Chrome: Privacy is a precious commodity now that we know companies track us on the web. If you’d like more security, SecureGmail is a Chrome extension that makes it easy to encrypt your Gmail messages with a password only your recipient should know.
Once installed, you’ll see a lock icon right next to the “Compose” button in Gmail. Click it to enter “secure compose” mode, where your message text will be encrypted before you send it, and no drafts are saved to Google’s servers, so you don’t have unencrypted data at rest. You’ll be prompted to enter a password that the recipient will have to use to decrypt the message when they get it. You can even enter a password hint for them to jog their memory if they don’t remember what it is. Even if they don’t have SecureGmail installed, they’ll be prompted to install it first, and then enter the password to read your message. Ideally, you’ll give the recipient the password by some secure means, like a phone call or face-to-face.
The whole project is open source, and the code is available at GitHub if you’re interested. SecureGmail uses symmetric encryption to encrypt and decrypt each message, so picking a strong password is key. This method also eschews other, more traditional methods of encryption, like PGP, for example. Still, I tried it out and it works well. For a more in-depth discussion on the development process and how the tool works, hit the Hacker News link below. It’s really interesting, and even touches on the limits of the encryption used here.
SecureGmail is an encryption tool by the folks behind Streak, a CRM tool for Gmail. SecureGmail isn’t the only tool in town for this though. There’s also Mailvelope, a tool we’ve mentioned before, which supports Firefox as well as Chrome, and works with other webmail providers as well as Gmail and Google Apps. The extension is free, the encryption works like a charm, and you can grab it from the link below.