Because the confidentiality of your encrypted email relies also on others’ settings, for maximum safety until this flaw is patched, please use encrypted instant messengers like, Keybase, Wire or Signal for the most sensitive communications.
We recommend people use End-to-End Encrypted communications whenever possible — the Ends are yours and your friend’s devices and messages are encrypted so that the points in between have no way to read them, so you don’t have to trust the Internet!
The best option for email encryption is GPG (also called PGP or OpenPGP). It also helps ensure authenticity! We run workshops to help get groups set up with GPG using Thunderbird with the Enigmail plugin. If you’ve been to one of our trainings and you’d like a refresher, check out our simplified overview plus our strong passphrase guide [DicewareZine.pdf]. If you want to help a friend get set up or are wondering about a certain step, here are our detailed GPG training PDF checklists for Linux [GPG-checklist-linux.pdf], Mac [GPG-checklist-mac.pdf], and Windows [GPG-checklist-pc.pdf].