Edward Snowden’s revelations about the National Security Agency’s monitoring of the web landed like a bomb in Silicon Valley, raising major questions about privacy for the three biggest free email services: Google’s Gmail, Microsoft’s Outlook.com (the successor to Hotmail) and Yahoo Mail. In response, the tech titans pledged to ramp up their use of encryption to shield their services from unauthorized access–by governments or anybody else.
It’s not hard to see why: encryption dramatically increases email security. Even if an interloper manages to get hold of one of your messages, it’s nothing but gibberish without the proper decryption key. That’s why Google announced on March 20 that it is now encrypting 100% of messages as they travel across the Net between users’ devices and Gmail’s servers. The company is also encrypting all mail as it moves between machines within its data centers. For a hacker, “from a network perspective, it will be close to impossible to get any of that information out,” explains Wolfgang Kandek, chief technical officer of the security firm Qualys. Microsoft and Yahoo are in the process of implementing similar measures.
Still, that may not be enough to ward off prying eyes. A determined snoop can use other techniques to tap into your email account, like stealing your password. The best defense against that is two-factor authentication: an approach to security that involves a password plus an additional piece of evidence that shows you are who you say you are. Gmail, Outlook.com and Yahoo Mail offer two-factor log-in as an option. With it switched on, logging in from a new device requires you to enter a password as well as a numerical code that you get via your phone. That may sound like a hassle, but it’ll make your inbox a whole lot safer.
This appears in the April 07, 2014 issue of TIME.