End-to-end encrypted email & storage

Email and files that only you can read.

Confidesk encrypts your mail and files in your browser, on your device. The server only ever holds scrambled data — so nobody else can open it. Not even us.

Keys never leave your device No tracking No back door Hosted in Switzerland
Confidesk — Inboxend-to-end encrypted
DR
Dr. ReyesYour results are ready
MK
M. KovačRe: the contract
VF
Via formA message for you
JT
Jordan TaoFiles you asked for
Your results are ready
DR
Dr. Reyes reyes@clinic.example
Decrypted on this device plain text · remote content blocked

Decrypted just for you, in this browser. No tracking pixels loaded — opening this told the sender nothing.

results.pdf · sealed Download .eml

Why Confidesk

Private because nobody else holds the key.

Most email asks you to trust the provider with everything. Confidesk is built so that trust isn't required — your data lives on our servers as scrambled gibberish, and the keys never leave your device.

Encrypted in your browser

Mail and files are encrypted on your device before they leave it, using modern elliptic-curve encryption. We move the data — we can never read it.

Only your passphrase opens it

Your key is unlocked in memory, only while you're signed in, only by a passphrase that never leaves your device. There is no reset and no back door.

Zero-Tracking Architecture

Messages open as plain text by default and remote content stays blocked, so reading a message tells the sender nothing — no read receipts, no tracking pixels, no hidden code.

Secure Forms & One-Time Send

Share a contact form so anyone can send you an encrypted message — no account needed — and use Secure Send to deliver a one-time encrypted message to anyone, anywhere.

More than email

One private place for everything.

Mail is just the start. The same encryption protects your files, passwords, and conversations — all readable only by you.

Encrypted mailbox

Send and receive mail encrypted to your key — readable only by you, on your device.

Files & storage

Keep documents in encrypted storage — decrypted only when you open them, in your browser.

Password vault

A built-in KeePass (.kdbx) manager for your passwords — the same file opens anywhere.

C-Board private chats

End-to-end encrypted one-to-one and group chat — sealed separately for each person.

Safe file preview

Open PDFs, documents, images, and video inside a sealed frame — nothing runs, nothing tracks.

Your own domains

Advanced accounts run several of your own identities, aliases, and custom domains.

Signing in

Two secrets, two jobs.

Every sign-in uses a login code we email you and a passphrase we never see. One proves it's you; the other unlocks your key — right in your browser. Prefer an authenticator app? Use any TOTP app in place of the emailed code.

1

Enter your username

You start the sign-in from any device, any browser.

2

Type the emailed login code

A short, one-time code goes to your external address — proving you control it.

3

Unlock with your passphrase

Your encrypted key reaches your browser and your passphrase unlocks it, in memory only.

Unlock your mailbox

Your passphrase decrypts your key on this device. We never receive it.

••••••••••
Trust this device

Unlock held in memory only · erased on sign out

The test that proves it

If a service can recover your data after you forget your password, someone other than you can open it too.

Confidesk can't recover yours — and that's the proof. No reset link, no recovery code, no back door: your passphrase is the only key, and it lives in exactly one place, your memory. That's the trade for data only you can read. Want certainty over a promise? You can even remove your key from our servers entirely and provide it yourself at each sign-in.

Built on one rule

A few things work differently here — on purpose.

Anything that would need a machine other than yours to read your mail is something Confidesk deliberately won't do. That rules out a few features you might expect — because offering them would break the whole promise.

No server-side search

We can't read your mail to index it. A search would mean decrypting your whole mailbox in your browser — we may add a limited in-browser version later.

No auto-forwarding or filters

Both would need our servers to read each message. You forward and organise yourself, in your browser, where your mail is decrypted only for you.

No shared or team accounts

Accounts are for one person. Sharing a mailbox would mean handing over a key only you control. One Advanced account can hold many of your own identities — never someone else's.

The difference

How it works, next to ordinary email.

Ordinary emailConfidesk
Who can read your messagesThe provider canOnly you
Forgotten passwordReset by the providerNo reset — you hold the only key
Your contentCan be scannedEncrypted — never scanned
Getting your data outVariesAlways — standard GPG keys

Confidesk for desktop

Your encrypted mail, even offline.

A native app for macOS, Windows, and Linux — a fully PGP-compatible email client that keeps working with no connection. Add your own IMAP and POP mailboxes, and everything stays stored encrypted, locally on your device.

  • Works fully offline
  • Fully PGP-compatible client
  • Add any IMAP or POP mailbox
  • Everything stored encrypted, locally
offline · stored locally
Confidesk
Inbox
Sent
Vault
Accounts
work@imap
me@pop3
FD
Finance DeptInvoice — signed & encrypted
IM
work@imapSynced · 3 new
ME
YouLocal encrypted backup

Pricing

Start free. Pay once, or grow into a plan.

Trial
Free
Try the service and see how the encryption works — for a limited time.
  • Mail & keys only
  • Encrypted mail
  • Key management
  • Limited time & activity
Start trial
Free
$2.99 once
One payment confirms you're real — then free and permanent. No subscription.
  • 100 MB storage
  • Mail, files & vault
  • Contacts & key management
  • Contact form & Secure Send
Register
Advanced
$4.99 / mo
Multiple identities and your own domains.
  • 2 GB · add storage anytime
  • Everything in Pro
  • Up to 5 accounts & aliases
  • Use your own domains
Choose Advanced

Prices shown in USD · your exact local-currency price is shown before you commit · email is mostly text, so storage goes far — add more anytime in 1 GB steps.

Compare all plans & features →

FAQ

Questions, answered honestly.

Why does Confidesk keep asking for my passphrase? +

Your key only lives in your browser's memory, and only while a page is open. Anything that reloads the page — a refresh, or returning from a payment — throws that memory away, so the app has to unlock your key again. Being asked is the security working as intended, not a sign anything is wrong. It usually isn't a full new sign-in, just your passphrase.

What happens if I forget my passphrase? +

Your data is gone — there is no reset link, recovery code, or support process that can open it, for you or for us. We can't read your data, so we can't restore it. Store your passphrase somewhere safe and durable; treat losing it like losing the only key to a vault.

Can I bring my own PGP key? +

Yes, at registration. Choose "Use my own keypair" and upload a standard (v4) Curve25519 key — an ed25519 signing key with a cv25519 encryption subkey, protected with a passphrase. RSA and NIST-curve keys aren't accepted. A key can't be swapped later, since your data is encrypted to it.

How do trusted devices work? +

On a browser you own and keep locked, you can mark it trusted so Confidesk signs you in without asking for your passphrase each time. It stores your key encrypted on that device for about a month, then asks again. Never trust a shared or public computer — anyone who can use an unlocked trusted device could read your mail.

Is there a mobile app? +

No — and that's deliberate. A native app would have to go through Apple's and Google's stores on their terms. We'd rather not put your data's security in a process we don't fully control, so we give you a mobile-friendly interface in your phone's browser, with the same encryption and guarantees.

Is Confidesk anonymous? +

No. Confidesk protects the contents of your data absolutely — nobody but you can read it. But your account is tied to a real external email and a one-time payment, so it isn't designed to hide who you are. It keeps what you write private; it doesn't promise to hide that you exist or who you talk to.

Take back your privacy.

Create your encrypted mailbox in minutes. Your data, readable only by you — starting today.