What is Encryption?

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. Using complex algorithms, a message is transformed into an illegible string of characters. The only way to transform the message back into original format is using a unique encryption key.

End-to-end encryption for ProtonMail users

ProtonMail uses asymmetric encryption to encrypt and decrypt messages you send and receive. Also known as public-key cryptography, messages are secured using a keypair consisting of a public key and a private key.

Emails are encrypted using the recipient’s public key, and can only be decrypted by the intended recipient using their matching private key. This provides end-to-end encryption (E2EE), meaning that only you and the intended recipient can read emails sent in this way. 

All email messages you send to other ProtonMail users are encrypted like this. When a ProtonMail user sends a message to another ProtonMail user, the message is automatically encrypted with the recipient’s public key. When the recipient opens the email inside their mailbox, it is seamlessly encrypted in the background using their private key. 

An email seamlessly decrypted in the background

The blue lock icon indicates that the message is end-to-end encrypted. 

If the correct private key needed to decrypt the message is not present, you will see a Decryption error. This happens when you have reset your password

What you see if you have reset your password
If you find or remember your old password after a password reset, you can reactivate your old encryption keys to restore messages in your mailbox

Emails sent to non-ProtonMail users

It is also possible to send end-to-end encrypted email messages to non-ProtonMail users. If using PGP, emails are secured in the way described above. It is also possible to send non-users E2EE emails using our Encrypt for non-ProtonMail users feature. This secures email messages with a password.

Encrypt for non-ProtonMail users

Rate This Article

(57 out of 123 people found this article helpful)
Post Comment


  1. Anonymous

    It would be nice if the “See Mailbox Password for more information” would link directly to it :-)

  2. alex

    I am using the web app for sending e-mails via protonmail. I have entered a mailbox password when I created the mailbox. So, where is this mailbox and how can I be sure that the mailbox password is not stored somewhere at protonmail?

  3. ProtonMail Support

    The mailbox password is used to decrypt your private key and it is not stored on our servers.

  4. Laurent

    When I am sending a message to another protonmail user with his own domain, how do I know the message is encrypted.
    I don’t see any exchange of public key.

  5. ProtonMail Support

    Messages sent to other domains, added on ProtonMail, are treated the same as if sending that message to a ProtonMail user. When you open the message, to the right of the date and time, and the Star option, you can see a padlock, and check how the message is sent.

  6. MiB

    Sanding messages from my@customdomain is the same safe level like from user@Protonmail? Are em encrypted too?

  7. ProtonMail Support

    Yes, technically there is no difference between the two.

  8. Enigma

    I would like to see Protonmail integrate Yubikey, having a tamper proof hardware key to decrypt and sign messages is much more secure

  9. b

    how do we deal with that if we regular change passwords every 3 months? we can no longer read the old messages?

  10. ProtonMail Support

    If you change your password from your Settings, old messages aren’t encrypted. Messages are encrypted only if you reset the password using the password reset form. You can still decrypt old messages if you manage to remember your old password: https://protonmail.com/support/knowledge-base/restoring-encrypted-mailbox/

  11. Mohammed Magdy

    I facing problem “Decryption error
    Decryption of this message encryption content failed.
    Try again” in all inbox messages, please help me

  12. ProtonMail Support

    This usually happens after you reset your password. When resetting your password, new encryption keys are generated while the previous ones are disabled.
    Because of this, your existing messages will become unreadable but you can restore them by providing the old password in the Settings > Keys tab on the web app.

  13. Gus theros

    I don’t know my old password for outlook.com I not a damn file cabinet all I want is a new outlook account

  14. ProtonMail Support

    We can only help you with creating a ProtonMail account: https://protonmail.com/signup.

  15. RetroGamingPT

    I have problems to recovery my steam account and no remember the password… is Hrd now to recovery my steam :( i sad … i probably remove my protonmail and use another mail

  16. David Adkins

    I see the encrypted text on old emails. What do I do next (to decrypt the message)?

  17. ProtonMail Support

    If you have reset the password, you will need to reactivate the old encryption keys as explained here: https://protonmail.com/support/knowledge-base/restoring-encrypted-mailbox/.
    Note that you will need to know the old password.

  18. Tiarnan

    if I send an anonymous email to my bosses as per a whistle blower, can the ProtonMail account IP address be back traced to me?

  19. ProtonMail Support

    No, user IP addresses are not included in sent messages.

  20. Anonymous

    I am seeing this error in NEW messages received in my custom domain asociated with protonmail. I have not changed my inbox password, what can I do?

  21. ProtonMail Support

    Please contact our support team: https://protonmail.com/support-form.

  22. Anonymous

    Is it that our login passwords are stored in ProtonMail servers in their raw forms?

    PS: I am of the opinion that they are rather stored in the form of their encrypted versions.

  23. ProtonMail Support

    Passwords are stored as encrypted hashes, never as cleartext.

Leave A Comment?