I am a manager in an office where the company does not provide a company email, so I use my personal email.
Often, I will receive jobs lists by email from my general manager.
How should I log in to my email in front of my co-workers so that they don't see my password?
My email service uses end to end encryption, which means that it does not store or reset my password.
I also cannot move the screen so my co-workers cannot see it.
Use the blanket of security, as seen in the Snowden documentary Citizenfour.
It involves placing a blanket over your head, the keyboard and monitor and typing in the password.
It will look weird but for security's sake it may be worth it.
Related post with demo pic - In CitizenFour, what was Edward Snowden mitigating with a head blanket?
You could use Two Factor Authentication that uses your phone to log in along with your password. That way, even if they see your password, they would need your phone, too to log in.
Get a password manager like KeePass and store your password there. Use the auto-type or a plugin to enter the password.
Alternatively, you can remember the e-mail password in your browser, which has downsides compared to KeePass but will keep your password save (given enough scrutiny).
While I recommend two-factor authentication on your personal account, you could set up second, work only account (as others have suggested), set up an automatic forwarding rule to it for the emails that are work related, and then log into that when necessary.
This way, you don't need to have your professional contacts update your email address, and you're only logging into an account with non-personal emails.
My email service is end to end encryption,
Unfortunately, when logging from an untrusted computer (your company's here) this does not mean much:
which means it does not store password or reset password.
You should be able to reset your password, end-to-end encryption does not preclude resetting passwords. Select an e-mail provider/technology which allows it.
On the other hand, if you operate from an unstrusted computer, password-protecting a private key is not as effective: since the company may access any program's memory, they may access your private key after it's decoded with your password.
I can't shift the screen.
If you are worried about your team members seeing your e-mails, then you might want to bring this point to your boss; especially if they are used to send you confidential e-mails (such as discussing the performance of some of your team members, or other personal information).
However, this should have no impact on your passwords: it should never appear on screen.
In light of the fact that your company may very well be "spying" on you, and possibly legally so depending on your jurisdiction:
If you wish to secure said e-mail account (to prevent others from perusing your e-mails or sending them in your behalf):
You should assume your employer has access to your keystrokes, so even if you do make them look away, it won't help at all. If you still insist on this false sense of security, you should become one with the tinfoil like Edward Snowden.
Schroeder and Neil have given two very good alternatives:
You could even use both 1 and 2.
Simple. Setup your separate work email. After that setup an auto-forwarding from your personal mail to your new-work-email, for senders who don't know your new email yet and then you can be confident logging that email account in front of your colleagues.
hope it helps! :)
A YubiKey is capable of storing a fixed string that can be activated. Make your password a combination of the a random character string that is on the YubiKey and your typed password. It's not quite two factor authentication, but it does mean shoulder surfing the keyboard alone won't be enough to get your password.
If you use GMail, they integrate with U2F and TOTP generators, in which case you can actually use proper 2 factor authentication.
Buy a simple fingerprint scanner or use a laptop with fingerprint scanner (pretty common now a days), then use a password manager to store your password for that email service and login with a swipe of your finger.
I do that all the time with HP Client Security.
And that looks more hi-tech than awkward like many other solutions do in front of other people :)
You could always learn to use the Dvorak Keyboard Layout! You will rarely encounter anyone watching over your shoulder familiar with this layout. I use it and I've never encountered anyone who could tell what I was typing even if I slowly pecked away with my index finger one key at a time.
When I enter a PIN code in a grocery store, I fake a few extra key-presses between the real ones, by putting my finger on the key but not pushing it. It's especially convenient when the keys don't visibly move much (as in the case of almost all keypads I've encountered on card scanners and ATMs), but with some practice it can be done with a standard computer keyboard.
It doesn't help against people who are trained and dedicated to spy on you, or use a camera and watch it later in slow motion, but it provides a good protection against casual glances.
You can use AutoHotKey and replace the full or parts of the password automatically while typing. I was using this method before I switched to KeePass and used Auto-Type.
::pop::part0fP4$$w0rD
That way, users seeing you type will only know parts of the password, not the full password. Disadvantage: the second half of the password is stored in a file. To mitigate that a bit, I made the replacement longer than needed and delete a few characters using backspace.
If you want to visually block shoulder-surfers but don't want to go full blanket-over-head-and-PC for the obvious appearance downsides, you could get a similar level of protection with less awkwardness by putting a smaller cloth over just your hands while you touch-type your password. Still awkward, but not as glaringly so. A password manager plus MFA is still generally the best choice in this scenario.
No blankets over your head required - just cover up a small section of the keyboard with your other hand, while typing in your password.
This would work excellent if you had all the letters on one side of the keyboard, or a numbers-only password, and have a number pad on the keyboard to type it in with. Very much like you're supposed to do at an ATM machine.
Like this photo too, (only do a better job ;-) 
All the caveats about your employer or company being able to monitor every keystroke and all network traffic apply, but this will keep prying eyes off at least.
As others have said, anyone in your office can just either install software on your PC, or plug in a physical keylogger between your PC and your keyboard. Of the solutions mentioned so far, only 2 factor authentication provides reasonable defense against physical access. But tampering with a computer to find somebody else's password is a criminal offence in many places and will also get people fired if caught, so the chance that they will do that is significantly lower than them just looking at your keyboard while you type.
Of the solutions mentioned so far, only 2 factor authentication provides reasonable defense against physical access.
The one solution which is missing is: BYOD. Bring in your own laptop, tablet or phone to access your email. That device uses an email client that has already stored your password, and the device requires a pin, fingerprint, or eye reading to unlock.
My proposal requires support on the server. If your service provider does provide this service (or if they are willing to), this doesn't actually answer the direct question (how to prevent the passphrase from being seen) but actually addresses the problem that most people try to solve (which is how to authenticate without revealing details that allows someone else to authenticate). The secret is to...
Don't worry if they get your password.
There is technology called OTP (One-Time Password), such as the S/Key implementation, which allows you to type in a password onto a trusted device. The trusted device uses some software, such as skeyinit (on Unix-like platforms -- skyinit man page) or OTPDroid (an open source option on Android platform) to generate a series of words. Then, you don't need to care if anyone thinks they saw your typed password, or even if there is a keyboard logger, because that series of words is only valid once.
If you can't type on your phone safely, another option (if you have foresight) is to generate the list of words ahead of time, and store them somewhere (maybe even using pen and paper). Then you can look at the pre-generated note that reminds you what words will need to be typed.
Snce you are asking..
1) shroud the keyboard. Learn to type blindly, accordion style.
2) implement opie style single use passwords.
3) login using keypairs via an ssh tunnel or similar.
4) try really hard not to mumble the password audibly as you type.
5) periodically scan for ultrasonic modem noise, unusual RF activity.
6) be acuteley aware of reflective surfaces, mirrors, glass.
7) DO NOT type it into unmasked fields accidentally.
8) Momentarily re-map your keyboard.
9) or just don't do it in public. etc. etc.
Ask your co-workers politely to turn around for a second. In a working environment nobody should be surprised or complain.
I am a manager in an office where the company does not provide a company email, so I use my personal email.
I agree with one of the comments: Create your own work email account in a place like gmail or on your own shared hosting web site if you have one. It is probably more important that managers have communications distinct from their existing personal accounts.
Often, I will receive jobs lists by email from my general manager.
Perhaps you could bring the point up to the General Manager that your work space is not conducive to the privacy of her or his emails to you, depending on the strength and candidness in that relationship.
How should I log in to my email in front of my co-workers so that they don't see my password?
There are several options you can use with a new account. Some of them might work in tandem.
My email service uses end to end encryption, which means that it does not store or reset my password.
It is good that your service uses client side encryption (if that is what you mean by end to end encryption). Perhaps that is not a necessary security measure for a company that does not have its own email server. If it is necessary, you could encrypt the data on the computer and send the ciphertext as an attachment.
I also cannot move the screen so my co-workers cannot see it.
It is best, in today's corporate environment, to assume that sustained privacy of display contents is not a realistic option.
I cannot speak for Windows or iOS, but with a properly configured SE LINUX system, the security level is high enough so that I can store all my passwords in such a way that I never have to type them during the workday. Then I start work, typing the single LINUX account password (which does not echo to the display), before anyone else starts theirs.
Get yourself a cheap barcode scanner, attach it to your computer and configure it as a "keyboard wedge" so it pretends it is a simple keyboard.
Print your password as a barcode (there are many free barcode fonts around) and stick that in a pocketbook you carry on your person.
Whenever you need to log-in, reach out your book, open it, scan the barcode and close the book.
