Can you keep Microsoft Outlook more secure?

Are you looking to secure your Microsoft Outlook account? Wondering whether there's more you can do to protect your email account? Whether it's personal or business emails, the messages you send can contain a lot of sensitive information – and it's important to make use of all the security features that are built into Outlook.

If you're not familiar with these features, or unsure how to use them, then your Outlook account might not be as private as it could be. But don't despair! We've put together this guide to help you shore up your email security.

Below, we'll run through the most important Outlook security settings and explain how to send well-encrypted emails, so you can be sure that your data isn't vulnerable to hacking attempts or snoopers.

Setup a password to protect your Outlook Data Files

Whether you use a standalone version of Outlook (2007, 2010, 2016, 2024) or Outlook on Office 365, the first thing you should do is set a password for your Outlook data files (.pst). This will ensure that your personal data isn’t accessible if someone else uses your computer – or attempts to access your Outlook while you're away from your keyboard.

As soon as a password is set, you'll be asked to enter it whenever Outlook is launched or a.pst file is opened.

1. Open Outlook and click on the file tab in the top left of the window
2. Click on Account Settings > Account Settings
   
   

3. Select the data files tab and highlight the Outlook Data File (.pst) that you want to password protect. On Office 365, you'll see various types of Outlook data files (.pst files) including an archive file and inbox file. You want to password protect the inbox data file (inbox.pst) – so double click on that one.
4. Click on Change Password
   
   

5. Now enter a password into the New password and Verify password boxes. The password should be robust, so ensure that you use a mix of upper and lowercase characters, numbers, and symbols.
6. Click OK to set the new password.

Remember that you'll be locked out of your Outlook Data File if you forget your password - Microsoft cannot retrieve lost passwords or accounts! So, make sure your password is memorable – or save it using a password manager.

Choose a strong password

No matter whether you're selecting a password to log into Office 365, or for an Outlook Data File, it's vital that it's strong and secure.

Also, if you're using Outlook at work or school, it's possible that you're on a Microsoft exchange server. If this is the case, you'll need to talk to your local system administrator in order to set up a password.

The passwords you use (for all of your online accounts) should always be unique, don't give in to the temptation to use the same password on multiple sites. Making every password unique prevents hackers from being able to access any other accounts if they acquire one of your passwords via a data breach or brute force attack. Generally, we recommend that you include upper and lowercase characters in your password, as well as numbers, symbols, and non-dictionary terms.

The longer your password, the more secure it'll be. It's for this reason that we also suggest checking out a password manager – which can protect your online accounts, help you keep track of login details, and even suggest super-secure passwords! Oh, and don't pick an obvious password. "Password", your birthday, your pet's name, or other guessable personal information is a big no-no.

Also, please don't leave your password lying around somewhere where it is easy to spot. A password on a post-it note stuck to your computer monitor may be convenient, but it also gives anybody who might walk by the keys to your account.

Setup Dual Factor Authentication

If you have moved over to using Outlook on Office 365, it is recommended that you setup dual factor authentication (2FA). This will increase the security of your Office 365 account and protect all your emails.

Using the online Office 365 version of Outlook means that your password and 2FA method are always needed in order to log in. However, it's worth noting that somebody could still access your emails when you are away from your computer if you leave the web client logged in – so it's important to ensure that you regularly log out.

Make items private

Anybody using Outlook on an Exchange server can opt to make items private when they are created. When you make an item private, other users on the Exchange server can’t access any specific details for that item.

To make items private, click the private checkbox next to the items when you create them. Remember that other users with permission to access your folders will be able to open items unless you specifically deny them access.

Thus, to ensure that items are kept private, you must choose Options in the Tools menu and click on the Delegates tab. Now, select a user and click Permissions to deselect the Delegate Can See My Private Items check box. You will need to revoke access for each individual user.

Secure your folders

Password protecting individual folders is an excellent way to stop anyone accessing your private data. This can be crucial in a busy office where people are free to come and go as they please. To set a password for your personal folders:

1. Right click on your top-level folder, this is normally called Personal Folder.
2. Select Properties For Personal Folders.
   
   
3. While on the General tab, click Advanced.
4. Click Change Password and enter a secure password in both fields.

Selecting Save This Password In Your Password List will allow a would-be hacker (or nosey colleague, family member, or housemate) to easily bypass this password protection. So, don't click this, and instead be sure to remember your password or store it in a secure password manager.

It's also worth noting that you cannot password protect individual sub-folders. You can only password protect everything from the top-level folder.

Update Outlook

New browser and software vulnerabilities are always being discovered – and this is why it's important to regularly update your version of Outlook, as well as your browser and operating system.

Keeping your system updated with the most recent security patches for Windows Defender, as well as ensuring that you have up-to-date antivirus software, will prevent you falling victim to viruses, spyware, rootkits, and trojans that could give hackers access to your Outlook emails.

To check for updates, log into Office 365 and go to the Outlook Account Information window. Click Office Account in the menu pane to the left of your screen. The Microsoft Product Information window will now display. Click on Office Updates followed by Update Now to download and install the latest version. If you have office apps running, you may be prompted to restart them and your computer to make the updates complete properly.

Look for the trusted sender icon

When you recieve an email, look for the green shield and trusted sender message. It's a quick way to confirm the security of an incoming message – especially if you have any suspicions about its authenticity.

If a message drops into your Outlook inbox without the trusted sender icon, it's worth checking with the sender to verify that they actually sent it themselves. If not, it could be a phishing attack.

Add contacts to safe and blocked senders lists

Adding a sender to your blocked senders list forces their messages to go to your Junk email folder. This is a good way to ensure unwanted emails are automatically filtered away.

Regularly update the password for your Microsoft account

In addition to updating the password for your Outlook Data Files and folders, it is essential to regularly update the password for your online Microsoft account. To do so, follow these steps:

1. Log in to your Microsoft account and click the profile icon in the upper right.
2. Select View Microsoft account from the drop-down menu.
3. Click Security from the menu that appears across the top of your screen.
4. Click Change Password from within the security basics menu.
5. Verify your identity via email or text code.
6. Type your old password followed by a new password (you will need to enter it twice to set it).

Updating your password regularly protects against brute force attacks and phishing attempts, which may have left your old password vulnerable to intruders. To be super-secure, you can ask Outlook to remind you to update your password every 72 days – and users with password managers can auto-generate a strong password with a click or two.

Check the address bar before logging in

Whether you use Outlook or Office 365, it is always worth checking the URL in the address bar to check that you are actually logging into the official website. Logging into your account from a link in an email or website could result in accidentally handing your login credentials to a hacker.

Use encryption to send emails in Office 365

The only way to ensure that emails are protected in transit is to secure them using end-to-end encryption. Outlook for Office 365 provides users with the ability to send emails using S/MIME encryption and Office 365 Message Encryption.

S/MIME

Secure/Multipurpose Internet Mail Extensions (S/MIME) is a widely used protocol for sending digitally signed and encrypted email messages. This is Outlook's most commonly recommended method of encryption.

To use S/MIME in Outlook, both the sender and recipient must have a mail application that supports the S/MIME standard. To send a message using S/MIME encryption it is also necessary to have added an S/MIME certificate to the keychain on your computer. After setting up the certificate on your computer, you need to set it up in Outlook:

1. Click File in the menu followed by Options > Trust Center > Trust Center Settings.
2. Select Email Security from the window on the left.
3. Under Encrypted email, click Settings.
4. In the Certificates and Algorithms section, click Choose and opt for the S/MIME certificate.
5. click OK.

Information Rights Management

Office 365 Message Encryption is called Information Rights Management (IRM), and is an encryption method provided within Outlook. To use IRM, the sender must have Office 365 Message Encryption, which is included in the O365 E3 license.

To use this encryption method, click on Options from within the compose window of a message. Select encryption and choose the setting that you require – and remember that the Encrypt-Only feature is only enabled for subscribers (Office ProPlus users) that also use Exchange Online.

Encrypting emails in Office 2010 or 2013

When it comes to encrypting messages within Office 2010, you have the option to either encrypt a single message or encrypt all outgoing messages. To encrypt a single message, follow the steps below:

1. Compose a message and click on the Options tab.
2. In More Options, click the small arrow in the lower-right corner.
3. Select Security Settings followed by the Encrypt message contents and attachments checkbox.
4. Compose your message, and then click Send.

If you choose to encrypt all messages by default, you will be able to write and send them without doing anything at the time. However, you must remember that in order for the recipient to decrypt those messages they will need your digital ID. To encrypt all messages follow these steps:

1. Click the File tab on the top right.
2. Click Options > Trust Center > Trust Center Settings.
3. Click the E-mail Security tab, and under Encrypted e-mail select the Encrypt contents and attachments for outgoing messages check box.
4. To select a specific certificate to use (S/MIME or Exchange Server Security) click Settings.

Use Mailvelope

If you prefer to send emails from within Outlook using strong PGP encryption, then it will be necessary to use the third party extension Mailvelope. The good news is that Mailvelope is very easy to use and will allow you to send PGP encrypted emails to any email provider that supports PGP.

Setup IP Filtering

Another way to ensure that your Office 365 and Outlook is secure is to disallow extranet access to your business’ cloud services. By restricting which IP addresses can access your Office 365 account, it is impossible for a hacker to access Outlook even if they manage to get hold of an account credential and password.

However, it is worth noting that enabling this feature will mean that the email accounts are only available to staff members from outside of the office by setting up a VPN.

Some alternatives to Outlook

It's certainly possible to make Outlook more secure by following along with the tips in this guide – however, the fact remains that Outlook is still considered to be, by and large, an insecure service. As a result, privacy-conscious users may want to search for an alternative webmail provider.

The first thing to keep in mind when exploring your options is that secure email services typically favor privacy over convenience, so, secure email providers may have less of the bells and whistles you're used to (like automatic email scanning and calendar integration) – but they'll work harder to keep your sensitive information out of the hands of snoopers.

You'll also be able to rest assured that your data is kept encrypted and unreadable to anyone who doesn't have the corresponding decryption key. This includes hackers taking advantage of a data breach as well as the ProtonMail staff themselves. More traditional email services will only encrypt the connection between their servers and your browser by comparison. The best secure email providers aren't interested in logging any of your identifiable information, and uses end-to-end-encryption to secure communication between its users.

There are plenty of other reliable services on the market. Here are our recommendations:

Conclusion

Outlook has a lot of native security features that can improve your digital privacy and ensure your emails are well protected. Regardless of whether you're using a slightly older version of Outlook, or the latest iteration of the app that comes with an Office 365 subscription, this guide can help you maximize your email security.

And if you want to take additional measures to secure your PC, you should consider using a Windows VPN!