How do I encrypt email?

Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.

If you use Thunderbird using the add-on Enigmail makes the process painless. It acts like a front end for the more painful parts of GnuPG.

Really appreciate the article! I will give Engimail a try. Thank you very much!

--quote--
Right, but then everyone you send encrypted or signed email has to either have Thunderbird + Enigmail, or some other more painful solution to decrypt or validate.
-quote-

True, but my concern is making my life easier. If someone wants to use a painful solution to decrypting my email that is hardly my fault or concern.

I have to ask. How often is it really necessary to encrypt your email?

I gave Thunderbird + Engimail a try. The installation is not as straight forward as I like. Need to first install Thunderbird, and then GnuPG. After that I need to go to Thunderbird -> Tool to add the Engimail plugin. Can't they make the whole things into one package?

Creating the key is easy - there is a wizard for it. I notice it says the key is good for 5 years. What will happen after that? Will my emails encrypted/signed by the old key stop working?

Encrypting is easy as well - just press the OpenGPG button. I notice it actually put some encoded strings in the email when I view it from gmail directly. But in Engiemail, it automatically decrypts it. Very nice!

However, now I run into a problem. How do I send encrypted emails to other people? I tried my other email account and Engimail complains it couldn't find the key. Looks like the recipient must first have a key in the server? This seems broken... What do I miss here?

I just started using voltage secureMail from voltage security to encrypt my email and I have to say it is the easiest email encryption solution I have ever used. After I installed it, all I had to do to send secure email was click the added "send secure" button in outlook. Also, it doesn't matter if the person I am sending to doesn't has secureMail, they can still read the message after they verify themselves. I think it has an advantage of PGP because it uses identity based encryption, which effectively makes my email address my public key. This is a great feature so i don't have to keep looking up the public key of everyone I want to send email to. I would definitely recommend SecureMail to everyone. Have you ever tried SecureMail Leo?

Come on, you said nothing about FireGPG for webmail GMAIL in Firefox http://getfiregpg.org/ It works just fine! And it's free. Any upgrades come as naturally and automatically as any Firefox plugins, so it never gets outdated.

Bottom line, don't send anything by email you don't want anyone else to see. If it's that sensitive there's still registered mail or certified mail w/return receipts...might take abit longer but atleast it's safe...

I have done a LOT of searching for an easy and free email encryption service to use, and quite frankly there are no "free" versions out there that are user friendly and allows you to manage the keys yourself and at the same time worrying if your recipient can read when it gets there. As far as sending the occasional email that needs to be encrypted I prefer to use hushmail.com it is not a large sized account for the free version, but if you are worried about the information you are going to be sending it works and it's easy to use. I do agree you are relying on someone else managing you keys, but lets face it some people just turn on the computer check email and surf the net for a while and that is it. In my opinion email encryption today is simply too much for the average user to handle. By the way I do like to use and recommend off-the-record (OTR) for my instant messenger client......

I've been playing with some free email encryption softwares in last few days. Here are the things I tried so far:

Hushmail - Easy to use. However I can't use my existing gmail account. The recipient needs to be a registered user, or I need to provide a secret question and answer. No installation required but need to go back to hushmail to get the email.

FirePGP - easy to use, love the integration with gmail. I can actually send encrypted email directly on Gmail's page! However, I can't send email to other people, and recipient needs to install the software and use firefox.

Sendinc - Need to use their page to send the email. Can send to anyone, but needs to go back to sendinc's page to read the email.

Opaqueware - easy to use, integrated with gmail. Can set time limit and get notification! Can send to anyone, but recipient needs to install the software.

So far, I like Opaqueware more. Both FirePGP and Opaqueware let me encrypt on my machine - I don't want the provider to see my email. Opaqueware let me encrypt to anyone and I really like their notification.

To post a comment on "How do I encrypt email?", please return to that article's main page.