Use an email service that supports end-to-end encryption
Set up PGP or S/MIME encryption on your device and email account
Exchange public keys or certificates with the recipient
Verify the recipient’s key or certificate before sending
Compose your email normally
Encrypt the message before sending
Attach files only after encrypting them if your email client does not encrypt attachments automatically
Use a strong, unique password for any encrypted message links or archives
Send the email through a secure connection such as TLS
Ask the recipient to decrypt the email using their private key or certificate
Keep your private key or certificate protected with a strong passphrase
Revoke and replace keys if they are compromised
Use encrypted email only with recipients who can decrypt it properly