Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. Using complex algorithms, a message is transformed into an illegible string of characters. The only way to transform the message back into original format is using a unique encryption key.
End-to-end encryption for Proton Mail users
Proton Mail uses asymmetric encryption to encrypt and decrypt messages you send and receive. Also known as public-key cryptography, messages are secured using a keypair consisting of a public key and a private key.
Emails are encrypted using the recipient’s public key, and can only be decrypted by the intended recipient using their matching private key. This provides end-to-end encryption (E2EE), meaning that only you and the intended recipient can read emails sent in this way.
All email messages you send to other Proton Mail users are encrypted like this. When a Proton Mail user sends a message to another Proton Mail user, the message is automatically encrypted with the recipient’s public key. When the recipient opens the email inside their mailbox, it is seamlessly encrypted in the background using their private key.
The blue lock icon indicates that the message is end-to-end encrypted.
If the correct private key needed to decrypt the message is not present, you will see a Decryption error. This happens when you have reset your password(new window).
If you find or remember your old password after a password reset, you can reactivate your old encryption keys to restore messages in your mailbox(new window).
Emails sent to non-Proton Mail users
It is also possible to send end-to-end encrypted email messages to non-Proton Mail users. If using PGP(new window), emails are secured in the way described above. It is also possible to send non-users E2EE emails using our Encrypt for non-Proton Mail users(new window) feature. This secures email messages with a password.