Thunderbird

Complete Setup to Encrypt Thunderbird Emails for Extra Security

By Admin

Updated: March 16, 2026 ~ 6 Minutes Reading

Table of Contents

You can encrypt Thunderbird emails before sending them for better protection and to maintain complete email confidentiality using OpenPGP (recommended) or S/MIME certificate setup.

Follow the complete guide to send and receive encrypted emails in Thunderbird.

What Does Thunderbird End-to-End Encryption Mean?

Although Thunderbird uses secure protocols such as TLS/SSL, email can still be read by the email service provider. However, when you encrypt an email in Thunderbird, your email is now transformed into unreadable code. This code can only be decrypted by the receiver with the correct key.

Thunderbird also lets you send encrypted emails through S/MIME (Secure/Multipurpose Internet Mail Extensions) certificate and Open PGP (Pretty Good Privacy):

Encryption Method Users In-Built Cost
OpenPGP For Personal Use Yes Free & Open Source
S/MIME Business or Enterprise Users Requires certificate Paid

Method 1: How to Encrypt Thunderbird Emails Using OpenPGP?

The instructions to set up end-to-end encryption in Thunderbird are almost the same for Mac and Windows users. OpenPGP is Thunderbird’s built-in encryption, as it is the easiest way to secure your emails in Thunderbird.

The composed email is encrypted into an unreadable format using a Public Key, which is with the sender, and decrypted using the receiver’s Private Key.

Important Note: The keys are always created on the receiver’s Thunderbird setup.
Note: Keys are actually files in .asc format. These keys can be exported and imported in Thunderbird setup using OpenPGP Manager.

Follow the steps below to set up free OpenPGP encryption in Thunderbird on the receiving computer.

Step 1: Thunderbird Settings to Encrypt Emails

Note: Thunderbird (version 78 and later), OpenPGP is set up for each configured IMAP account separately.
  1. Open Thunderbird.
  2. Click on the Menu icon on the top-right.
  3. Go to Account Settings.
  4. Select the desired account from which you need to encrypt Thunderbird email.
  5. Go to the End-to-End encryption tab.
    End-to-end account encryption option under account settings in Thunderbird.

Step 2: Create a New OpenPGP Key in Thunderbird

  1. Click on an Add Key Button.
  2. Select Create a new PGP key and press Continue.
    create new pgp key to send encrypted emails in Thunderbird
  3. Set up the expiry date and press Generate Key.
    Generate Key Button
  4. Press Confirm to generate a pair of Public and Private keys.
Important: Key generation can take some time. Do not close the application in the meantime.

Step 3: Export the Public Key To Thunderbird

In order to receive encrypted emails from Thunderbird, the receiver must share their public key with the sender.

There are 2 ways to send the public key to the user:

multiple ways to export PGP key in Thunderbird to encrypt emails.

Method 1: Send as Email

  1. Select the Key in Thunderbird.
  2. Click on More and select Send as Mail.
  3. Enter the email of the person from whom you want to receive encrypted emails, then compose and send the email.

Method 2: Export the File – Safer Option

  1. Select the Key >> More.
  2. Choose Export the Public Key to File.
  3. Name and save the key on your PC.

You can share this key via a USB or other secure medium.

How to Send an Encrypted Email in Thunderbird?

To send an encrypted email using Thunderbird, the sender needs to have the Public key imported into his/her Thunderbird.

Follow these steps on the sender’s computer in Thunderbird:

Ensure you have already downloaded the Public key .asc file to your desktop.

Step 1: Import Public Key Generated by Receiver

  1. Open Mozilla Thunderbird.
  2. Go to Menu >> Tools >> Open PGP Manager.
    Open PGP Manager from menu
  3. Click on File >> Import Public Key From File.
    You can import public keys, guarding receipts to send encrypted emails in Thunderbird.
  4. Select the file and press Open.

Step 2: Compose Encrypted Email in Thunderbird

  1. Click on New message in Thunderbird.
  2. Enter the recovery email address.
  3. Compose the email normally.
  4. Before sending, click on Open PGP on the top left.
  5. Ensure the Encrypt, Encrypt Subject, and Digitally Signed options are checked.
    Compose encrypted email using OpenPGP in Thunderbird.
  6. Finally, click Send to encrypt the Thunderbird email.
Tip: Always back up your Encryption key files to avoid any loss.

Note: Receivers do not need to import the Private Key. It is already configured.

Method 2: Encrypt Email in Thunderbird Using S/MIME

Businesses and large enterprises need to encrypt email with complete security. Thus, they often choose a paid method of S/MIME security.

Ensure you have already received the S/MIME certificate structure from an authorized vendor like DigiCert, Sectigo, or GlobalSign.

S/MIME certificate has to be done only on the receiver’s Thunderbird setup, and when the receiver sends a digitally signed email, the sender automatically receives the receiver’s public certificate.

Step 1: Add the S/MIME Certificate to the Receiver’s Computer

  1. Go to the Menu in Thunderbird.
  2. Navigate to Account Settings >> End to End Encryption.
  3. Scroll to the S/MIME Encryption section.
  4. Select the personal certificate for digital signing, and then again select the personal certificate for encryption.
  5. Press Ok to Confirm.

Step 2: Send a Signed Email to Receive Encrypted Emails in Thunderbird

  1. Click on New Message.
  2. Enter the email address from which you want to receive encrypted emails.
  3. Select S/MIME from the security option on the top-left.
  4. Enable Digitally Sign and Encrypt.
  5. Press Send.
How to Send an Encrypted Email in Thunderbird using S/MIME?

Once the sender has received the digitally signed emails to establish an end-to-end encryption connection, the sender needs to compose a news message to the receiver with encryption enabled.

Worried About Data Loss and Thunderbird Data Security?

Encrypting email keeps your data protected but avoids any kind of data loss due to accidental deletion or hacks. Use Thunderbird Backup Tool to back up Thunderbird profile data with complete integrity to any desired location. Download the tool today. Free Trial Available.

FAQs: Encrypt Thunderbird Email

Q1: Is it a good idea to encrypt your email?
Yes, for important or sensitive emails, encryption is crucial and keeps your data private.

Q2: Does Thunderbird have end-to-end encryption?
Yes, Thunderbird lets you secure your email by sending it via SSL/TLS protocols and also using S/MIME and OpenPGP setup for free.

Q3: How do you get rid of end-to-end encryption in Thunderbird?
Open Thunderbird >> click the menu icon >> go to Account Settings >> select End-to-End Encryption >> choose the key >> click Revoke Key to disable encryption.