Nobody wants random people accessing their emails, especially if you’re running a presidential campaign. After all, it wasn’t too long ago that Hillary Clinton’s own campaign emails were breached.

Despite that cautionary tale, almost every 2020 presidential candidate isn’t using a basic email security feature.

Agari — an email security company — released new data that showed only Elizabeth Warren uses both email authentication and advanced email security. Warren is also the only candidate to use domain-based message authentication, report, and conformance policy, or DMARC, TechCrunch noted.

DMARC is an email security feature designed to reduce the potential for email abuse by using Sender Policy Framework (SKF) and DomainKeys Identified Mail (DKIM). As outlined by TechCrunch, the feature is pretty useful because it can verify a sender’s email and mark emails as spam or can reject them if an email can’t be properly validated.

“For US congressional and presidential candidates with domains unprotected by the DMARC email authentication protocol, they risk finding their campaigns impersonated in phishing attacks targeting not their staff, but rather their most important constituents—including voters, donors, the press, and more,” Agari said in their report.

Throughout 2018, Democratic Sen. Ron Wyden was behind a huge push to roll out DMARC across federal domains. He referred to DMARC as a “common sense” cybersecurity technology and said “anti-phishing technology is a no-brainer that increases cybersecurity without sacrificing liberty.”

Election security will continue to be a big issue as we inch closer to 2020 and it doesn’t seem  as if this most recent group of candidates would rather be safe than sorry for the sake of their possible future presidency.