Keep prying eyes out with encryption.
What you’re looking for isn’t unreasonable.
Sadly, it doesn’t exist. No part of the email standard deals with encrypting an attachment, so you’re not going to find an option in your email program to do so.
That doesn’t mean you can’t do it, though.
Become a Patron of Ask Leo! and go ad-free!
Password protecting attachments
Since there is no common, easy standard for securing attachments, add a password and encrypt the document before attaching it. Tools that use the “zip” format (like 7-Zip) are both secure and ubiquitous, making it easy for your recipient to extract the contents (assuming they have the password). There are more complex solutions that are more commonly found in corporate situations. Another approach is to use a ProtonMail account, which handles encryption well.
Flip the encryption script
What you’re looking for is something like this:
- Attach your document to an email.
- Tell your email program to encrypt it.
Step 2 doesn’t exist. So we do things in a different order:
- Encrypt your document.
- Attach the encrypted document to an email.
The net result is the same: your document cannot be accessed by anyone who doesn’t have the means to decrypt it (such as a password).
That does add one small complexity.
It would be nice if email supported some kind of standard encryption for attachments, but it doesn’t — not really.1
What that means is you and your recipient need to:
- Agree on what type of encryption to be used.
- Somehow share the decryption key securely so they can decrypt the attachment.
If that key is a password, you need to share it with the person you want to be able to view the document. You’ll want to share it separately (including it in the email defeats the purpose, after all), and via a different channel, like a messaging program, phone call, or text message. This prevents a compromised email account from allowing access to the encrypted document and its key.
What encryption to use
One of the easiest ways to password-protect a document is to use that feature within your document-creation tool, if it has one. For example, Microsoft Word lets you assign a password to a document that encrypts its contents. No one is able to open the document unless they can enter the password.
While Microsoft Office’s built-in encryption was once substandard, current versions are quite secure.
If you’re not certain about the quality of the encryption provided by the tool you use, or especially if you want to send more than one document at once, consider zipping them. Tools like 7-Zip let you combine multiple files (or just one) into a .zip file2 and apply a password. Doing so encrypts the resulting file. Bundling them all into a single zip file makes sending easier (it’s a single attachment) and decryption easier (extracting the zip file decrypts all the files at once).
More complicated solutions
Encrypting the entire email message is another approach. Unfortunately, this gets very complicated very quickly.
To begin with, there are two competing standards: mime and PGP. Depending on your email program, either or both may be available. Setup can be complex, and of course your recipient needs to be set up to handle the same standard. This can work well in corporate or other institutional scenarios where email is set up by a central authority.
In practice, it’s more work than it’s worth for most people.
One other approach
If you use ProtonMail, you can send encrypted email fairly easily. There are two scenarios.
- Email to other ProtonMail users can be encrypted end-to-end. It’s almost transparent because both sender and recipient are part of the same email system.
- Email to recipients that don’t use ProtonMail is delivered not as email, but as a link to a protected webpage on the ProtonMail servers. The recipient gives the password, and the email — including attachments — is decrypted and made available.
If you’re OK with that last scenario — requiring your recipients to visit a webpage to read your encrypted email — it might be the simplest solution of all.
Footnotes & References
1: Yes, I know the email format includes mime encryption, which I mention above. For the average user, however, it’s complex and impractical.
2: If you use the “zip” format (rather than 7-Zip’s default “7z” format), your recipient won’t even need a special program to open them. Zip format is supported directly by Windows File Explorer.
7 comments on “How Do I Password Protect Email Attachments?”
Yeah, I think you guys pretty much summed things up nicely. basically use 7-zip and encrypt the data in .7z format (which uses AES encryption) with a decent password/passphrase is probably one of the easiest methods off the top of my head that’s not too much effort to do and is something the average person could do.
but personally depending on how sensitive the data being sent is, I might just avoid sending it altogether online if doing it in person is possible. still, I get online might be easier and assuming online transmission is going to be done, and that the data is quite sensitive, I would just make extra sure the password is more than secure enough and easy enough to type. so probably use a Diceware (“eff dot org/dice”) passphrase of sufficient length (i.e. six word minimum) and maybe a little padding (i.e. for example… “##.word.word.word.word.word.word” ). but like I say it just depends on how sensitive the data being transmitted is on what kind of precautions one should take with the password/passphrase etc.
p.s. while .zip will be easier for the person receiving the file, I would probably opt for .7z instead as I heard .zip password protected files are a bit so-so security wise where as I think .7z is more secure. but I don’t know the details. but with this said, if what’s being sent a person is not THAT sensitive (like one just wants minimal protection as one would rather avoid someone seeing the data but if that data were to be seen by someone else it’s not really that big of a deal though) then one can probably opt for a password that’s minimally secure.
ZIP files used to be less than the safest for ZIPping, but using current tools — like even 7-Zip — the zip format is now what I recommend since decrypting it is also handled natively in most OS’s. Means it’s easier for your recipients, especially if they’re not as technically savvy.
There is an extension for Thunderbird that uses PGP encryption to protect the email. I found it relatively easy to install and set up. What I believe is next to impossible is to explain to my friends how to use it. :-)
There is one solution that everyone I know uses, even some who aren’t even aware they are using encryption. That solution is to use a messaging service like Signal or WhatsApp. They both send messages and attachments encrypted end-to-end and allow encrypted voice and video calls.
WhatsApp has an app you can use on your computer or you can access your WhatsApp messages directly from the Opera browser.
Everyone I know uses at least one of those messaging services, although there is one drawback. These services don’t work without having a smartphone.
Hi, could you do an article on PGP as mentioned in comments? I have it on Thunderbird but I’m sure other email clients have it to and it would be useful to know. Also as noted, how to explain it to the receiver!! Thanks!
The other part about encrypting documents to sent to people is, in the long term; should those documents be stored, password protected, on your own server/computer. You would have to devise a way to keep track of all the passwords in use in all the files! (You wouldn’t use the same password, right?). However to keep both encrypted and unencrypted files could double your use of storage. A dilemma! Or you encrypt, send, and delete the encrypted version. (?).
Thanks for a great article!
PGP uses a public key/ private key system where you exchange your public keys. Only the sender and receiver of the encrypted file can decrypt it.. It’s the receiver’s private key that decrypts the files, so there’s no need to remember anything more than the password which protects your private key. As for whether to keep the file encrypted after sending it or receiving id depends on how sensitive the information is to you.
The problem with PGP is that it’s too complicated for most people. You may learn how to do it, but try teaching that to every one you email and you won’t have any hair left :-) . A much simpler way is to use WhatsApp or Signal which use end-to-end encryption without having to take any extra steps. Those require both to have smartphones but there’s an app to use WhatsApp on your computer and the Opera browser has that feature built in. There are other messaging apps, such as Tox, which use encryption and don’t require a phone.
A couple of comments here:
1. As far as I know, MIME does NOT encrypt messages! MIME is a standard which allows the “attachment” of binary files via BASE64 encoding. This “encoding” is not secret; it’s simply a way of sending a binary file as text.
The feature Leo is thinking of — which does encrypt E-Mail & attachments — is called S/MIME (the “s” is for “secure,” couldn’t you guess). It almost certainly uses AES.
2. I distrust AES. No, not because it is the product of a government-sponsored competition. It’s only because it is so ubiquitous. For the same reason that Windows gets the lion’s share of viruses, AES will receive the lion’s share of cryptanalysis. And he who dethrones AES will find the world lying at his feet.
For this reason, I prefer Twofish. It was in the same competition which produced AES, but it didn’t come in at first place. (I could be mistaken, but I believe it came in second.) That’s sufficient reason, in my mind, to prefer it over #1. :)
I think you’re missing one option that is easy and popular. It is to use your password manager to share a file or a private text message.
Basically, in your password manager, you’re going to create a note or a file, you will mark that a password is required or not, and then you will get a link to this file. You can then send that link to the other person.
There are some advantages : the link you’re sending can expire after X days. You can delete the file once the other person receive it. The file will not stay in your email eternally. Also, you can control how many times the note or file has been opened by the other person, preventing your private file to be shared with third party.
As for the disadvantages, It requires you to have trust to your password manager… but you already do otherwise you would not be using it.
Bitwarden send does this, and I’m sure other does, I just don’t know other password manager, cause the one I uses is perfect for my use case.