Best secure and private email services review – guide to Gmail alternatives and encrypted email

If you search for private email on google,
you’ll get this nonsense. Bunch of spam, scam, false advertising and
maybe one or two real suggestions hidden in the mess. I guess the only positive result is that they
don’t rank gmail as neither private nor secure email provider, ‘cause that would
be gross. When you use Gmail, Yahoo or Hotmail, your
messages are sent as postcards, visible for everyone to catch, read, and store, as they
make their way transferring the Internet. However, your email messages should be treated
as letters in envelopes, where only senders and receivers know about their content. Isn’t every email secure? No. Encryption forbids the business model of the
tech monopolies like Google or Microsoft. If they encrypted your mailbox, they couldn’t
read your gmail or hotmail messages and send them to the advertisers for targeted manipulation. Only ethical email providers that don’t
require you to pay with your private data for using their services also give you secure
email accounts. I want to make this easy to follow guide to
private email providers so that you, dear Internet citizen, have several options of
private, secure, and encrypted email accounts to choose from. You know, just like the free market should
actually be without monopoly abuses. Even though Google, Yahoo and Microsoft don’t
want you to know it, there are plenty of gmail/yahoo/hotmail alternatives that keep your messages private
and secure from prying eyes of advertisers and governments. Email communication is personal and should
be completely private. When Gmail takes your private email messages
to make profit off of you, they are exposing your data to hackers, cyber criminals, identity
thieves, and governments around the world you can’t trust. When your email provider gets hacked, like
Yahoo did couple of years ago revealing data of its billion users, you should know about
it immediately and not after your login credentials have been on sale on the darknet for three
years. You should not be required to have a blind
faith in your provider, but the code of the service you use should be available to public
to audit it for any potential backdoors, bugs, and security issues. Even if you don’t have the technical knowledge
to participate in the audit, you can at least rely on a community consensus rather than
just a single centralized company. Your private data should be protected. And that’s why I am here. In this guide to private and secure email
services, I am hoping to make it easier for you decide which service to switch to based
on features and functionalities they offer. Vetting process for all email providers to
make it into this list includes the following features: free basic entry for account creation,
end-to-end encryption using asymmetric public key cryptography, public cause and activism,
anonymous sign-up. There exist other features, in which providers
listed here differ – do they own their domain? Can you pay with a cryptocurrency for premium
plans? Do they have a mobile app? Do they support IMAP or POP for account exports
to use their emails on a mail client (like Mozilla Thunderbird). Can you sign in through tor with an onion
link? What account verification do they require? How user friendly is their interface? What other features do they offer? I am going to talk about these features in
all four cases, but I am not going to make any judgments about their email services. It’s up to you to make your choice based
what you consider most important with your email provider. Asymmetric encryption is the one where users
generate two keys to encrypt their data – a private key, and a public key. When someone wants to contact you securely,
they use your public key to encrypt the message. To read the message when you receive it, you
decrypt it with your private key. Since public keys are available to everyone,
you need to make sure nobody tried to spoof your identity using your public key to impersonate
you and communicate with your contacts. To do that, you can encrypt the message using
your contact’s public key, and then additionally sign the encrypted message with your private
key. Your contact receives the message, and then
verifies your identity by pairing the signature encrypted by your private key with your public
key available to them. In case of a match, your contact then proceeds
to read the message you encrypted with their public key, by decrypting it with their private
key. You can either manage these keys yourself,
which means each time you want to securely communicate with a new email account, you’ll
need to manually exchange public keys between one other. This gives you maximum security because only
you have the access to your private keys to unlock your messages. It’s a slower and less convenient method
but certainly more secure. If you want to sacrifice a little bit of security
for significantly more convenience, you can turn to these email providers that offer various
implementation of end-to-end encryption. The good news is that you don’t need any
technical knowledge. You don’t even need to understand public
key cryptography I tried to briefly explain before. The manipulation of your email account is
the same as with gmail. You still have a private account that only
you can access and only you can read the messages from. The only trade-off is that private keys are
copied to the providers’ servers to decrypt your messages when you log in. To maintain the end-to-end aspect of encryption,
the private keys are locked by your password that these private email services cannot access. If you forget your password, only access to
your account can be recovered, but all your messages will discarded forever. If you made your password strong enough, even
if the government requests access to your account, they won’t be able to read your
messages. They can’t ask providers for password recovery,
because that would destroy the data. You have to trust these providers that they
protect your keys properly. Fortunately, it’s not entirely a blind faith. All of the email services listed in this video
have published their source codes, to make a global audit that reviews the authenticity
and security of their webmail possible. The first private email we are going to look
at is Tutanota. Tutanota is a free and open source email service
based in Germany. The name stems from Latin and translates as
“secure message”. The service offers intuitive, minimalistic
and natural webdesign. It’s only an email service so there is nothing
else in your way – no external links, no advertisements, no flashy javascript. Tutanota lets you create your secure email
anonymously. No personal information are required, no need
for any contact details for verification. I signed up for Tutanota email through Tor
and they still didn’t require any verification. Just type your email, create a password and
you are good to go. Not so quickly. Every email provider needs to have a good
captcha verification to prevent spammers from flooding their servers. I really love that they didn’t ask me to
mark all pictures with store fronts. I was a bit surprised they asked to me to
read a clock. Which was trivial to me and I did it on first
try. When your account is created, you just type
in your password one more time and you are logged in. But because I created such a great username,
my account got flagged as spam and needed additional 48 hours for Tutanota to verify
it. I did try to create a second account with
a more valid looking name to see if this is a bug or not, and Tutanota created my account
with no extra steps or getting caught in the spam filter. Overall, Tutanota user experience feels very
nice and smooth. Intuitive, logical, nothing new to learn. This is exactly what a privacy email alternative
should look like. The basic option is 1 GB of free space that
you can devote to your emails and contacts. Tutatona offers you a premium version and
several options to purchase more space or aliases. You’ll have to sacrifice some anonymity
because as of making of this video, Tutanota doesn’t accept bitcoins. Which is weird because they do have a bitcoin
wallet if you just want to donate. As you can see the website is easy to navigate
and requires pretty flat transitioning curve. There is also a mobile app for android and
iOS, which is still in development. Tutanota doesn’t allow you to export your
public key so you won’t be able to exchange encrypted messages with external users. Also there is no IMAP support so using mail
client is not going to be possible. However Tutanota is planning to add PGP support,
2FA, encrypted calendar and encrypted cloud storage. It’s possible to send encrypted messages
via Tutanota’s application to external accounts. You first set up a contact and enter a password
that your recipient needs to know before you send an encrypted message. As soon as you hit send, your contact will
receive a notification email with a link that will direct them to a secure application of
Tutanota, where they can read and reply to your message confidentially, with end-to-end
encryption. This allows you to send encrypted messages
to any email account, be it gmail, yahoomail, or Protonmail. Just make sure they know a correct password
to decrypt the messages on their browser. Tutanota can be a trusted company as they
don’t make any revenue from advertising, but rely solely on premium membership and
donations. The security of their encryption is so hardcore
that they are not even able to recover your password. Which is something to keep in mind when transferring
to this email provider. Next encrypted email service is provided by
mailfence. This is another end-to-end encryption email
service but unlike Tutanota, Mailfence supports OpenPGP so that you can manually exchange
encryption keys independent from Mailfence servers. This is, of course, an extra security step
because you are in full control. But I’ll leave it up to your judgment whether
you want this much control, or could bring yourself to trust a company with protection
of your data. Mailfence is based in Belgium, which generally
offers stronger privacy customs than any of the 5 eyes countries. The website’s interface is also simple and
clean-looking. Right in front it asks you if you want to
sign up for a secure and private email service. You can click the blue button, but if you
click “No”, it will take you to gmail sign in page. Yeah, cryptographic nerds are brilliant trolls. Upon sign up, mailfence will require you to
provide them with a verification email, where your activation key will be sent. I prefer methods where you can create your
email without the need to tie it with your other accounts. If someone would want an anonymous email account
on mailfence, they would need to have some other anonymous email already created. Email is the only verification they need so
they don’t necessarily require to fill in all your personal details. It’s a privacy and not anonymity service
after all. After you sign up and log in for the first
time, you get to fill in some information about you and get to know your new mailbox. User interface of mailfence webmail application
looks a bit like from mid 2000’s, and not exactly as friendly as today’s websites
trying to attract the most brainless user base possible. Mailfence puts in you full control of your
encryption. You can generate your own keys directly in
the settings of your mailbox, or you can use a third party and upload them to mailfence. If you are new to email encryption, you can
learn it by following Mailfence’s guide. It’s not too complicated, just requires
some extra steps from you to learn. Mailfence is not just a private and secure
email service. It also provides calendar and file storage
where you can save your documents or encryption keys. Basic account will give you 200 MB in messages
and additional 500 MB for documents. You can upgrade for 5 and 12 GB plan with
unlimited calendars and contacts, or get a pro account with 30 GB in messages and 24
in documents for only a little over 8 bucks a month. The best thing is that you can pay with bitcoins,
so if you set up your account with an anonymous email address, you can still remain anonymous
by paying in cryptocurrency. Another option is
This company offers various services and webmail is just one out of many applications. As you can tell disroot is trying to go about
their experience different way. It looks like they are trying to attract people
who can’t afford not to use encryption – like journalists, reporters, activists, political
refugees and so on. Disroot is one of the two services on this
list that similarly to mailfence, enables you to use third party mail clients via POP
or IMAP to store your messages locally. Disroot is an encrypted email service with
SSL and TLS to transfer your messages as “envelope” and not a “postcard”. Singing up is not difficult either. You don’t even need to supply any additional
account. There are security questions to secure your
new address. I personally don’t like this method because
many answers to the security question can be easily social engineered by reading your
social media profiles. If they want to keep this method, I would
suggest they allow you to make your own questions rather then use the most easily guessable
answer to the question – “what’s your mother’s maiden name”. After my account was successfully created,
it prompted me to a dashboard, which kind of confused me because I wanted to see my
mailbox and this wasn’t it. Then I realized I have to use disroot’s
main page and use the login button. Design of their webmail is by default actually
very elegant and sleek. You have all the features disroot provides
you one click away. I am also surprised that despite being fairly
new, their interface is translated to so many foreign languages. Like actual mailbox, and not just main website. Protonmail should definitely take notes here. You are allowed to make some basic customization
and create filters for your inbox. Themes are a nice feature to have that personal
feel with your email. Something I didn’t see much with other private
emails. For server side encryption, disroot uses GPG
encryption where you are not in control of your keys. If you want that extra security and are willing
to trade some convenience, you can generate OpenPGP keys and manage your encryption manually
on a desktop mail client. Disroot gives you access to a range of applications
like calendar, file storage and other stuff, which I am not going to get into because this
is about mail security and privacy. You can check it out yourself and see how
disroot’s offer balances against other secure email providers in this video. Disroot gives you option to enable second
factor authentification, which is another great feature. You can view your activity, which can also
be useful to observe any potential breaches. And Calendar looks very nice too. Final offer on the list is Swiss based encrypted
email service made by Protonmail. Developed by scientists from CERN and MIT,
Protonmail offers top security and privacy in their end-to-end encrypted webmail application. Protonmail has simplicity without sacrificing
security in their core. And they really do a good job. Setting up your email account cannot be any
easier. Pick a username, create a password, avoid
recovery mail option if you want to stay hidden. I used tor to sign up for a protonmail account
to see if they cheat me and require some personal identification but I was not disappointed. There are several options to choose from – either
email, SMS, donate or CAPTCHA. Protonmail now takes bitcoins if you want
to support their service and stay anonymous. But if you can’t do that for some reason,
CAPTCHA is also an option. A lot of CAPTCHA in this case. But you’ll get there eventually and your
account will be created in no time. Right of the bet, Protonmail will greet you
with four messages. This may be annoying to someone, but from
my perspective, it gives me nice first look at my new mailbox and I can actually start
interacting with it, while being guided with this Protonmail tutorial. It boots up with vertical layout by default,
but you can switch to horizontal with one click from your inbox, without going to the
settings tab. I think that’s pretty neat. With 500 MB of inbox data for free, you are
given tons of features. You can sort your mailbox with labels. In the settings menu, you can menage your
protonmail subscription to notify you about important information regarding their service,
and tweak some other webmail actions. Protonmail offers two-factor-authentification,
but you can also create separate mailbox password. This way when you want to sign in, you are
going to have to enter your login password to access your account, and then mailbox password
to decrypt your messages. If you loose your mailbox password, you can
still access your account but your messages will be discarded. To upgrade from basic, there are several premium
options as well as option to buy ProtonVPN. While their VPN might have some credible merits,
good security practice is to avoid having all eggs in one basket. A rule that so many sys admins ignore in today’s
times. Do with that information whatever you will. You can upgrade your storage, addresses, make
a custom domain, and get some extra features like filters, autoresponder, and more. You can pay for all this nice things with
bitcoins. There are other features and pros and cons
to every private email I mentioned here. If I didn’t get to some of them that you
might think are important, tell us about them in the comments. This video aims to make a simple guide to
the best private and secure email providers that Internet citizens can switch to as alternatives
to gmail or hotmail. I hope I helped you make a decision on which
service to choose from. You can adjust your choice according to your
needs. Even if you don’t opt in for an NSA-proof
alternative where you manage your encryption keys independently from your provider, webmail
public key encryption is good enough if your goal is to combat mass surveillance. When a provider offers end-to-end encryption,
no government can just step in with a court order and request all user information. They would have to break in, make more steps,
narrow down their collection to a smaller unit of targets instead of dragging everything
in bulk. In short, these private and secure email providers
make government surveillance and bulk collection uneconomical. Too expensive for an intelligence agency to
break into. And that’s our goal of the privacy advocates
community. If you are looking for unbreakable communication,
then webmail interface is not for you. In that case you’ll have to do more to remain
secure. For general privacy and combat against mass
surveillance and invasive advertisers, you can still kick them in their teeth with end-to-end
encrypted email providers featured in this video. I hope you enjoyed this guide to secure and
private emails and if you do, help me by engaging in the discussion and clicking the like button. If you leave a comment or like, my videos
will rank better and will be discovered by more people, spreading the message for better
privacy on the Internet even further. Thank you for watching and subscribe for more
coverage of cyberspace and digital freedom in the future.

100 thoughts on “Best secure and private email services review – guide to Gmail alternatives and encrypted email”

  1. YouTube doesn't promote my videos. I guess we can all guess why. But there is so much more that needs to be done. If you'd like to support my channel and help make these videos possible, you can sign up for NordVPN at or use my coupon code 'thehatedone' at the checkout to save 66%. NordVPN will help you protect yourself on the web and you'll be able to safely bypass censorship. Thank you for all the support.

  2. This is interesting, and I am confused. If I sign up for one of these encrypted e-mail providers, and I mail my friends who still use Gmail or others, will they just receive a normal mail with text/pics, or did you say they will get a link to go somewhere to read and reply? If so, that is totally cumbersome and most people won't do it..

  3. Don't get me wrong. All these privacy services are great but its a fucking shame we have to pay for the privilege of privacy. Fuck this Orwellian world.

  4. You're a brilliant man and fully informed. Thank you for sharing in such a concise and to the point making a really good video. Thank you.

  5. I just found your channel a few days ago… Amazing… I have been using BlueHost as a hosting site, and e-mail provider for some time… As I understand, this is not a secure way to communicate, esp. if I use "Outlook" to read and write e-mails…. Or am I far off track. I will definatly switch to the tor browser in addition to using VPN.. I had considered IPVanish, but perhaps Nordvpn would be a better choice, as I understand they support your efforts. Thanks

  6. Which of these email stay alive the longest? I had providers delete my account only after a few months of inactivity. This is the reason why I still use Gmail for my less used accounts.

  7. the idea that I could actually find someone let alone a gtoup of people who want to receive and send encrypted message, is almost as prepostorous az the idea of one true love.

  8. I wanted to change mail and i had found some really bad things about Protonmail and Tutanota. These services may suspend your account or even delete it. I wouldn't trust them.

  9. What's with the illuminati pyramid (mountain) logol on Protonmails' website?? The same with with mailfence website logo a shield full of stars and full of pyramids. Of similar interest I was also looking at Linux server distributions the other day (I think it was uBuntu) and noticed their dinosaur logo with at least 2 distinctive pyramid shapes in the dinosaur logo. You mention to help support your channel by clicking on NordVPN who advertise as being Panama based and yet they collect payment via USA, sure they give some excuse that money has to be transferred via USA etc and yet what is their logo?? A mountain in the shape of? Yes you guessed it, a pyramid. Maybe I am being paranoid but I don't trust the "supposed trusted" websites and companies over the net as in my opinion none of them can be trusted as 100% authentic.

  10. This is more hard core than what I'm looking for I just need a second email for job applications so I can keep my work email separate from my verifying that I'm a real person email.

  11. I have been ripping my digital band-aid off for years trying to figure out how to stay anonymous on the web. Your videos have been helping. Keep doing what you do and spreading that big tech needs to go and cannot be stood for anymore.

  12. I have been enjoying your vids and learning a lot.
    This one brought up something that I feel I can offer as a tip that I use and teach in my privacy class.
    When it comes to security questions, you’re right that if you answer them, someone could potentially look up the answers.
    IF you answer them honestly.
    I tell my students to lie and lie bigtime!
    It can be even easier to remember a huge lie than whether or not you capitalized your best friend’s name.
    Q: Who was your best friend in high school?
    A: LawrenceofArabia

  13. I would really like to switch but I belive that Gmail offers the best protection for my data that I fear to loose in case of a hack and yes I know that everything can be hacked because I am into such stuff

  14. is there a local option available with just as much security (the email version of Tox)??
    I almost never shut my PCs down, and explicitely use linux, so I'm not worried about malware attatchments automatically running.
    heck, even if I do get one, I have Comodo to back me up and quarantine it 🙂
    if you've already made a video on this, please link me to it because youtube gae 😛

  15. I am starting to look into switching into a more secure all around way of doing that. Your vid's are very helpful. I have a 2011 Macbook air and a pc desktop with Windows 10 home. I use for chat, email privacy but I am beginning to see there is nothing totally private at my level of experience…

  16. tutanota will delete free accounts if you have not checked them in 6 months. mail fence has 12 months and 4 motnhs extra before your entire account is deleted.

  17. what are your views on riseup? I've been using it for a few years now and although it is a bit (well a lot really) lacking on the features it would appear to me like a good service. i did read about the fbi raiding the servers that they used a few years ago so i presume they were on us soil which is not the best.

  18. Disroot is ran by communists, who on earth would trust them? They'll sell your ass to the government the second you say there's only two genders, because then you're a fascist in their eyes.

  19. Find my email address and contact me information about our Facebook app address please share with google hangouts Facebook email app please help me use google hangouts Facebook email app please

  20. those companies needs hire ui/ux people, all looks like crap (the best is protonmail, all others looks like a joke).

  21. The funny part i want from getting a decent amount of likes and comments to zero and I noticed that because in the past two years I always had high amount of comments but the past year I drop to zero like I do not get any likes or response something is weird that YouTube is doing so I created this account my first comment got 150 Likes and 13 comment in couple of hours the next day I left a comment I got zero like they know who I am it’s like they have my Social Security my information where once I open a new account they know it’s me and that will put me on some ghost mode or dark shadow mold or mold that I won’t be seen anywhere

  22. Protonmail is asking me for email, sms or donate in order to create account. No captcha option available anymore .Why? I dont wanna give any personal info . Please help.

  23. Dear hated one I loved your videos but I have doubt over proton mail as it is made by cern scientists (cern is funded by really worst kind of people) plus most corrupted richest people of this world keep their moneys safe in Switzerland!

  24. Communists need to listen to your tactics on sabotaging the big data industry.
    ❤☭❤ Seize the means of communication ! ❤☭❤

  25. "And not exactly as friendly as today's websites trying to attract the most brainless user-base possible." I laughed out lout when I heard that. Too true.

  26. Great info here. thanks a lot for sharing your knowledge on security. Do you know if Mailfence encrypts the calendar and contacts as well? I could not find the info on their website.

  27. Funny how everyone is cursing gmail but uses the same to comment on YouTube, *cough* even the creator *cough*

  28. Is the Spark email client on my MacOS safe? Or should I use Thunderbird? Also is iCloud email safe too?

  29. I may have missed something but did you say that the people I email have to set up a Key? is that for every email they have to put in a key password?

  30. Seems like a lot of extra work. I'll go for the convenience, I use gmail because there's nothing I say in emails I would he ashamed of, maybe slightly embarrassed but that's ok. Nobody really cares that much about what I am doing. But if you want to use one of these "secure" services fine.

    How do you know they are secure? They release their code? Do you really trust them to release the code they actually use? How can you know what they use on their servers? Or is compiled in the download you get? Or do you download, the code, study it and compile it from source? If you do, great, go for it. Maybe sending secure emails is your thing, like a hobby. Then great, we all need hobbies.

  31. I was planning to go off grid because of the thought that my info was being breached from all the social media so thanks for this.!!!???

  32. I wonder if it would make a difference if I used the other site/app to log into my Gmail. it would be futile for me to try and switch now considering I use my Google account for nearly everything online

  33. Oh man I didnt know protonmail was made by people from cern. Thats kind of a red flag for me coz cern has a luciferian agenda. Dont put your eggs in one basket, be a skeptic and dont put all your trust in one company.

  34. I'm a fan of PGP but I haven't figured out a good way to exchange public keys with designated parties. What's the best way to do this? Great video!!!!!!! Thanks for posting!!!!!

  35. vis google app is totally open =no sign in at all any body could pick up the phone and see my mail
    =droid on orio i junked the app !

  36. 2:25 you say end-to-end encryption. No such thing exists if we talk about using the email in the browser, I'm sorry for you to hear the truth, but this is, how it really is.

  37. How about gmx? I had a gmx account couple of years ago but for whatever reason I couldn't be able to log in again.

Leave a Reply

Your email address will not be published. Required fields are marked *