Keep prying eyes out with encryption.
What you’re looking for isn’t unreasonable.
Sadly, it doesn’t exist. No part of the email standard deals with encrypting an attachment, so you’re not going to find an option in your email program to do so.
That doesn’t mean you can’t do it, though.
Become a Patron of Ask Leo! and go ad-free!
Password protecting attachments
Since there is no common, easy standard for securing attachments, add a password and encrypt the document before attaching it. Tools that use the “zip” format (like 7-Zip) are both secure and ubiquitous, making it easy for your recipient to extract the contents (assuming they have the password). There are more complex solutions that are more commonly found in corporate situations. Another approach is to use a ProtonMail account, which handles encryption well.
Flip the encryption script
What you’re looking for is something like this:
- Attach your document to an email.
- Tell your email program to encrypt it.
Step 2 doesn’t exist. So we do things in a different order:
- Encrypt your document.
- Attach the encrypted document to an email.
The net result is the same: your document cannot be accessed by anyone who doesn’t have the means to decrypt it (such as a password).
That does add one small complexity.
What that means is you and your recipient need to:
- Agree on what type of encryption to be used.
- Somehow share the decryption key securely so they can decrypt the attachment.
If that key is a password, you need to share it with the person you want to be able to view the document. You’ll want to share it separately (including it in the email defeats the purpose, after all), and via a different channel, like a messaging program, phone call, or text message. This prevents a compromised email account from allowing access to the encrypted document and its key.
What encryption to use
One of the easiest ways to password-protect a document is to use that feature within your document-creation tool, if it has one. For example, Microsoft Word lets you assign a password to a document that encrypts its contents. No one is able to open the document unless they can enter the password.
While Microsoft Office’s built-in encryption was once substandard, current versions are quite secure.
If you’re not certain about the quality of the encryption provided by the tool you use, or especially if you want to send more than one document at once, consider zipping them. Tools like 7-Zip let you combine multiple files (or just one) into a .zip file2 and apply a password. Doing so encrypts the resulting file. Bundling them all into a single zip file makes sending easier (it’s a single attachment) and decryption easier (extracting the zip file decrypts all the files at once).
More complicated solutions
Encrypting the entire email message is another approach. Unfortunately, this gets very complicated very quickly.
To begin with, there are two competing standards: mime and PGP. Depending on your email program, either or both may be available. Setup can be complex, and of course your recipient needs to be set up to handle the same standard. This can work well in corporate or other institutional scenarios where email is set up by a central authority.
In practice, it’s more work than it’s worth for most people.
One other approach
If you use ProtonMail, you can send encrypted email fairly easily. There are two scenarios.
- Email to other ProtonMail users can be encrypted end-to-end. It’s almost transparent because both sender and recipient are part of the same email system.
- Email to recipients that don’t use ProtonMail is delivered not as email, but as a link to a protected webpage on the ProtonMail servers. The recipient gives the password, and the email — including attachments — is decrypted and made available.
If you’re OK with that last scenario — requiring your recipients to visit a webpage to read your encrypted email — it might be the simplest solution of all.
Footnotes & References
1: Yes, I know the email format includes mime encryption, which I mention above. For the average user, however, it’s complex and impractical.
2: If you use the “zip” format (rather than 7-Zip’s default “7z” format), your recipient won’t even need a special program to open them. Zip format is supported directly by Windows File Explorer.