Use Gmail’s built-in TLS encryption automatically for messages in transit
Open Gmail and click Compose
Enter the recipient’s email address
Click the lock icon in the compose window if available
Select Standard encryption, Enhanced encryption, or Confidential mode if offered
For confidential mode, set an expiration date and passcode if needed
Click Send
For end-to-end encryption, use Google Workspace with S/MIME if your account supports it
Enable S/MIME in Gmail settings if available
Import your S/MIME certificate and key
Send to recipients who also support S/MIME
Use PGP or OpenPGP with a compatible browser extension or email client
Generate a public/private key pair
Share your public key with the recipient
Encrypt the message using the recipient’s public key
Decrypt received messages using your private key
Use a strong password for your Google account
Turn on 2-Step Verification for your Google account
Keep recovery options updated
Avoid sending sensitive data in plain text unless encrypted first