All Articles
How to send emails securely with Gmail confidential mode

How to send emails securely with Gmail confidential mode

5
min read
Overview:
Overview:

Are you curious about Gmail's confidential mode and how it could make your email habits more secure? This is just the article for you.

Gmail confidential mode is a Google feature that helps users send, open, and protect emails that have sensitive information. With confidential mode enabled, users can set emails to expire on specific dates and restrict forwarding.

<a href="#how-does-gmail-confidential-mode-work" class="anchor-link">How does Gmail confidential mode work?</a>
<a href="#sending-emails-confidentially-with-gmail" class="anchor-link">Sending emails confidentially with Gmail</a>
<a href="#receiving-emails-in-confidential-mode" class="anchor-link">Receiving emails in confidential mode</a>
<a href="#are-there-any-limitations-to-gmails-confidential-mode" class="anchor-link">Are there any limitations to Gmail's confidential mode?</a>
<a href="#final-thoughts-on-sending-confidential-emails-via-gmail" class="anchor-link">Final thoughts on sending confidential emails via Gmail</a>

<div class="anchor-wrapper"><div id="how-does-gmail-confidential-mode-work" class="anchor-target"></div></div>

How does Gmail confidential mode work? 

Emails sent in Gmail’s confidential mode follow a different email protocol than normal. Messages sent using confidential mode are stored on the Google server, and they can only be accessed through the Gmail app, web client, or via a secure URL that any non-Gmail recipients will have to click on and view on their browser.

Emails sent in confidential mode cannot be forwarded, copied, downloaded, or printed. This includes both the body of the message and any attachments. All of this is to protect sensitive files and information from being shared in an unauthorized manner. 

When an email is sent in confidential mode, the sender can also:

  • Set an expiration date
  • Revoke access any time they choose
  • Set a password or verification code that’s needed to open messages

<div class="anchor-wrapper"><div id="sending-emails-confidentially-with-gmail" class="anchor-target"></div></div>

Sending emails confidentially with Gmail 

Before we dive into how to do this, please note that Gmail confidential mode is only available in Google Workspace (i.e. school and work accounts) and must be enabled by your workspace administrator. If your Google Account is indeed set up through Google Workspace, you can use Gmail confidential mode on the web-based Gmail client or via an Android or iOS Gmail app. 

How to send emails in confidential mode

  1. Log into your Gmail account. If you’re using an app, simply open your Gmail app.
  2. Create an email as usual by clicking Compose. At the bottom, click the icon for confidential mode, which looks like a lock with a superimposed clock.
A screenshot of what's inside Gmail Compose showing  the toolbar at the bottom, especially the lock with a sumperimposed clock pertaining to confidential mode functionality once clicked
  1. A pop-up window will appear where you can configure your settings for confidential mode. Click the Expiration drop-down, and select from the options (one day, one week, one month, three months, or five years).
A screenshot of a pop-up window where you can configure your settings for confidential mode.
  1. Optional: Click SMS passcode to add a passcode and then Save to go back to the email you composed.
  2. Double-check and finalize your email, then hit Send. If you choose the SMS passcode option, you’ll see another pop-up window asking you to type in the recipient’s number.
  3. Hit Send on the pop-up after entering the number. The recipient will be sent a link that will take them to a browser pop-up asking them for the verification code before they open the confidential email. 

How to enable or disable confidential mode as an administrator

If you’re a workspace administrator, you can enable or disable confidential mode for specific units within your organization or your entire domain. You can also block confidential mode messages if you don’t want anyone in your organization to receive confidential messages. 

Here’s how you can turn confidential mode on and off as a workspace administrator:

  1. Sign in using an administrator account to your Google Admin Console.
  2. Navigate to Menu > Apps > Google Workspace > Gmail > User settings.
  3. Once in User settings, scroll until you find Confidential mode.
  4. Toggle confidential mode on or off with the Enable confidential mode box.
A screenshot showing that you can toggle confidential mode on or off with the Enable confidential mode box
  1. Save your changes. You may need to wait up to 24 hours for them to take effect.

How to manage which units of your organization have confidential mode 

If you’re turning confidential mode on or off just for a specific unit within your organization:

  1. Sign in using an administrator account to your Google Admin Console.
  2. Navigate to Menu > Apps > Google Workspace > Gmail > User settings.
  3. On the left portion of the screen, select the concerned organizational unit.
  4. Scroll until you find Confidential mode.
  5. Toggle confidential mode on or off with the Enable confidential mode box.
  6. Save your changes. You may need to wait up to 24 hours for them to take effect.

<div class="anchor-wrapper"><div id="receiving-emails-in-confidential-mode" class="anchor-target"></div></div>

Receiving emails in confidential mode

The main differences between a confidential and a normal email are that:

  • confidential emails will have to be opened in-browser using a separate URL, and
  • each message can only be viewed until its expiration date or until the sender revokes access. 

If you get an “email expired” error when receiving an email sent via confidential mode, this means that the sender might have revoked access to that message or that you’ve opened the email past the expiration date sent for it. 

Both Gmail users and non-Gmail users can receive confidential mode emails unless blocked by their administrator. Gmail users receiving a confidential message will notice a few things:

  • The forward button is disabled.
  • There will be a notification stating that the recipient is not allowed to forward, copy, print, or download the email.
  • The email disappears when it reaches its expiration date.

Non-Gmail users can access a confidential email via a link that opens securely in a web browser upon clicking View the email. This applies to users who do not have a Gmail account and also to users with a Google Account, but who are using a different email provider. Otherwise, the restrictions regarding forwarding and duplicating the email are the same. 

<div class="anchor-wrapper"><div id="are-there-any-limitations-to-gmails-confidential-mode" class="anchor-target"></div></div>

Are there any limitations to Gmail's confidential mode? 

The primary downside to Gmail confidential mode is that screenshots are still allowed, so recipients may still freely take screenshots or photos of the email body and its attachments and use those to proliferate the confidential information. Unlike Netflix, which has a screenshot-blocking capability, Gmail's confidential mode doesn’t have a deterrent for taking screenshots yet. 

You also cannot schedule messages via Gmail confidential mode, so you have to send each email in real time and tweak the settings for all the messages you send out.

<div class="anchor-wrapper"><div id="final-thoughts-on-sending-confidential-emails-via-gmail" class="anchor-target"></div></div>

Although Gmail’s confidential mode isn’t a perfect way to electronically send sensitive information, it’s significantly more secure than sending an email without confidential mode enabled.

Related articles

We're hiring

Come build something great with us.