US Trends

how to encrypt an email in outlook

You encrypt an email in Outlook either with the built‑in “Encrypt” button (Microsoft 365 Message Encryption) or with S/MIME certificates, depending on what your organization supports.

Before you start (important checks)

  • Make sure you’re signed in with a work or school Microsoft 365 account; some encryption options don’t show up on free accounts.
  • Check with IT whether you should use “Encrypt-Only” , “Do Not Forward” , or S/MIME ; some companies enforce specific policies.
  • If S/MIME is required, you’ll need a personal certificate installed in Outlook first (IT or your PKI provider usually sets this up).

Method 1: Use the Encrypt button (most common)

Windows desktop Outlook (classic / new)

  1. Open Outlook and click New Email to start a message.
  1. Go to the Options tab on the ribbon.
  1. Click Encrypt (or Options > Encrypt in some layouts).
  1. Choose one of the policies, for example:
    • Encrypt-Only – encrypts the message and attachments but allows forwarding (if policy allows).
 * **Do Not Forward** – encrypts and blocks recipients from forwarding/printing/copying.
  1. Write your email, add attachments, and click Send. The message will be encrypted in transit and at rest in the recipient’s mailbox.

Tip: Some organizations auto‑encrypt if you add a tag like [secure] in the subject line, so ask your IT if that shortcut is enabled.

Method 2: Encrypt in Outlook on the web (OWA / Outlook.com)

  1. Go to Outlook on the web, click New mail.
  1. Depending on your layout:
    • Click Encrypt near the top of the compose window, or
    • Click Options and then choose Encrypt.
  1. Pick Encrypt or Encrypt and prevent forwarding (wording can vary).
  1. Compose your message and send.

Recipients using Outlook open it normally; external recipients may be asked to sign in or request a one‑time passcode via a secure viewing portal.

Method 3: Use S/MIME encryption

This is more advanced and usually used in regulated environments.

A. Set up S/MIME

  1. Get an S/MIME certificate (from your org or a public CA) and install it in your system/user certificate store.
  1. In classic Outlook:
    • Go to File > Options > Trust Center > Trust Center Settings.
 * Open **Email Security**.
 * Under **Digital IDs (Certificates)** or **Encrypted email** , click **Settings** or **Choose** to select your certificate, name the security settings, and confirm.

B. Encrypt a single message with S/MIME

  1. Click New Email.
  2. Go to Options > More Options or Options > Encrypt (depending on build).
  1. Turn on Encrypt this message (S/MIME).
  1. Finish writing the email and click Send.

C. Encrypt all outgoing messages with S/MIME

  1. In classic Outlook: File > Options > Trust Center > Trust Center Settings > Email Security.
  1. Under Encrypted email , check Encrypt contents and attachments for outgoing messages.
  1. Confirm and click OK. Now every new email, reply, and forward will be encrypted by default.

Warning: If some recipients don’t have a valid certificate or encryption capability, Outlook will warn you that they might not be able to read the message.

Quick device‑by‑device cheat sheet

[9][1][3] [1] [4][1] [5][10][3]
WhereHow to encrypt
Outlook on WindowsNew Email → Options → Encrypt → choose Encrypt-Only or Do Not Forward.
Outlook on MacNew Message → add the **Encryption** icon via Customize Toolbar if needed → click **Encryption** → choose Encrypt-Only.
Outlook on the webNew mail → Encrypt (or Options → Encrypt) → choose Encrypt / Encrypt & prevent forwarding.
Outlook with S/MIMESet up certificate in Trust Center → Options → Encrypt (S/MIME) for individual emails, or enable "Encrypt contents and attachments for outgoing messages" for all emails.

A realistic example

Imagine you need to send payroll data to HR:

  • You open a new email in Outlook on Windows.
  • Go to Options > Encrypt and choose Do Not Forward so HR can read it but not forward it on.
  • Attach the spreadsheet and send. The message and attachment are encrypted in transit and at rest, and any reply from HR stays encrypted as well.

Extra tips & gotchas

  • Test with a colleague first: Send an encrypted test email and make sure they can open it on all their devices.
  • External recipients: If they’re on Gmail/Yahoo, they may get a link to a secure viewing portal where they authenticate before reading.
  • Policy shortcuts: Ask IT whether subject‑line triggers like [secure] or other keywords are configured to auto‑encrypt.
  • Don’t rely only on encryption: Double‑check recipient addresses and remove unnecessary recipients when sending very sensitive data.

TL;DR: In most modern Outlook setups, the fastest way is: New Email → Options → Encrypt → Encrypt-Only/Do Not Forward → Send. If your organization uses S/MIME, you’ll need a certificate configured first, then you can turn on Encrypt this message (S/MIME) for individual emails or for all outgoing mail.

Information gathered from public forums or data available on the internet and portrayed here.