PGP (Pretty Good Privacy) is a data encryption program that provides cryptographic privacy and authentication for email communications. Created by Phil Zimmermann in 1991, PGP is one of the oldest and most trusted email encryption standards in existence.
How PGP Works
PGP uses asymmetric (public key) cryptography. Each user generates a key pair: Public key: Shared openly with anyone who wants to send you encrypted email Private key: Kept secret on your device — used to decrypt messages sent to you
When someone sends you an encrypted email
1. They encrypt the message using your public key 2. The encrypted message travels through email infrastructure 3. Only your private key can decrypt it 4. Even if the email is intercepted, it is unreadable without your private key
PGP also supports digital signatures — you sign outgoing emails with your private key, allowing recipients to verify the email genuinely came from you and was not modified.
Setting Up PGP
Step 1: Install a PGP-compatible email client or plugin.
For Thunderbird (recommended beginner option)
Download Mozilla Thunderbird email client. Thunderbird now has OpenPGP (PGP's open standard) built in since version 78.
For Gmail/web email
Install Mailvelope browser extension (Chrome or Firefox). Mailvelope adds PGP functionality to Gmail, Outlook web, and other web-based email.
Step 2: Generate your key pair.
In Thunderbird: Account Settings > End-to-End Encryption > Add Key > Generate a new OpenPGP key In Mailvelope: Key management > Generate key
Choose: 4096-bit RSA (stronger) or Ed25519 (more modern, also strong). Set an expiry date (2-3 years is common practice). Protect your private key with a strong passphrase.
Step 3: Share your public key.
Export your public key and share it with contacts who want to send you encrypted email. You can also upload it to public key servers (keys.openpgp.org) so anyone can find your key.
Step 4: Import recipients' public keys.
To send encrypted email to someone, import their public key. In Thunderbird: Key Manager > Import. Request the key from the recipient or search public key servers.
Step 5: Send encrypted email.
When composing email in Thunderbird, a lock icon indicates encryption is available. Enable encryption and sign for the message. The email is encrypted and only the recipient can read it.
PGP Limitations
Both parties must use PGP: Encryption only works if both sender and recipient are set up with PGP. This is the biggest practical barrier.
Key management complexity: Verifying that a public key genuinely belongs to the claimed person requires out-of-band verification (in person or via a trusted channel).
Metadata not protected: PGP encrypts email content but not metadata — who you emailed, when, and the subject line are visible to email providers.
PGP vs ProtonMail
ProtonMail provides automatic E2EE between ProtonMail users without any PGP setup. For non-technical users communicating with other ProtonMail users, ProtonMail is significantly easier than manual PGP.
PGP shines when communicating with people who use standard email providers — it adds encryption capability that ProtonMail cannot provide without the recipient's participation.
For most users: ProtonMail for day-to-day private email; PGP for specific secure communications with technical contacts who maintain PGP keys.
Frequently Asked Questions
Is PGP still secure in 2026?
Yes. PGP's underlying cryptography (RSA 4096-bit or elliptic curve) remains secure. The challenges are operational (key management, adoption) rather than cryptographic.
Do I need PGP if I use ProtonMail?
Not between ProtonMail users. For encrypted communication with Gmail/Outlook users, PGP or ProtonMail's password-protected message feature provides the encryption ProtonMail cannot automatically provide.
What is OpenPGP vs PGP vs GPG?
PGP is the original proprietary standard. OpenPGP is the open standard based on PGP. GPG (GNU Privacy Guard) is the most common free, open-source implementation of OpenPGP. They are interoperable.
Conclusion
PGP remains a powerful and cryptographically sound email encryption tool for users willing to invest in the setup. For most everyday users, ProtonMail provides similar protection without the complexity. For specific high-security communication needs — particularly with technically sophisticated contacts — PGP provides genuine end-to-end encryption with any email provider.