Gmail has released a new feature called Confidential Mode that allows you to send self-destructing emails to recipients that can't be forwarded to other users or printed. When using this mode, senders can configure an email to delete itself after a certain amount of time or even restrict access to an email after it was sent.

When a user sends an email in Confidential mode they will be able to configure various options such as when the email will expire, or self-destruct, and whether it requires a password to open. When setting email expirations, you can configure it from 1 day all the way up to 5 years.

This feature works with all email providers because the email sent to the recipient does not contain the actual confidential email. Instead, the recipient will receive an email containing a link to the Google servers, which hosts the email, as shown below.

Confidential Email that was received
Confidential Email that was received

When a recipient clicks on this link, Google will first ask you to login to confirm that you are the intended recipient. If are you are logged in as the recipient, it will show you the email, otherwise it will deny you access.

Confidential Email on Google's Servers
Confidential Email on Google's Servers

If an email was sent by mistake or a sender would like to withdraw access, the sender can simply open the email in their Sent folder and click on the Remove access button as shown below. 

Remove Access button
Remove Access button

This process works well because the actual emails are hosted on Google's servers rather than in a user's email program. Therefore, a sender can control at any time whether the recipient can see the email or not.

One feature that is missing that I think would be useful is the ability for the sender to see if a recipient has opened the email or not. This way they can revoke access knowing that the email was never read.

While I find this feature very useful, it is important to remember that there is nothing stopping a recipient from simply taking a screenshot of the email. So this should not be considered a very secure way of sending someone information.

Just another phishing attack in the making

After publishing this article, important concerns were raised that there is a good chance that this feature will be used in future phishing attacks.

A successful phishing attack would then allow an attacker to gain access to the recipient's email credentials and thus their email.

How to use Confidential Mode in Gmail

Confidential Mode is available in both the webmail version of Gmail and in the Gmail mobile apps for iOS and Android.

To use it in webmail, you should compose a new email as normal and then click on the lock button as indicated in the image below.

Enable Confidential Mode in Webmail
Enable Confidential Mode in Webmail

This will bring up a settings screen where you can configure the expiration time and whether the email requires a password.

Webmail Confidential Mode Settings
Webmail Confidential Mode Settings

For mobile Gmail app users, it works a little differently. First you would compose your email and then click on the ... menu as shown below. This will open a menu, where you should select Confidential mode to bring up the feature's settings.

Mobile Confidential Mode screens
Mobile Confidential Mode screens

Once you configure the settings you wish to use in Confidential mode, you can then send the email as normal.

Related Articles:

New Azure AD B2B Google Feature Lets You Share Resources with Gmail Users

G Suite Can Now Alert You of Government-Backed Attacks

Google Testing Removal of WWW Subdomain from Search Results

Google's Removing the file:// Scheme from Chrome's Address Bar

Chrome 69 Shows the WWW & M Subdomains Again, but It’s Only Temporary