Encrypt your OS X email and files the easy way

Encrypt your OS X email and files the easy way

Summary: GPG Mail from GPGTools protects your email from prying eyes by using public key encryption via OpenPGP. It's by far the simplest and easiest way to encrypt email (and files) on the Mac.


If you haven't been living under a rock for the past month or so, you're probably aware of the NSA's massive, ongoing internet surveillance program called PRISM. If you're a Mac user concerned about privacy, one of the best ways to protect it is to encrypt your email.

Encrypt your OS X email the easy way with GPG Mail - Jason O"Grady

Normally, the process to add encryption to the Mail program built into OS X involves obtaining and installing a certificate (a small file stored in the OS X Keychain that verifies your identity), then clicking on two new buttons that appear in a new email window when sending email from your verified account (you need a unique certificate for each email account you wish to encrypt). This Macworld article by Chris Breen goes into copious detail on the process. PC World also has an excellent article called How To Protect Your PC From PRISM Surveillance.

If that seems daunting, there's an easier way. GPG Mail is a new, free application for adding PGP encryption to OS X Mail. GPG Mail allows you to encrypt, decrypt, sign, and verify files or messages and manage your GPG Keychain with a few simple clicks.

Once you install the application, it will prompt you to generate a key pair and send your key to a key server. From there, it's simply a matter of launching Mail and composing a new email. Inside the new email window, you'll see a green OpenPGP button in the upper-right corner of the compose window, and two new lock and checkmark buttons that look like this:

Encrypt your OS X email the easy way - Jason O'Grady

You'll need the public key of the recipient, which you can retrieve by searching in the GPG Keychain Access application (or by importing a key that they send to you.) After that, simply enter their mail address in the To: field, and you'll be able to click on the lock icon (to encrypt the message) and click on the sunburst icon to digitally sign the message. The email that the recipient receives will look like this:

Encrypt your OS X email the easy way - Recipient Jason O'Grady

And that's it, you're done. If you have any questions or issues, just follow the Quick Start tutorial. In addition to encrypting email, GPG Tools also allows you to encrypt files via the OS X Services menu. For more on that, watch this screencast.

GPG Mail from GPGTools protects your email and files from prying eyes — in theory, anyway. (That new $2 billion NSA skunkworks in Bluffdale, Utah, has some massive computing power at its disposal.)

Do you use email encryption?

Topics: Apple, Operating Systems, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Very nice!

    I think there was a version of OpenGPG for OS X Lion Mail, but it fell out of circulation for a while. I'm pleased to see it back on the Mac.

    Of course, if everyone just added "jihad, bomb, IED" etc. to their signatures, then even PRISM would be overwhelmed!
    • Um, not really. Based on IRS

      Data, the most dangerous words are patriot, pro-life and Tea Party.
  • Good to encrypt your e-mail, but...

    Sorry, one can't post anything meaningful on this site. Had to junk it.

    Fix your SPAM filters!!!
  • I'd have to have a big opinion of myself

    if I thought the US government would even so much as acknowledge my existence, never mind spy on me!
    Laraine Anne Barker
  • What a massive waste of money and lives!

    The silly thing about Prism et al, is that any serious terrorists are going to be very, very careful about what they transmit. And as Boston demonstrated, the casual no-hopers will still slip below the radar. Meanwhile many thousands of people are being killed by the War on Terror.
    My thought is that we should all routinely include blocks of random characters within emails to tie up CPU cycles trying to decipher the indecipherable.

    bGPe9$1> aXtY0xfG q@mMcIof vg%GurN/jz kO0h,Ge9 15fpwmDs
    oTCrvwe7 nKgLnksT dfzZpVbs it#TheAmwm xB0u&Tr9 17scjzQf
    • I like it alot

      Excellent idea:

      Target: 32khoi9::!@ %&^()nmh ^*VI5ki
      Location: ^%(&)GH &%*(gkllhl ^*(&JHGL
      Time: &^(*&)hkl tiu^*)km