server to make sure that no one spying on the web traffic can decipher your emails. TLS can be enhanced with other protocols like DANE, DNSSEC and MTA-STS as done by Tuta Mail, but it’s still only a tunnel for your plain text data.

Thus, TLS is not secure enough for truly confidential information as the tunnel that secure the data is decrypted every time the email passes a server, and then re-encrypted as it travels on. This opens a large attack vector to sensitive information and puts your privacy at risk. In addition, TLS only works if the email recipient’s email provider supports it as well.

As Microsoft said in their support page:

“with TLS, the message might not stay encrypted after the message reaches the recipient’s email provider”

– or at any server it is stored in-between until the email reaches the recipient.

So you might think your private, TLS-encrypted emails you send to your lawyer, doctor, or colleagues are secure and private but in fact, your email’s security with TLS is not good enough; the better solution is end-to-end encryption. TLS is not end-to-end encryption, meaning Outlook keeps the encryption key to your private emails so they have access to them, too.

Microsoft uses TLS encryption, because of this, third-parties can have access to your inbox.

End-to-end encryption in Outlook is paywalled

Outlook only offers proper end-to-end encryption to paying customers, so sending truly private and confidential email in Outlook is not possible if you have a free plan. There is a much better Outlook alternative: Tuta Mail. It is free to use for personal use, and has affordable business plans. In Tuta Mail, sending secure emails is easy because it uses end-to-end encryption by default.

While Microsoft claims that Outlook doesn’t scan the contents of your emails for ad targeting purposes, they have been caught working closely with US intelligence agencies, and they can collect and give email contents to third parties.

In addition to this, Microsoft has recently acknowledged that a bug in its Microsoft 365 Copilot enabled the AI assistant to access confidential emails, and worryingly, latest version of Outlook is causing mass concern amongst security and privacy experts.

In short, the latest version of Outlook shares the unencrypted content of your mailbox, calendar events, contact lists and even sensitive login information like your passwords with the Microsoft servers in the US - a huge risk to your privacy and security.

So you can use Outlook for “free”, but unfortunately if you want to use their enhanced encryption function, you’ll need to upgrade to a paid plan like the Microsoft 365 Family or Microsoft 365 Personal plan.

🎬 Watch how easy encryption works in Tuta Mail in this Youtube video.

The disadvantages of email encryption in Outlook.com

Encryption in Outlook has not only the downside of needing to pay for it, it also can’t be considered the most secure option and Outlook does not encrypt the subject line.

Downsides to the Outlook encryption protocol:

  • Outlook sends the passcode to access the encrypted mail to the same email address: If your account is ever hacked or compromised, the attackers can easily gain access to these encrypted messages.
  • The Encrypt & Prevent Forwarding option sets the illusion of extra security but someone can easily take a screenshot of the email and capture the private information that way.

Claim our Birthday Deal:

How to encrypt emails in Outlook.com

If you have an eligible paid subscription like a Microsoft 365 Family or Microsoft 365 Personal, you can encrypt your private emails by using Office Message Encryption (OME) on Outlook.com by following these steps:

  1. Open your Outlook email and compose your email as normal
  2. In the menu at the top of the email click the Encrypt button
  3. Select Encrypt or Encrypt & Prevent Forwarding

So senden Sie eine verschlüsselte E-Mail in Outlook.com mit Office Message Encryption (OME) So senden Sie eine verschlüsselte E-Mail in Outlook.com mit Office Message Encryption (OME) How to send an encrypted email in Outlook.com using Office Message Encryption (OME).

Note: Office Message Encryption (OME) is only available for paid subscriptions like a Microsoft 365 Family or Microsoft 365 Personal subscription.

How to open an encrypted email

To read or respond to an email that’s encrypted with OME:

  • If the recipient uses Microsoft 365, Outlook.com, the Outlook mobile app or Mail app in Windows 10, they can simply sign in, open the email and reply to it as a usual email.
  • If the recipient uses Outlook for Mac, Outlook for Windows or a third-part email app, they will receive an email with instructions on how to read the message.
  • If the recipient has a Yahoo or Gmail account, they can authenticate by using their Google or Yahoo account or use a temporary code.
  • For recipients with a different email provider like Tuta Mail, Outlook will send a temporary passcode to access and decrypt the email.

How to encrypt a single email

  1. Open a window to compose a new email
  2. Click File
  3. Go to Properties
  4. Click Security Settings
  5. Select the Encrypt message contents and attachments check box
  6. Compose your email as usual and click Send

How to encrypt all outgoing emails

If you decide to encrypt all outgoing emails by default in Outlook, you can compose emails as usual but the email recipient will need to have your digital ID to decode and view the email contents.

  1. Click File
  2. Choose Options
  3. Go to Trust Center then Trust Center Settings
  4. Go to the Email Security Tab
  5. Under Encrypted Email select the Encrypt contents and attachments for outgoing messages check box

Encrypting emails in the Outlook desktop app (S/MIME)

If you use Outlook mail from the Outlook desktop app and have the correct version of the app or a premium subscription, you can enable S/MIME encryption. S/MIME, short for Secure/Multipurpose Internet Mail Extensions encrypts emails end-to-end with user-specific keys so that only the intended email recipient can decrypt and view the email contents.

To use this type of encryption, you will have to enable S/MIME for Outlook and upload a personal S/MIME certificate from a certificate authority. Once S/MIME is enabled, you can encrypt all your emails in the Outlook app on your Windows desktop.

Note: Encrypting emails using Microsoft 365 Message Encryption (OME) is also available on the Outlook desktop app but for specific subscriptions.

How to encrypt with S/MIME

Before you can encrypt your emails with S/MIME, you will need to add a certificate to the keychain on your computer. Once the signing certificate has been set up on your computer, you need to configure it in Outlook. Here’s how to configure a signing certificate in Outlook:

  1. Go to File
  2. Select Options
  3. Select Trust Center
  4. Select Trust Center Settings
  5. Go to Email Security
  6. Under Encrypted Email click Settings
  7. Under Certificates and Algorithms, click Choose
  8. Select S/MIME certificate
  9. Click Ok

After configuring the signing certificate, you can compose your email as usual and select to encrypt it with S/MIME.

How to send a secure email in Outlook or Hotmail

To encrypt an email using S/MIME encryption from the Outlook app on Windows, follow these steps:

  1. Open your Outlook email and compose your email as normal
  2. Click Options
  3. Click Encrypt
  4. Click Encrypt with S/MIME

The recipient of the email also needs to have S/MIME enabled with a valid S/MIME certificate. If the recipient doesn’t have S/MIME enabled, as you click to send the email an “Encryption Problems” warning will pop up and you will have the option to either cancel the send, or send the email unencrypted – yes, we also think this process is complex and might give you a headache!

How to open an email encrypted with S/MIME

If the recipient has S/MIME with a valid S/MIME certificate, they will have no problem opening the email which is then decrypted. As mentioned, if the recipient doesn’t have S/MIME enabled, you won’t be able to send the email encrypted. Instead you will only have the option to send it unencrypted.

The downsides of encrypting with S/MIME

  • You need a paid Microsoft account that is eligible for S/MIME.
  • An administrator has to enable S/MIME: Setting it up is a technical task and not a simple solution to encrypting emails.
  • S/MIME has a centralized system of certificate authorities and can be compromised.
  • With this type of encryption, you can’t send encrypted emails to a regular Outlook account or another email provider that doesn’t have S/MIME support.

You can send secure email by default in Tuta Mail

Now that you’ve done your research on the complex and expensive options Outlook gives you to send a secure email that’s encrypted, we won’t be surprised if you want an alternative to Outlook. While Outlook makes encrypting emails a costly, time-draining ordeal, there are email providers that enable this by default.

If you’re wondering how to send a secure email or looking for the best practices for secure email communication, Tuta Mail is the solution. Privacy focused email providers like Tuta Mail, make sending secure emails easy and free - all you need to do is create a Tuta Mail account and get the mobile app available on Android, iOS, or Tuta Mail free desktop clients for MacOS, Windows, and Linux.

Tuta Mail ist die sichere E-Mail-Lösung von Millionen von Nutzern auf der ganzen Welt. Mit Tuta Mail können Sie dank der automatischen Ende-zu-Ende-Verschlüsselung standardmäßig sichere E-Mails versenden. Tuta Mail ist die sichere E-Mail-Lösung von Millionen von Nutzern auf der ganzen Welt. Mit Tuta Mail können Sie dank der automatischen Ende-zu-Ende-Verschlüsselung standardmäßig sichere E-Mails versenden.

Tuta Mail is the chosen secure email solution of millions of users around the world. Tuta Mail allows you to send secure emails by default thanks to its automatic end-to-end encryption.

In Tuta Mail only the sender and intended email recipient can view the email – not even Tuta employees have access to this content. Nobody can monitor your emails, instead your privacy is respected 100%.

Tuta Mail is fully open source, uses end-to-end encryption by default, offers two factor authentication (2FA), has phishing protection and session handling. In addition, Tuta is created and run from Germany, a great location for data protection, operating under the GDPR, fully adheres to all EU standards and sets a high standard for email privacy and security – one big tech email providers like Gmail and Outlook will never provide for free!

It’s time to delete Outlook, and get end-to-end encryption by default with Tuta Mail.

Illustration of a phone with Tuta logo on its screen, next to the phone is an enlarged shield with a check mark in it symbolizing the high level of security due to Tuta's encryption.