Any email messages that you send move across a vast array of servers around the internet and on each server the information gets copied. Anyone with access to those servers – or someone who is sniffing packets along the way – can read your email messages if they are sent in plain text.
One way to prevent this is to encrypt your email. This makes it so no one can read your message without permission, including your company email administers. Email encryption can be easy, free and offers strong protection against prying eyes.
Email encryption works like a lock with a key. The lock is called a “public key” which is a series of characters anyone can look at and the key that you unlock it with is called a “private key”. The software takes the message and the public key and jumbles up the message using an algorithm built into the software. The private key is then used by the recipient to undo the jumbling process.
The tools you need are PGP which stands for Pretty Good Privacy and email software that works with PGP such as Thunderbird with the Enigmail extension. You’ll also need to download a the free GNUPGP software for Windows.
Making it work on your computer.
- Download the software listed above.
- Run the GPGP installer which comes with GNUPGP. It should put GNUPGP under your Program Files directory.
- Run the Thunderbird installer.
- Open Thunderbird and then go to them follow in the menu bar Tools -> Options -> Extensions -> Install New Extension, and then choose the Enigmail extension file that you downloaded.
- Restart Thunderbird with Enigmail installed, you should now see a menu item for OpenPGP. Open it and go to Preferences. There you’ll find a dialog to point to your GnuPGP binary. Click Browse. On my machine, GPG was installed under Program Files\GNU\GnuPG\gpg.exe.
- Now you’ll need to generate your public/private key pair. From the OpenPGP menu item, choose Key Management. From the Generate menu, choose New Key Pair. Choose the email address you want to create a key for, and set a passphrase. Hit the “Generate Key” button, and relax – it can take a few minutes.When it’s done, you have the chance to generate a “revocation certificate.” This certificate can invalidate your public key just in case your private key is ever compromised. Go ahead and get your revocation certificate and save it.
Once your done with all that, you’re all set to send encrypted mail. To find someone’s PGP key, from the OpenPGP menu, choose Key Management. From the Keyserver menu, choose Search. Search for another PGP user by name or email address and add his or her key to your key manager. Once it’s in there you will be able to encrypt mail to that person.
Then, compose your message as usual. Encrypt it by clicking the little key down on the lower right of your compose window. You can also cryptographically sign your message to prove it’s you; that’s the little pencil. Both of these buttons will turn green to show that they’re active.
Now, nobody will be able to look at your messages.
[tags]thunderbird, pgp, encrypted email, secure email[/tags]