When creating a security envelope, there is a choice to NOT require password.
If there is no password, how can the security envelope be secure?
If a password is applied to the security envelope, I assume that the person who receives it must know the password to open the security envelope, correct?
No password doesn't sound very secure. The thing about security envelopes is that they don't add more or better security than you could use otherwise. They are just a way of adding TEMPORARY security that belongs to the envelope, and which is stripped off once the recipient has taken them out of the envelope.
So let's look at the two kinds of security:
* Password. Not terribly strong security. Of course, you don't send a password protected file and a password in the same email, that's like putting a note on your front door saying "key under the mat". The idea is that you would have already exchanged passwords by a previous SECURE method.
* Certificate. Potentially more secure. Requires the RECIPIENT to have made a nice certificate which they can share with the WORLD without issues. You (or anyone) can use the certificate to encrypt the document. Only the certificate owner can get at the document (provided they protect their original private certificate properly).
There is no magic bullet for a one-off email that will make it more secure.
That said, any kind of encrypted file, even one without a password, is likely to be slightly resistant to automatic processes and casual prying eyes. Not really security, just caution (like the difference between putting a message in an unsealed envelope versus on the back of a postcard).