Previously, we have shown you how you can send encrypted email in Gmail. However, some of the comments in the article mentioned that this is dependent on the Chrome extension and is not a failsafe approach. An alternative way is to manage your emails using a desktop client, like Thunderbird, and manage the encryption from your desktop. Here is how you can send encrypted emails in Thunderbird.
Thunderbird, by itself, does not come with the capability to encrypt your email. However, with the help of PGP/GPG and enigmail, you can easily encrypt your email in Thunderbird.
PGP (Pretty Good Privacy) is the protocol used to encrypt emails.
GPG (GNU Privacy Guard) is the software that implements PGP.
Enigmail is a Thunderbird extension that connects to GPG to implements the encryption.
To get started, we need to first install GPG and Enigmail on our computer.
In Ubuntu and most Linux distro, GPG is installed by default. In fact, the “Passwords and Keys” (aka. seahorse) app in Ubuntu is already an implementation of GPG.
To install Enigmail, simply search for it in the Ubuntu Software Center, or use the command in the terminal:
Installing GPG in Windows is as easy as installing the GPG4Win app.
Similarly, install the GPG Suite for Mac to get started.
Installing Enigmail in Thunderbird
Once you have installed GPG for your OS, open up Thunderbird and head to “Tools -> Add-ons”. Search for the extension “Enigmail”. Install it and restart Thunderbird for it to take effect.
You should now see an “OpenPGP” option in the menu bar.
Setting up OpenPGP in Thunderbird
Click the “OpenPGP” menu and select “Setup Wizard”. Select “Yes, I would like the wizard to get me started” and click Next.
If you want to sign all your email, select “yes, I want to sign all of my email”. For selective signing, choose the “No, I want to …” option instead. Click Next.
For the encryption, decide if you want to encrypt all your outgoing email or on a per-recipient basis.
Next, the wizard will prompt you to change a few email settings to make OpenPGP work more reliably. This includes disable HTML message, view message body as plain text, disable loading IMAP parts on demand etc. If you have made a specific settings to Thunderbird that you need to use for all emails, select “No”. Else, you can safely select “Yes” and let it configures your mail settings.
The next step is to create a new key pair for signing and encrypting your email. If you have already created a keypair, you can select it from the list. If not, select “Create a new key pair” option.
You will then have to enter the passphrase.
And lastly, click Next at the Summary page and it will start to create the keypair.
Once the keypair is generated, it will prompt you if you want to generate a revocation certificate. This certificate can be used to invalidate your private key in case it gets lost or stolen.
Signing and Encrypting emails in Thunderbird
Open a new Compose window and start to enter your message. To encrypt/sign your message, click “OpenPGP -> Encrypt Message” in the menu bar. You can also select “Sign Message” as well. If necessary, attach your public key in the email so the recipient can add it to their library.
Accessing Encrypted emails in Gmail
Thunderbird is used by many people and thanks to its open-source nature, adding an encryption mechanism to it is very simple as well. Once you have set it up, you will be able to receive and send encrypted emails without much issue.
Image credit: Computer security by BigStockPhoto