2 min read

Which Email Client Is The Most Secure?

We were reviewing some reports from our customer relationship management platform and the question came up, is Outlook more secure than Gmail? It’s an excellent question!

To understand email security, we first need to discuss the email applications available. In a nutshell, there are three types of email applications. There are desktop applications, browser applications, and mobile applications. I’ll go over each of those and then dig into which application is most secure.

Desktop Applications

There are two desktop applications that I will compare: Microsoft Outlook and Mozilla Thunderbird.

Microsoft Outlook

Microsoft Outlook is, hands down, the most common desktop email application. It has a familiar interface and it has dominated the business landscape for over 20 years. In addition to email, it has solid calendar, task, and contact interfaces. The biggest drawback is that Outlook isn’t free.

Mozilla Thunderbird

For customers that don’t want to pay for an email client, we most frequently see Mozilla Thunderbird. While Windows does have a built-in mail application, Mozilla Thunderbird is a stronger option. In addition to being free, it is a phenomenal tool for managing email from multiple accounts.

Browser Applications


Gmail is the dominant force in browser email applications. One of the most dynamic features of Gmail is that messages can have multiple “labels”. This is a unique organizational tool that is unique to Gmail. The calendar and contacts integrations are dynamic, as well.

Outlook Web Access/Outlook.com

If you have Outlook on your desktop, you can also use Outlook Web Access in the browser. You can do about 90% in OWA that you can do in the desktop application. For users familiar with Gmail, OWA is a great substitute for Outlook. Alternatively, if your corporate email isn’t hosted by Microsoft, you can set up an Outlook.com email and that interface works exactly the same way as Outlook Web Access.

Mobile Applications

The vast majority of email is read from a mobile device. iOS and Android have built-in mail clients. Outlook and Gmail also have mobile applications. Personally, I prefer the Outlook and Gmail applications over Apple mail. However, given that nearly 40% of email is read in Apple Mail, I am the exception and not the rule.

What’s the Most Secure?

Honestly, the answer is that all of these email applications can be secure, just like they can be vulnerable. It is less important how you check your email than it is how you protect your email. Here are my top 4 tips:

  1. Use multi-factor authentication: The most secure way to use any kind of email platform is to not stay logged in and to enable multi-factor authentication. This way, even if your password is pwned, your email cannot be accessed without verification that the access is authorized.
  2. Use a strong password: When it comes to password strength there are two considerations. Length and complexity. A strong password should be at least 13 characters long. It also should use all four types of characters (lower-case letters, upper-case letters, numbers, and special characters). Also, don’t use things that can be guessed or learned from your social media for a password.
  3. Use a password manager: I’m not going to lie. Far too often do I see a file on a desktop called “Passwords”. This is DANGEROUS! If that file is compromised, you have given the bad guy the keys to the kingdom. Instead, use a password manager. This allows you to have unique and strong passwords for everything and you only have to remember one password – the one to get into your password manager. I recommend Keeper or LastPass.
  4. Protect your password: Be aware of attempts to harvest your credentials. If you click a link from your email, be mindful if you are asked for your user credentials. Check the link to the website that loads and don’t give your username and password unless you are 100% certain it is needed and the request is valid. If you want an extra level of security, we have a tool that will filter phishing emails so they don’t hit your inbox and that also verifies all links from your email are legitimate.

Do you have a question you’d like answered? Submit your question here or comment below and we will answer it in our next post.

Google & Yahoo's New DMARC Policy Shows Why Businesses Need Email Authentication... Now

Google & Yahoo's New DMARC Policy Shows Why Businesses Need Email Authentication... Now

Have you been hearing more about email authentication lately? There is a reason for that. It’s the prevalence of phishing as a major security threat.

Read More
9 Urgent Security Tips for Online Holiday Shopping

9 Urgent Security Tips for Online Holiday Shopping

The holiday shopping season is taking off. This means that scammers have also revved up their engines. They're primed and ready to take advantage of...

Read More