Top Tip! How To Encrypt And Secure Your Email
This guest post was written by Keshav Khera from TechAlerts, where he blogs about Technology, Web 2.0, Internet and blogging. Do visit his blog for more great content and Subscribe to his feed for regular updates.
Email is private, right? Think again. All your email can be read, and not just by your friends. Be careful of what you send out, since it just might return to haunt you. There are ways to keep email safe, but this information is not widely known.
Whether it is your competitor, getting hands on your super sensitive official data or your personal life being made a part of the office gossip, the consequences can be severe.
Setting up a good password only protects your inbox and in fact when you send an email message, it is transferred in clear text and can be read by anybody peeping into the network.
Securing you Email, involves two factors to be kept in mind, Encrypting and Digitally Certifying your mail message. So lets follow the steps and proceed toward making your email private to just you and your friend receiving it.
Digital Certificates
A digital certificate is a public key certificate(or identity certificate) is an electronic document which incorporates a digital signature to bind together a public key with an identity information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.
Digital Certificates or signatures are the solution to the age old problem of verifying the identity of the sender. To get a digital signature, you will have to apply to company which supplies digital signatures. If you want a digital certificate to use commercially, you can get one from VeriSign, but a small fee will be charged.
Here I will talk about mainly of free non commercial signatures. You can get free digital signatures for non commercial use from Thawte and Comodo.
I myself used Comodo, because its user response is good and its certificate retrieval process is very easy and simple. So here I will explain the process taking Comodo in mind.
Getting Them
- Surf to http://www.comodo.com/
- Click the FREE Email Security Certificate(You can click here too) link under the “Free (means Free) Products” tab.
- Click the “Get Your Free Email Cert Now”
- You will be taken to a page where you will have to enter your details such as name, email address, country, password and agreement etc.. Enter all those and click continue button.
- You will be sent a mail with a link to get the certificate. Click the link in the mail for getting the cert.
- A new page will open telling you that your certificate has been installed and is ready to use. But the problem is that you can’t see it.
- Now the next step will be making a backup of the certificate.
- If you are using Firefox, follow the steps: Go to Tools> Options> Advanced> Encryption> View Certificates The Certificate Manager window will open and you certificate will be listed there (if it’s not listed, then recheck all the steps you have followed). Select your certificate and click the Backup button> Select the location and enter the password which you have selected upon registration.
- If you are using Internet Explorer, follow these steps: Go to Tools> Internet Options> Content> Certificates and follow the same instruction as above of backing them up.
- Backing up your certificates is important,because if you loose your certificate, you will not be able to prove your identity as well as email encrypted with that signature will not be ale to open with out it.
We will come to the mail clients later. First let us see the Encrypting part.
Encryption
Signing and Encrypting the messages are two different aspects. When you sign a mail message, the receiver gets to know that you have sent it, it just proves your identity. But when you encrypt a mail message, the receiver will be the only person who will be able to OPEN it. So to encrypt messages, you and the one receiving the message, both should have Certificates and should have conversed with mail messages before. With this I mean that when you and your friend interact with email, the email client of both of you, recognizes your certificates. So in short, for enabling encryption, you and your friend should first exchange Digitally Signed messages. Just click the sign button and leave the encrypt button in the mail client.
Using Them In Your Mail Client
Just click the New mail Button and click the Sign and Encrypt buttons but do remember what I said in the Encryption part above, and there you go with your super safe mails. So next you get a signed mail, you will see a lock image in your mail client with that mail.
Encrypted emails can only be opened on a computer on which the certificate is installed. So you can backup your certificate on flash drive or online and install it whenever and wherever you need to read your mails.
I think I have made everything clear as much as possible, but still if you face problems you can submit a comment here or just email me.
Related Posts
Why don’t you recommend OpenPGP, even while its the most used email encryption method?
Check http://www.secure-my-email.com/ while you are at it, too.
here….the basic concept of encryption is explained..otherwise there are many other tools too.
very good post keshav… its really usefull.. i think comodo is good..
Isn’t the emails already secured by the email service provider???? .. the above post of yours is useful in case of people sending emails from office or public LAN right
I am using only GNUPG which does the job. Should be enough for everybody out there.
@Shashank
No, the email are transfered in clear text and can be read by anybody stealing the packets.
@anonymous email
Ya, you can use other tools such as OpenPGP, GNUPG etc… This is just a piece of knowledge which explains what actually happens.
Hi,
I myself had been trying to get a digital signature and also secure my emails using the key provided by VeriSign. But here, I have a problem. I normally don’t use desktop email clients. And as for web mails, I use GMail and Yahoo. How do you think I can encrypt my emails, in that case?
Regards.
i have a question
can yahoo read our email ?
because if they can read it there is no point in encrypting
(just a nOObish Question )
Think that the company on which u have your mail can read them. Here is an analogy for you… telephone company can listen to your speaks. That awful. They can say that the letters are encrypted, but what can hinder them? I use the http://www.strongvpn.com service to prevent my data and also letters.
There are a number of other free certificate providers available that you should consider. I’ve just posted a review comparing 9 of them here: http://tech.niques.info/choosing-free-digital-certificate/ . I believe thawte is a better choice than Comodo because you can get your identify verified through the Web of Trust, and the certificate is also usable for SSL client authentication. If you need your certificate for business purposes then try CACert or StartSSL but you may need to start installing root certificates, and it becomes more difficult for end users to configure.
about american income life insurance comapany…
mutterers Eastland agreements!overwhelms:modus plaintexts …
I just love your weblog! Very nice post! Actually you can do many thing to imporve it.
Wow, this was an excellent article. I really enjoyed this one, I’m going to have to subscribe to your blog!
Can you provide more information on this?
I really like the article I will be linking back.
Thanks for the excellent post. I agree 100%. Keep up the good work!
I agree with your comments - it must be that great minds think alike.
Excellent article , i just share it with my friend of Taiwan. I Stumble UP your blog post , you will notice an increase of traffic within 24 hours for targeted people. Cheers , Ander
Excellent articles and great blog, i shared it with my Digg friends on New York , Stumble UP ! , Cheers Andy Colleman - Chicago
Nice to see you posting on this topic, I need to book mark this site. Keep up the good work.
Great and Excellent article post, i was looking for this information on google while i found your info, definely i Digg your blog post ! Cheers , Collin - New York
Really nice work! I thoroughly enjoyed your article. Please post more often when you have time. thanks.
Really nice work! I thoroughly enjoyed your article. Please post more often when you have time. Thanks.
Nice blog you got. Keep it up
I found your blog on google and read a few of your other posts. I just added you to my Google News Reader. Keep up the good work. Look forward to reading more from you in the future.
You have sparked some of my interest and I am going to do some additional research. Feel free to check out some my blog in the near future… thanks
I emailed this link to my sister. She has been looking for this info for a long time.
Thanks for all the help dude.
I have a problem. Even If I send the message encrypted, the client can open it without the certificate installed. What could be happening?
Hope you can answer me.
I like your site and wanted to know if you would be interested in exchanging blogroll links.
Leave your response!
Get Latest Updates by Email
My Blogs
Advertisement
Recent Posts
Categories
Recent Comments
Top Commentators