Better email encryption for Outlook

Gpg4Win is one way to improve and expand Outlook’s poor encryption support.

Google’s End-to-End got us thinking about how to improve Outlooks lame email encryption and make it ready for End-to-End.

The End-To-End addin uses OpenPGP, an email encryption system not directly supported by Outlook but you can do it via Gpg4Win.

Gpg4Win is a free open-source tool which not only ads OpenPGP to Outlook but greatly improves the usability and features of the other encryption standard, S/Mime.

Get Gpg4Win from but before you do, note this …

Gpg4Win works with 32-bit Outlook only. That’s a major stumbling block against wide adoption. While most people still run 32-bit Outlook, most power users and those who recommend products (like Office Watch) have long since moved to 64-bit Office.

Gpg4Win comprises several components, the main one is Kleopatra, the certificate management center. Here you can make new certificates: OpenPGP or X.509. image from Better email encryption for Outlook at

There’s a simple wizard to make and install an OpenPGP email certificate in a few minutes. Or you can import certificates from other services. image from Better email encryption for Outlook at

Under Advanced Settings, you can change the OpenPGP key length from the standard 2048 bits to 3072 or even 4096 bits. The expiry date can also be changed.

Start up Outlook and create a new message. There’s a new tab called GpgOL which has various choices: image from Better email encryption for Outlook at

One interesting option is to encrypt only the attachments, leaving the message itself in clear text. That seems like a useful compromise for some people.

To encrypt a message, click on Encrypt then choose the recipients matching certificate. Sadly, decryption requires an additional step that Outlook itself does automatically for incoming messages.

Gpg4Win is worth looking at for a group of business associates or friends who want better email security. It’s a way to get OpenPGP support into Outlook and, presumably, will let you receive/send messages with End-to-End once it becomes available.

Some of the things Gpg4Win does are so simple it’s hard to understand why Microsoft makes it so hard in Outlook. For example, the first time you sign a message, gpgOL will look for a certificate matching the senders email address and automatically select it. Sounds obvious but not to Outlook developers who make you jump through hoops just to match an existing certificate against the sender.

Gpg4Win isn’t perfect, by any means, but it’s a darn sight better than Microsoft’s effort, or lack of effort.

Join Office for Mere Mortals today

Office for Mere Mortals is where thousands pick up useful tips and tricks for Word, Excel, PowerPoint and Outlook.

Give it a try. You can unsubscribe at any time.  We've never spammed or sold addresses since we started over twenty years ago.
Invalid email address