Encrypt Your Outlook Emails: Step-by-Step Guide

By /
how to send an encrypted email in outlook - Close-up of a computer monitor displaying Outlook email interface with a promine

If you’re sending sensitive information through email—financial details, medical records, passwords, or confidential work stuff—you need to know how to send an encrypted email in Outlook. It’s not as complicated as it sounds, but it’s also not something most people do by default. The truth? A lot of folks think encryption is only for IT nerds or security experts. Wrong. Outlook makes it surprisingly straightforward, and once you get the hang of it, you’ll wonder why you weren’t doing this from day one.

Let’s be real: unencrypted emails are basically postcards. Anyone handling them along the way can read them. Your ISP, email servers, even a determined snoop on your network can peek. Encrypted emails? They’re sealed envelopes. Only the person you’re sending to can open them. This guide walks you through exactly how to do it, whether you’re using Outlook on desktop, web, or mobile.

Secure Outlook email encryption interface with lock icon

What Is Email Encryption and Why It Matters

Think of email encryption like this: a regular email is a letter you drop in a mailbox. Lots of people can read it. An encrypted email is that same letter, but sealed inside a locked box. Only someone with the right key can open it.

When you encrypt an email, the content gets scrambled using mathematical algorithms. The recipient receives a link or gets the message in a special format that requires authentication to read. Even if someone intercepts the email, they see gibberish—worthless without the decryption key.

Here’s why this matters: if you’re handling anything sensitive, encryption isn’t optional anymore. According to OSHA guidelines, certain industries require encrypted communication for protected information. Healthcare providers, financial institutions, and legal firms deal with this daily. But honestly? Everyone should be doing it for anything personal or confidential.

Outlook gives you two main encryption paths: built-in encryption for Office 365 users and S/MIME encryption for more granular control. Both work. One is easier. Let’s dig into each.

Understanding Outlook’s Encryption Options

Outlook doesn’t just have one encryption method—it has a few, and knowing the difference saves headaches.

Office 365 Message Encryption (OME): This is the easy button. If you’re using Outlook with an Office 365 subscription, you’ve got this built in. It works with anyone—even if they don’t have Office 365. Recipients get a link, enter a password, and boom, they can read the message. Simple, but less granular control.

S/MIME (Secure/Multipurpose Internet Mail Extensions): This is the old-school, battle-tested method. Requires digital certificates, more setup, but gives you encryption that’s recognized across almost every email platform. Think of it as the universal standard.

Transport Layer Security (TLS): This encrypts the connection between email servers. It’s automatic in modern Outlook, but it only protects data in transit—not at rest. Someone with access to the recipient’s mailbox could still read it. Use TLS as a baseline, not your only defense.

For most people, Office 365 Message Encryption is the way to go. It’s built in, doesn’t require the recipient to do anything special, and works across devices. But if you’re in a corporate environment or need enterprise-level control, S/MIME might be your jam.

Here’s the real talk: encryption adds a tiny bit of friction. Recipients might need to verify their identity. Some email clients don’t display encrypted messages the same way. But the security payoff? Worth it.

Person at desk securely composing email with encryption options visible

How to Send an Encrypted Email in Outlook on Desktop

Let’s walk through the actual steps. This is for Outlook desktop (Windows or Mac), using Office 365 Message Encryption.

  1. Open Outlook and start a new email. Click “New Email” or press Ctrl+N (Windows) or Cmd+N (Mac).
  2. Fill in your recipient, subject, and message. Type everything normally. Nothing changes here.
  3. Look for the “Encrypt” button. In Outlook 2016 and newer, you’ll see this in the ribbon at the top. It’s usually in the “Options” tab. Click it.
  4. Select your encryption level. You’ll see options like “Encrypt Only” or “Do Not Forward.” “Encrypt Only” lets recipients share the message (but not forward it as an encrypted email). “Do Not Forward” prevents them from forwarding, copying, or printing. Choose based on what you need.
  5. Send the email. Hit send. That’s it.

If you don’t see an Encrypt button, your version of Outlook might be older. Update to the latest version, or your organization might not have Office 365 Message Encryption enabled. Contact your IT department to flip that switch.

Here’s a pro tip: if you’re sending to the same person repeatedly with sensitive info, you can set up rules. Go to File > Manage Rules & Alerts, and create a rule that automatically encrypts emails to that recipient. Set it and forget it.

One more thing—when you encrypt, the subject line stays visible. If the subject itself is sensitive (like “Quarterly Earnings Report” or “Medical Test Results”), keep it vague. The encryption protects the body, not the metadata.

Sending Encrypted Emails in Outlook Web

Using Outlook on the web? The process is nearly identical, but the interface looks a bit different.

  1. Go to Outlook.com or your organization’s Outlook Web Access. Sign in with your credentials.
  2. Click “New Message.” Fill in the recipient and compose your email.
  3. Look for the lock icon or “Encrypt” button. In Outlook Web, it’s usually in the bottom toolbar. You might see a small shield or lock icon. Click it.
  4. Choose your encryption settings. Similar to desktop—you’ll get “Encrypt” or “Do Not Forward” options.
  5. Send the message. The interface will confirm encryption is applied.

Web-based Outlook is actually pretty slick for encryption because it’s cloud-native. Microsoft’s servers handle the heavy lifting. Recipients get a secure link, authenticate, and read the message in their browser. No special software needed on their end.

One caveat: if your organization uses advanced threat protection or data loss prevention rules, encryption might be restricted for certain recipient domains or content types. This is a security feature, not a bug. If you can’t encrypt a message you think you should be able to, check with your admin.

Encrypting Emails on Outlook Mobile

Mobile users often get the short end of the stick, but Outlook mobile (iOS and Android) does support encryption—though it’s a bit less obvious.

  1. Open Outlook on your phone. Tap the pencil icon to compose a new email.
  2. Type your message normally. Fill in recipient, subject, body.
  3. Tap the three dots (menu) at the bottom. This opens more options.
  4. Look for “Sensitivity” or “Encrypt.” Tap it and select “Encrypt.”
  5. Send the email. Done.

Mobile encryption works the same way as desktop—the recipient gets a secure link. The user experience is smooth because mobile browsers handle the authentication without fuss.

Fair warning: not all mobile Outlook clients have full encryption support. If you’re using an older version or a third-party email app, you might not see these options. Update your app or use the Outlook web interface on your phone’s browser as a backup.

Mobile phone showing secure email composition with encryption enabled

Setting Up Office 365 Message Encryption

If your organization hasn’t enabled Office 365 Message Encryption yet, someone with admin rights needs to flip the switch. This is a one-time setup.

For IT Admins:

  1. Go to the Microsoft 365 admin center. Sign in with admin credentials.
  2. Navigate to Settings > Org Settings > Security & Privacy.
  3. Find “Office 365 Message Encryption.” It’s probably already enabled by default in modern Office 365 tenants, but confirm it’s on.
  4. Configure branding (optional). You can customize the encryption portal with your company logo, colors, and disclaimer text. This makes it look more professional when recipients authenticate.
  5. Set up custom branding rules (optional). You can create rules that apply different encryption templates based on recipient domain, content, or sender. For example, “all emails to external domains get encrypted with our custom branding.”

Once it’s enabled, every user in the organization can send encrypted emails without additional setup. They just click encrypt and send.

There’s also S/MIME if you want certificate-based encryption. That’s more complex—requires each user to have a digital certificate, which your IT team manages through a certificate authority. It’s powerful but overkill for most organizations. Stick with OME unless you have a specific compliance requirement.

Common Issues and Fixes

Issue: “Encrypt” button isn’t showing up.

– Your Outlook version is too old. Update to the latest version. Office 365 Message Encryption requires Outlook 2013 or newer (desktop) or any recent version of Outlook Web.

– Your organization hasn’t enabled it. Contact your IT department and ask them to enable Office 365 Message Encryption in the admin center.

– You’re using a third-party email client. Some clients don’t support OME. Use Outlook directly or switch clients.

Issue: Recipient says they can’t read the encrypted email.

– They didn’t authenticate. Make sure they clicked the link in the email and entered their password or verified their identity.

– Their email provider is blocking the secure link. Rare, but happens with some corporate firewalls. Have them try accessing it from a different network or contact their email admin.

– The email landed in spam. Encrypted emails sometimes trigger spam filters. Ask them to check their spam folder and mark it as “not spam.”

Issue: “Do Not Forward” isn’t working.

– The recipient is using a client that doesn’t support the restriction. Some older or third-party email apps ignore DLP (data loss prevention) restrictions. This is a limitation of their setup, not yours.

– Your organization’s policies override it. Some companies have rules that prevent “Do Not Forward” from being enforced. Check with your admin.

Issue: Encryption is too slow.

– It shouldn’t be. Encryption happens server-side, so it’s instant. If you’re experiencing delays, it’s likely a network issue, not encryption. Check your internet connection.

Pro Tip: If you’re regularly encrypting emails to the same external organization, ask them to set up a trust relationship with your email system. This streamlines the process and removes some authentication friction for their users.

For more on protecting sensitive information across devices, check out how to hide text messages on iPhone and how to block apps on iPhone for comprehensive privacy strategies. You can also learn about how to change screen time passcode to keep your accounts secure.

According to Family Handyman principles of thoroughness, the same attention to detail applies to digital security. Just like you’d inspect every joint in a woodworking project, inspect every step of your encryption process.

For enterprise deployments, Microsoft 365 documentation provides detailed configuration guides. And if you’re managing compliance requirements, Bob Vila’s approach to methodical problem-solving applies equally to IT security—take it step by step, verify each stage, and don’t skip the details.

Frequently Asked Questions

Can I encrypt emails to anyone, or just Office 365 users?

– You can encrypt to anyone. Office 365 Message Encryption works with external recipients, even if they don’t have Office 365. They get a secure link and authenticate through a web portal. No special software required on their end.

Does encryption slow down email delivery?

– No. Encryption happens on Microsoft’s servers, so it’s transparent and instant. You won’t notice any delay.

Can I encrypt attachments?

– Yes. When you encrypt the email, all attachments are encrypted too. They’re embedded in the secure message.

What if the recipient loses the encryption password?

– They can request a new one. Most secure email portals have a “resend password” option. If they’ve lost access to their email account, they’re locked out—there’s no backdoor.

Is S/MIME better than Office 365 Message Encryption?

– It depends. S/MIME is more universal and works across all email clients. OME is easier to set up and works with anyone. For most people, OME is better. For enterprise environments with strict compliance needs, S/MIME might be required.

Can I encrypt emails automatically?

– Yes. Set up rules in Outlook (File > Manage Rules & Alerts) to automatically encrypt emails based on recipient, subject, or content keywords. This is a lifesaver if you’re sending sensitive info regularly.

Does encryption work with mobile devices?

– Yes. Outlook mobile supports encryption. Recipients can read encrypted emails on their phones too—they just need to authenticate through the secure portal.

What happens to encrypted emails after they’re read?

– They stay encrypted on the recipient’s server. If your organization has set a retention policy, encrypted emails might expire or be automatically deleted. Check your admin settings.

Can I decrypt an email I’ve already sent?

– No. Once it’s sent and encrypted, you can’t undo it. This is actually a feature—it prevents you from accidentally sending unencrypted sensitive data. Double-check before you hit send.

Is there a way to know if an email was actually encrypted?

– Yes. In Outlook, encrypted emails show a lock icon next to the message. You’ll also see confirmation when you send it. Recipients see a lock icon too, indicating the message is secure.

Related Posts

Scroll to Top