Email

In this section, we’re going to learn about good alternatives to Gmail, Yahoo!, Hotmail (really?), and other data-leaching email providers. Not sure why to quit using Gmail? Check the Google section of the guide for more info.

How to Pick a Secure Email Provider

In this section, we’re going to learn about good alternatives to Gmail, Yahoo!, Hotmail (really?), and other data-leaching email providers. Not sure why to quit using Gmail? Check the Google section of the guide for more info. The same can more or less be applied to the other services above, not to mention their frequent security breaches…

What Is an Email Provider?

Unless you have a custom domain (website), your email provider is the @[xyz.com] part of your email address. Gmail is @gmail.com, Yahoo is @yahoo.com, Comcast/Xfinity is @comcast.net. You get the idea.

An email provider runs servers that process the sending and receiving of your emails. Your emails “live” on these servers, so you’re relying on the providers to be responsible with the data inside them.

What Is an Email Client?

An email client is an application that lets you view, download, and create emails. They’re the middleman, talking to the servers on your behalf. Most providers have web-based clients that let you login and view your emails wherever (think Gmail).

What’s Wrong with What I’ve Got?

If you use a provider that isn’t dedicated to encryption and security (no, a login password doesn’t count), then you’re at risk of getting your emails stolen in the event of a hack. It’s becoming increasingly common for services like Yahoo! and MSN to get hacked and lose millions of users’ data. Don’t let this be you!

If your email account is compromised, the rest of your accounts are at risk! It takes about 2 minutes to reset a password via email… read more about good password practices and 2FA in the Passwords section of the guide.

ProtonMail

ProtonMail is a free, secure email provider located in Switzerland, underneath 1000 meters of solid rock. Here are some major benefits:

  • Switzerland has strict privacy laws, benefitting the user. Because your emails are hosted offshore, the US government has no way to request access, should they want to.
  • Your emails are secured with end-to-end encryption. ProtonMail cannot read your emails, and therefore can’t share the contents with third parties. Your conversations stay between you and the recipients.
  • They don’t keep any logs of your IP, or any personal information. Your email is anonymous.
  • Open source code. You can view and evaluate the entirety of the code on their Github
  • It works the same as any other email provider, with its own web-based client and secure mobile app.
  • Free for a basic account. If you need more storage and want some extra bonus features, you can pay a small fee to upgrade to a higher tier.

They can explain their service more, but this is a really easy way to email securely.

Thunderbird

Originally started by the Mozilla Foundation, the same group that created Firefox, Thunderbird is an open source email client that is packed with features and themes.

When you set up Thunderbird, you’ll connect your email providers and start receiving your messages there. You can add as many emails as you want, and have different rules, filters, and folders for each one.

Here are some features to consider if you’re wanting to increase your security even more:

  • Thunderbird supports various encryption protocols, read more about them here. The basic ones won’t affect your user-experience at all!
  • Digital Signatures that verify the authenticity of an email
  • Master email password to lock access to all email accounts
  • Cookie restrictions. Read more on cookies in the Internet Tracking section of the guide

All of these options are located in the Security Preferences panel of the settings/preferences menu.

What Do I Do with My Existing Email Providers?

You don’t have to delete them! You might be required to use Gmail for school or work (yuck), or you may just have lots of accounts linked to a certain email. Totally understandable. The point of this guide is to increase your security while maintaining ease of use.

  • Keep an email for junk mail and pointless subscriptions. Your current email provider (not Gmail though), can fill this role.
  • Transition your emails and accounts that require additional security (bank statements, professional emails, etc.) to a secure provider like ProtonMail.
  • Clear out any emails you don’t need anymore, and delete these from your provider’s server. You can usually do this through their web-client.
  • Have your new email client delete emails from the server when they’re deleted locally. This ensures a deleted email is truly deleted, instead of sitting on a server somewhere.

Recommendations

Providers:

Clients:

  • iOS: Use the default Mail app that comes with iPhone. Don’t enable Cloud Backups
  • Android: AquaMail Pro. The free version tracks you for ad purposes, but the paid version (~$10) removes this capability
  • PC/Mac/Linux: Thunderbird

You’ve now got yourself a shiny new email service that’s protected against snooping eyes! May you email in peace.

Don’t Stop Here

Learn More!

Intro

This free security guide is the culmination of 2 years of intensive research into the security risks of the modern digital life.

All the advice in this guide has been personally tested and verified to be accurate.

The Need for a VPN

Imagine this: You’re in a coffee shop and they have free (unsecured) WiFi. You can browse without needing a password, but so can everyone else. With the right tools, anyone could intercept your data. An easy (and cheap) way to prevent this, is the use of a VPN.

Search Engines

Need to know the definition of something? Look it up. Looking for the best Italian restaurant in Manhattan? Look it up. You get the picture.