X
Tech
Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.

Close

How to encrypt email in Thunderbird (and why you should)

Here's how to protect your sensitive information from third parties.
Written by Jack Wallen, Contributing Writer
Woman sitting on couch with paper calendar and laptop
iStockphoto/Getty Images

I'm one of those people who depend on email communication. I have for years, and I cannot imagine I'll ever not rely heavily on email. As I communicate with different people, I have to do so in different ways. For example, with certain contacts, I have to share sensitive information. When that's the case, I tend to use encryption with my email. 

Why? Simple. Encrypting an email prevents a third party from intercepting a communication and accessing the information within. 

An unencrypted email could be very easy to view by a bad actor. The more sensitive the information, the more you should protect it, and there's no better way (when working with email) than to make use of encryption. 

Also: The best encryption software: Protect your data

Here's how encryption works:

  1. First, you set up encryption on your email client.

  2. Next, you import a public encryption key from a recipient into your email client.

  3. You compose an email to that contact for which you've imported the public key.

  4. Before sending, you enable encryption.

When you do this, only the recipient can read the email because they have the private key that matches the public key. Without that private key, the recipient cannot decrypt the email.

It's that simple. However, you do have to first set up encryption with your email client of choice. For me, that's Thunderbird. Thankfully, over the past few years, the Thunderbird developers have made the setup fairly simple. Let me show you how it's done.

How to encrypt email in Thunderbird (and why you should)

1. Open Thunderbird and go to the Settings window

The first thing to do is open Thunderbird. With the app open, click the three horizontal line menu button and then select Account Settings. In the resulting window, make sure to select the email account you want to work with.

Also: The 5 best encrypted messaging apps: Keep your chats private

2. Open End-to-End encryption

Click End-to-End Encryption in the left pane, and then click Add Key.

The Add Key button in the Thunderbird End-To-End Encryption window.

You must first create a GPG key to use encryption in Thunderbird.

Image: Jack Wallen

3. Create a new key

Select Create a new OpenPGP Key and click Continue.

The create and import OpenPGP key window.

Make sure to select Create a new OpenPGP key.

Image: Jack Wallen

4. Configure the GPG Key

Select the email address to associate with the key and then select an expiration date, key type, and key size. I would recommend going with Key does not expire, RSA for the key type, and 3027 as the key size. Once you've taken care of those options click Generate key. In the next window, click Confirm to generate the key.

The Thunderbird GPG key configuration window.

Make sure to configure you key as needed.

Image: Jack Wallen

Also: How to enable end-to-end encryption for Facebook Messenger chats

How to use encryption in Thunderbird

Okay, the next thing you have to do is import the public key for the recipient you want to send the encrypted mail. After you've acquired their public key, click End-to-End encryption for the email account in question (from within Thunderbird Settings), and then click OpenPGP Manager.

The OpenPGP Key Manager button within Thunderbird settings.

Accessing the OpenPGP manager from Thunderbird.

Image: Jack Wallen

From the resulting window, click File > Import Public Keys from File. Navigate to the key in question and import it. 

Now that you have the public key imported, compose an email to that recipient. In the compose window, you should see an OpenPGP drop-down. Click that drop-down and select Encrypt to encrypt the email. Also, when you type the email address of a recipient with an associated public key stored, you'll see an Encrypt button at the bottom right of the compose window. Click that button to encrypt the email.

The Thunderbird encryption drop-down in the compose window.

Encrypting a new email in Thunderbird.

Image: Jack Wallen

When the recipient receives the email, as long as they have the matching private key, the email can be decrypted and read.

Editorial standards