What is the Level of Protection for Encrypted Emails?

So, let me ask a basic question… if someone gets access to his email account via his computer, what’s the level of protection for the encrypted emails?

The security of end-to-end encryption (when it’s strong enough, like PGP) depends on the ends. There’s no way around that. It’s difficult to secure information on a poorly managed device, whether it belongs to the sender or the receiver.

Firstly, basics need to be in place: using two-factor authentication, having a strong password when logging into their computer, and keeping the device updated and virus free.

On top of that, if they’re using FlowCrypt, they should go to FlowCrypt Settings ⮕ Security and activate the “Always require a passphrase to open encrypted email” option.

Please refer to the Require a Passphrase for Email Decryption guide for more details on how to activate the “Always require a passphrase to open encrypted email” option.

That way, if someone gets a hold of their computer, they would still need to know the passphrase that the person has used to view the encrypted email.

This is military-grade end-to-end encryption. It won’t fail you on its own; the weak links are the underlying system, the device, the people, and so on.

meme (borrowed from xkcd.com)

We recommend reading our Improve the Security of Your System guide to learn how you can have an extra level of security.