If you want to send a secure, end-to-end encrypted email to someone who isn’t on Proton Mail, the easiest way is to use a Password-protected Email. You can also use PGP encryption if the person you’re writing to uses it.
With Password-protected Emails, the person you’re writing to receives an email telling them they’ve been sent a secure encrypted message. To read the message, they must enter a previously agreed-upon password.
Here we explain how to read and reply to Password-Protected Emails.
How to open and reply to Password-protected Emails
To open and reply to a Proton Mail Password-protected Email:
1. Click the Unlock message button in the notification email you’ve received.
2. Enter the password previously shared by the sender and click Read message.
3. The message will be decrypted in the browser of your device for you to read. No one else can read the message.
By default, all emails sent in this way automatically expire after 28 days, but the sender may have adjusted this time. When you open a message, the time left before it expires is clearly shown.
4. You can then write and send an end-to-end reply to the message by clicking Reply securely.
You can format your email using the formatting options and include an attachment by clicking on the paper clip icon. Any attachments you send will also be end-to-end encrypted.
Because this is a free service, and to prevent abuse by spammers, you can only reply to each email a total of five times.
You can always create a free secure email account to enjoy the benefits of encrypted emails sent between Proton Mail accounts without reply limits or the need for message-specific passwords.
Are Password-protected Emails safe?
Proton Mail uses open-source encryption algorithms to secure emails with end-to-end encryption. This means the emails cannot be intercepted in transit or accessed by either Proton Mail or any other email provider. The only people who can read the messages are the sender and the recipient.
Proton Mail’s Password-protected Emails are safe to open, and it’s safe to click the Unlock message button. You can verify the authenticity of the secure email by making sure you’re connected to the official Proton Mail website (and not a phishing site). The domain name should be proton.me.
Furthermore, you can check the secure email’s header(new window) to make sure our DKIM(new window) and SPF(new window) records match what they should be. If you have any doubts, please contact our security team at firstname.lastname@example.org.