Quick Links

The Internet makes it easier than ever to communicate with others. Within seconds, you can be chatting with someone on the other side of the planet. But what if you want to communicate or send files privately? You need to make sure that you're using encryption.

Encryption 101

Encryption, at its most basic, involves obfuscating information so that it cannot be read by anyone other than an intended recipient. An extremely basic example of encryption is assigning every letter of the alphabet a number --- like a = 1, b = 2, c = 3, et cetera. You can then represent words as strings of numbers, and someone who didn't know what you'd done wouldn't be able to read your message!

Of course, that encryption algorithm is quite simple and easy to crack, but you can easily add complexity by shifting the assignment of letters and numbers around, adding nonsensical characters, and other things like that. Encryption methods of that sort have been in use for thousands of years.

Related: What Is Encryption, and How Does It Work?

Modern encryption algorithm operate on similar conceptual principles, though the implementation is vastly more complex by necessity. Computers are excellent at the kind of brute-force guess-and-check approach that is often needed to decipher encrypted information. Luckily for all of us, it has proven easier to create new encryption algorithms than it has been to create computers powerful enough to break them.

The strength of encryption depends on more than just the robustness of the algorithm, though. How you use encryption matters.

Let's say you're messaging someone using an app installed on your phone. The message is sent from your phone, to a central server, and then forwarded on to the recipient. If the message is encrypted while moving from you to the central server, and then from the central server to the recipient, the message is said to be encrypted "in transit." In transit encryption is better than no encryption, but it means that the information you send may be readable by the central server.

Related: Why You Should Use Peer-to-Peer Messaging Apps

A more secure option is end-to-end encryption (E2EE). End-to-end encryption ensures that the information is encrypted by you, and can only be read by the intended recipient. No middleman can ever read the information you're exchanging. It isn't foolproof though --- if an endpoint becomes compromised, your data will not be secure.

Here are a collection of services that can be used to send end-to-end encrypted emails, messages, or files. All of the services listed here have been audited by third parties, so we can be relatively sure that they're secure.

ProtonMail (Email)

ProtonMail is a secure email service based out of Switzerland. Everything you upload is stored encrypted, and emails you send are end-to-end encrypted. ProtonMail offers a few different tiers --- a free account gets you a gigabyte of storage, a single email address, and 150 messages per day. If you pay for a premium account, you get more storage, access to more email addresses and a custom email domain, and unlimited messages.

Proton also publishes transparency reports, which outline how often they've been required to hand over data to the Swiss government.

ProtonMail account drafting an email.

Thunderbird With OpenPGP (Email)

Thunderbird is an email desktop client developed by Mozilla. It serves the same purpose as programs like Microsoft Outlook and Apple Mail, and can fully integrate with almost any email service you use, including Gmail, Hotmail, Yahoo, and ProtonMail, among others.

Related: How to Use OpenPGP Encryption for Emails in Thunderbird

Thunderbird has come packaged with Open Pretty Good Privacy, or OpenPGP, built-in since August 2020. OpenPGP is an encryption standard that allows users be sure of two important things: that the participants in an exchange are who they say they are, and that the information being exchanged is encrypted, and has not been tampered with in any way.

The Thunderbird Main Screen.

Signal (Chat)

Signal has become the defining app for encrypted, private communication. It supports text, multimedia messaging, video chat, and calls. Signal is secured using a robust encryption scheme called the Signal Protocol. The Signal Protocol itself has been audited repeatedly by third parties, and has consistently received good marks. A history of good performance doesn't guarantee that the encryption scheme will remain effective in the future, but it is a positive sign.

If you're looking for a privacy-oriented messaging app with all the bells and whistles we've come to expect, there is currently no better option than Signal.

Signal running on an Android phone.

Telegram (Chat)

Telegram --- as the name might suggest --- is another messaging app. Telegram supports voice and video chat, as well as regular text and multimedia messaging. It is important to note that you have to opt-in to the app's "Secret Chat" feature, but after that, all of your communications will be encrypted using their in-house MTProto protocol.

Related: PSA: Telegram Chats Aren't End-to-End Encrypted by Default

Telegram running on a cellphone.

WhatsApp (Chat)

WhatsApp needs no introduction. It is the most widely used messaging app in the world, boasting more than 2 billion users. WhatsApp has had end-to-end encryption enabled by default for all conversations since 2016. All of the services offered by WhatsApp are encrypted, including text messaging, multimedia messaging, and voice and video calling. They have even added the option to encrypt your backups, which ensures your conversations stay private, even if the backup should fall into malicious hands.

End-to-end encryption is not the end-all-be-all of privacy. WhatsApp changed its privacy terms in 2021 to a resoundingly negative response. While WhatsApp can't do anything with the content of your messages, it still collects metadata, and shares that metadata with its parent company, Meta.

WhatsApp chat screen example.

Facebook Messenger (Chat)

Facebook has never been the poster child for privacy, but that hasn't stopped it from making the occasional positive change. Facebook Messenger --- like WhatsApp --- supports end-to-end encrypted messaging using the Signal Protocol. That means that as long as the endpoints are properly secured, your conversations should remain private.

It isn't enabled in Messenger by default, however. You have to go into a conversation's settings to enable it.

Just because the contents of a message are encrypted doesn't mean that Facebook can't collect metadata about your conversations.

Related: How to Encrypt Your Facebook Messages with "Secret Conversation" Mode

Facebook Messenger App on Mobile.

Apple iMessage (Chat)

Apple's iMessage is immensely popular, and for good reason. iMessage has supported a host of advanced features for years, including chat reactions, reliable read receipts, and end-to-end encryption. It comes standard on every iPhone as the default texting app --- other iPhone users are famously blue, while all others are green. The color difference is more than cosmetic, it actually tells you some important information. Blue chat bubbles indicate --- among other things --- that the message was encrypted between you and the recipient over iMessage, whereas green messages have been transmitted using conventional SMS, which is notoriously insecure.

Related: Why SMS Needs to Die

The seamless integration of iMessage with the iPhone, combined with the bevy of features and end-to-end encryption make it an alluring app, even for Android users.

iMessage example showing pinned conversations or contacts.

VeraCrypt (Files)

VeraCrypt is a fork of the open-source project TrueCrypt. Veracrypt --- like TrueCrypt before it --- offers a simple and powerful way to encrypt everything from system drives to backup discs to individual files. It serves a very different function from the other applications listed in this article. Those applications are primarily designed to provide end-to-end encrypted communication, whereas VeraCrypt is designed to allow you to encrypt your files.

VeraCrypt works by creating a virtual encrypted disk that is mounted like a real hard drive. Once the encrypted virtual disk has been created, you can move and create files just like you would in any other file system. Once you're done, you can store the encrypted files for later, or transmit them, knowing that no one can snoop on what you're doing. You can even hide all of your data in a VeraCrypt Hidden Volume, if you want to be extra careful.

Of course, the file's recipient needs to have the VeraCrypt software installed and the password used to protect the file in order to open it.

VeraCrypt is much more hands-on than the messaging apps in this article, so getting started with VeraCrypt takes a bit more time.

The VeraCrypt main screen with an encrypted drive mounted.

While there are a lot of services out there promising to securely transmit messages, the above ones are the ones we recommend and trust. Some options like Gmail's "confidential mode" aren't actually as secure as you might think, while we recommend avoiding lesser-known services that don't have a strong track record and reputation for privacy and security.