Email security is essential for any Internet user. It is just as important as trusting that your physical email received through the post office is private.
It was recently discovered that 773 million records were exposed in a security breach involving email account credentials. You can find out if you are one of the victims by checking the huge database of Have I Been Pwned.
As such, people might worry about security precautions for their email accounts. The solution is simple: if you take good care of your email security, you are less likely to fall victim to such data breaches.
In this article, we are showing you 11 proven methods for securing your email accounts. Some of these might sound redundant, but they are surprisingly overlooked by many people.
Get an overview of the 11 email security tricks in the list of topics below (click to jump).
- Set up an unbreakable email password
- Use different passwords for all your email accounts
- Regularly change your email password
- Two-factor authentication is your friend
- Avoid suspicious email messages, links, phone calls, and requests
- Switch to a more secure email service
- Encrypt your message contents for advanced email security
- Keep your device protected and up to date to improve email security
- Sign out of your email account when you are done using it
- Avoid using public computers and open hotspots
- Use a VPN service to encrypt your data traffic and secure your email
1. Set up an unbreakable email password
The first step toward securing your email account is adding a strong password that cannot be immediately cracked. We are not talking about your dog’s name, a variation of your birthday, or anything that can be effortlessly hacked.
Your password should not be something that can be easily figured out. Instead, you should opt for a solid password made from random characters. This sequence must contain numbers, small and big letters, along with symbols.
If you are worried that you cannot remember it, do not write it down on a piece of paper. Even if you think that you will keep it in a safe place, this is not the answer.
Instead, consider turning to a reliable password manager that can hold all your keys in a single place, such as LastPass. But if you are not comfortable with a password manager, you can come up with an elaborate password and remember it using a mnemonic device.
2. Use different passwords for all your email accounts
Most of us have two or more email accounts nowadays. Some are for work and for personal activities. Others help you remain anonymous when signing up for various web services that typically send spam emails.
It might be tempting to use the same email password in all places. You might argue that you cannot commit to remembering more than one complex password made of random characters.
However, we urge you to think differently. You might somehow expose your password to someone because you left it written on a piece of paper. Without you even realizing it, that person could use the password to sign in to all your email accounts.
In this case, you compromise the security of all your email accounts, not just one. Therefore, we recommend having multiple passwords for different accounts. And, just like in the previous point, we think you should resort to a trustworthy password manager.
3. Regularly change your email password
Normally, your email provider reminds you that it is a good idea to change your password every now and then. The security reason behind it is that a hacker might have been trying to crack it.
For example, you should never leave a year go by without running a security checkup. Among other things, it involves changing the email passwords.
It can be daunting to create and keep track of multiple complex passwords when regularly changing them. In this case, we recommend trying a random password generator that works alongside your password manager.
LastPass has a built-in random password generator and an online version of it. You can set the password length, type of characters (uppercase, lowercase, numbers, symbols) and make it easy to say or to remember.
4. Two-factor authentication is your friend
The two-factor authentication (2FA) system is designed to improve your email security by asking you to confirm email login using your smartphone after you enter your email password. It usually means tapping a button or verifying a code sent to your smartphone. Then, you are good to go.
2FA can be tedious for users who are not accustomed to keeping their smartphones by their side at all times. It also means having your mobile device always charged and connected to the Internet.
However, two-factor authentication is essential for protecting your email account by applying an extra layer of security. Because a hacker who knows your email password cannot sign in to your account without also having your smartphone.
5. Avoid suspicious email messages, links, phone calls, and requests
It might sound redundant to say, but you should always avoid suspicious email messages, requests and links if you want to practice basic security hygiene on the Internet.
If you have any suspicious related to emails, links, texts, and phone calls from unknown numbers and foreign countries, never reply to them or answer your phone.
Third parties impersonating your email provider, bank or other figures of authority may try to trick you into handing over your personal and financial details. As such, it is better to remain cautious than fall prey to phishing.
Never leave pieces of paper that contain your password lying around, and never give out your passwords to someone. If you do wish to trust a friend with your password, say it out loud and face to face. It is definitely better than speaking it over the phone or sending a text.
6. Switch to a more secure email service
You cannot expect to send and receive confidential messages without turning to a secure email service. Secure Sockets Layer (SSL) is used for establishing encrypted links between web browsers and servers. Therefore, you will not be exposed to man-in-the-middle attacks.
To make sure that you are using an SSL connection when accessing your email account in the web browser, take a look at the address bar and make sure the URL starts with HTTPS instead of HTTP.
You can also consider opting for a more secure email provider if you are using a poor service like Yahoo Mail. Everyone is familiar with Gmail, which uses 128-bit SSL encryption. It is strong enough to protect your data, but anyone that can access Gmail servers can see what you are doing.
On the bright side, there are several email providers that focus on security, such as ProtonMail. Featuring end-to-end encryption, it encodes email content and user information before they reach ProtonMail servers. You can access the email server using a webmail client or the Tor network, as well as by installing Android and iOS apps.
7. Encrypt your message contents for advanced email security
Manually encrypting your message contents is an alternative solution for the previous point we mentioned, in case you want to stick to a popular email provider like Gmail or Outlook, which do not support end-to-end encryption.
As far as Outlook is concerned, it is possible to encrypt email messages using S/MIME or Office 365 message encryption. What’s more, you can encrypt a single message or all outgoing mail.
8. Keep your device protected and up to date to improve email security
Regardless of how many layers of security you apply to your email account, it does not matter if your computer is set to automatically log in when you launch your web browser or email client.
The rule also applies to smartphones if you are using email native apps. If anyone can get into your computer or smartphone, they will be able to access your email accounts and read all your sensitive messages.
To counteract this, you must also take care of your device’s security. Remember to log out of your computer if you need to temporarily step away from your workstation and turn it off after office hours.
You might also want to consider installing a powerful anti-malware application that has an email protection module. It could protect you from hackers who could otherwise get hold of your email login credentials and confidential messages. Keep the antivirus database up to date, too.
When it comes to your smartphone or tablet, make sure to set up a PIN, fingerprinting or voice match for unlocking the device. Another important aspect is to disable screen preview notifications if the device is locked.
Otherwise, another person glancing at your device could see the beginning of the email message. For example, your boss or a co-worker could find out that you are receiving a job offer somewhere else.
Keeping your device up to date is equally important because it will regularly receive security patches meant to combat the latest cyber threats, including any new agents designed to hack into your email accounts.
9. Sign out of your email account when you are done using it
Similar to the previous point, remember to sign out of your email account when you are done using it. This especially applies if you are temporarily using an unknown computer to check your email.
Instead, use an incognito/private browsing session to check your mail. You will get automatically signed out after closing all private windows. Moreover, the browser will not remember your sign-in credentials in autofill mode.
10. Avoid using public computers and open hotspots
To follow up on the previous point, it is a wise idea to avoid using public computers and open hotspots as best you can. If you are traveling to a foreign country, you should avoid connecting to unprotected wireless networks if you wish to check your email.
As far as unknown computers are concerned, you never know what kind of software is installed on them. For instance, someone can set up keyloggers meant to monitor your keystrokes and find out your email password.
11. Use a VPN service to encrypt your data traffic and secure your email
A reliable VPN tool can help you in many scenarios that involve the security risks of your email account. It can protect your email credentials and message contents by creating a secure tunnel that encrypts all sent and received data.
Having a reliable VPN service also helps when you must connect to a public, unencrypted Wi-Fi network. It gives you the level of security that the hotspot cannot.
Even if a hacker manages to acquire the traffic from the VPN client, they would only see scrambled data and would not be able to decrypt it, thanks to the security features provided by VPN protocols and encryption.
A VPN tool also hides your browsing history from your ISP, conceals your IP address and makes it seem like you are visiting websites from another country to ensure online privacy and security. It has many features that can help secure your email.
You can explore numerous VPN services, but it can be tough to make the right call, compare the pros and cons, and pick the best VPN for your needs. But you can take our advice since we have tested over 50 virtual private network tools and evaluated the best VPN services out there.
We suggest using ExpressVPN to secure your email, encrypt your data, bypass firewalls, and unlock forbidden parts of the Internet. It is not the cheapest option, but it can be installed on many devices such as Windows, macOS, Linux, Android and iOS.
As such, you can keep your security in check no matter what device you use to check your email. If we managed to draw your attention with this tool, you can get a premium subscription plan for ExpressVPN here.
All things considered, you can improve the security of your email accounts by practicing basic Internet hygiene and by taking several precautions to protect yourself from hackers and data breaches.
What are your favorite methods for securing your emails? We would love to hear your opinion, so do not hesitate to drop us a line in the comment section below.