This is my second security related post. In searching for an easy way to encrypt email messages, I discovered that every technique was far to difficult to gain wide acceptance. How many of us use anything but web-based email anyway? POP3/IMAP email is what your ISP offers you when you sign up for your Internet access and, to my mind anyway, it’s a thing of the past. When you change ISPs, do you really want to change your email too? With web-based email (think Hotmail or Gmail), your email address is permanent, more or less.
Besides the problem with changing ISPs and having to change your email address, POP3/IMAP systems require you to download your email to your computer in order to read it. If there is a virus or malware in your email, it’s pretty obvious that it’s on your computer now, too. With web-based email you would have to download an attachment or click on a link in order to get burned by malware or a virus. Sure, it can still be done but the email isn’t on your computer. It’s on your email company’s servers and those are usually protected by reasonably robust virus scanners.
Given all the above information, what is the easiest way to encrypt your email? Well, my best bet would be Locknote by Steganos. As described in my last post : Security and Encryption , Locknote is a free, self-contained encryption container, program and message all in one unit. Every other method required the use of a fully installed program, keys and confusion. Locknote is as simple as the proverbial pie. Here’s how you use it to encrypt your email:
1. Download and unzip Locknote.
2. In the Locknote folder, copy the locknote.exe file and put it on your desktop. Leave the original locknote.exe in the original folder.
3. Double-click the .exe file and you’ll see this:
4. The text that you see is a description of what Locknote is. Highlight and delete that text and write your own note here. Sure, it looks like hell but it’s just an email message, nothing fancy anyway. When you are finished, close Locknote using the red X up on the top right. This is what you will see next:
5. This is where you are in control of your own destiny as far as sending encrypted email. A strong password is made up of three things: letters, numbers AND symbols. Don’t use a phrase or a name, use a series of numbers, letters and symbols. Symbols are !@#$*&^%, things like that. Use more then eight, fourteen is a good number here. Once you have settled on a password, and there are lots of ways to remember a good one, type it into the space and then enter it again in the second space that pops up next. Click OK.
6. At this point your Locknote.exe file is encrypted. No one can open it without the password that you just entered. Even you can’t open it if you have forgotten your password. Locknote uses ‘AES 256bit encryption’ and it’s secure, believe me. You can open the file, change the text and close it. Locknote will use the same password each time you close the program after asking you if you want to save the changes. The note can be changed 100 times but the password will stay the same UNLESS you decide to change the password. (File, Change Password)
7. Once your ’email’ note is written, you have to do one of two things in order to email it to someone. Actually, three things because you have to somehow get the Locknote password to that other person. You can use a separate email, a text SMS message or a telephone call. Think of something creative but DON’T put the password in the same email as your Locknote attachment.
Here are the two things you can do. Choose one, whatever is simplest for you and your recipient:
1. Since you can’t send an ‘.exe’ file in an email. Here is what you’ll see:
In order to get around this, you’ll have to change the file type from ‘.exe’ to ‘.txt’. Right-click the file and choose rename. Move the cursor to the far right, backspace three spaces (to the period) and type txt. Then hit enter and you’re done. Now you have locknote.txt on your desktop. If you try to open this file, Notepad will open it, no problem, but it will show as gibberish.
Open Hotmail or Gmail and attach the file ‘locknote.txt’ to it. In the body of your message, tell the recipient to download the file and then change the last three letters to ‘.exe’ instead of .txt. At that point, Locknote will work again. Your friend just has to double-click it, enter the password and read your message. To reply, all they have to do it delete your text or add to it and reverse the process.
2. The other way to send Locknote through your web-based email is to make a zip file. Right click, choose ‘add to zip’, choose a name and that’s it. Send it off as an attachment and have the person on the other end unzip it. Fairly easy but I prefer the first option.
If all of this seems too technical or too difficult, then you have to trust that no one else will read your email. If you really want to keep your email private, this is by far the easiest way. If any part of this is confusing, comment or ask me on Twitter.
Thanks for reading! Follow me on Twitter: @_BrianMahoney
One thought on “Email Encryption”
Comments are closed.