What is encrypted within Proton Mail?
Encryption is at the heart of what makes Proton Mail(new window) special. It provides a solution that is so easy to use, any one can enjoy it.
As discussed in our support article What is encryption?, encryption is critical to keeping your data safe. The message body and attachments(new window) are fully encrypted in Proton Mail.
Message sending
Emails sent between Proton Mail users
- Always end-to-end encrypted(new window).
Emails from Proton Mail users to non-Proton Mail users
- End-to-end encrypted if the Password-protected Emails option is selected.
- Otherwise encrypted with TLS if the non-Proton Mail mail server supports it (most providers, such as Gmail, Yahoo, and Hotmail, support TLS). Since these messages are encrypted, but not end-to-end encrypted, Gmail, Yahoo, Hotmail, and others will be able to read these messages and hand them over. This is not possible if you use the Password-protected Emails feature, which enables Proton Mail’s end-to-end encryption.
Emails from non-Proton Mail users to Proton Mail users
- Unless PGP is used, the email message is encrypted in transit using TLS and stored on our servers using zero-access encryption. It is not end-to-end encrypted, however, and might be accessible to the sender’s email service.
- It is possible to receive end-to-end encrypted emails from non-Proton Mail users using PGP. You should export your Proton Mail public PGP key(new window) and share it with contacts for them to communicate in this way with you.
Replies from non-Proton Mail users to Proton Mail Password-protected Emails
- End-to-end encrypted.
Message storage
- All messages in your Proton Mail mailbox are stored with zero-access encryption. This means we cannot read any of your messages or hand them over to third parties. This includes messages sent to you by non-Proton Mail users, although keep in mind if an email is sent to you from Gmail, Gmail likely retains a copy of that message as well.
- Password-protected Emails are also stored end-to-end encrypted.
- Subject lines and recipient/sender email addresses are encrypted, but not end-to-end encrypted.