If you’re using ProtonMail, there are a few things you can do to help protect your messages from being accessed by anyone who knows how to decrypt them. First, make sure that your ProtonMail account is set up with a strong password. This will help protect your messages from being accessed by anyone who knows how to crack the password. Second, make sure that you’re using the latest version of ProtonMail’s encryption software. This will help keep your messages safe from anyone who can’t read them. Finally, be sure to regularly check your email and message logs for any suspicious or unauthorized activity. If you see anything that looks like it might be related to someone trying to access your messages, please report it to us so we can take appropriate action.


Pretty Good Privacy, or PGP for short, lets you lock your email messages so that only the intended recipient with the key can view them. ProtonMail is one of the few email services that supports this feature without any extra software.

How Does PGP Work?

PGP works using public and private keys. To send an encrypted message to someone, you’ll need to know their public key. Signing your outgoing message with their public key allows them to then decrypt it with their private key. End-to-end encryption makes it nearly impossible for anyone to intercept your message. As the name suggests, you should never reveal your private key to anyone.

Using PGP in most email clients requires the use of additional software (like FlowCrypt or Mailvelope) to handle the decryption and encryption process. But ProtonMail already supports OpenPGP natively, which means that you can set it up for use with specific email addresses and then forget about it.

You can use PGP with a free ProtonMail account or a paid one—either way.

RELATED: What Is ProtonMail, and Why Is It More Private Than Gmail?

Step 1: Share Your Public Key

To set up secure email communication via PGP, you’ll need to exchange keys with whoever you’re communicating with first.

If you haven’t already done so, sign up for a ProtonMail account and sign in. Click on the “Compose” button in the top-left corner of the screen to begin writing a new email. Enter the address of the recipient for whom you want to establish encrypted communication.

Next, click on the “More” drop-down icon and make sure that “Attach Public Key” is checked. You can now add a message to your email body, notifying the recipient that your public key is attached. You can automatically attach your public key to all outgoing mail under Settings > Security by enabling “Automatically attach public key” under PGP Settings.

Step 2: Trust Your Contact’s Public Key

Next, you want the person you’re communicating with to share their public key. How they do this ultimately depends on how they’re using PGP, but it will take the form of a small file attachment. When you receive this email, ProtonMail will notify you that a public key is attached and ask you to trust it.

Click “Trust Key,” and make sure that “Use for Encryption” is checked in the pop-up that appears. This will register the public key alongside the email address that sent it.

If the recipient sends you the public key via another means, you can click on “Contacts” at the top of the page and create a new contact. Use the same email from which the key was received, and upload the file you’ve received. Again, make sure that you select “Use for Encryption” so that you can sign outgoing mail.

Now Communicate Securely!

With keys exchanged and your address book updated with the right keys, you should now be able to communicate securely with your contact. You’ll need to repeat this process for any other contacts you wish to use PGP with. This process is likely why PGP remains a relatively obscure (but effective) encryption tool.

ProtonMail will automatically encrypt and decrypt messages if you have set up PGP correctly. You can tell that a message has been encrypted via PGP if you see the green padlock icon in the “From” field (Mail from other ProtonMail users is signified by a purple padlock.).