Safe email account to use? What do yall recommend?

[grey]

it seems that you do need to have an agreed upon password between sender and receiver if you want to send encrypted from tutanota to a non tutanota account.

This is true of literally any asynchronous encryption email. The encryption only works if you have access to the receiver's Public key when sending (as you do when they are members of the same service). When you don't have his Public key, you send unencrypted.

Not the same as a "secret key" though. Like PGP of any type, the Public Key only gives you the ability to encrypt. Without the Private Key of the pair (which you as the sender don't need ever) the email cannot be decrypted. The receiver has this key though and can decrypt.

Don't use "shared secret" systems. The key distro problem with you in the ass everytime.

 

[Winnie the Pooh]

According to Tutanota, the process is as follows:

Q. How do I send an encrypted email to another Tutanota user?

A. Upon sending emails from Tutanota to Tutanota all emails are encrypted automatically on your device. You do not have to enter any passwords.


Q. How do I send an encrypted email to an external recipient?

A. When sending an encrypted message to an external recipient, to someone who does not use Tutanota, you have to exchange a password once. The sender enters a password before sending the email. Once set the password will be automatically saved along with the contact in your Tutanota address book. Next time, you simply specify the recipient and Tutanota automatically enters the password. The password needs to be exchanged via a second channel.

The external recipient

- receives a notification email with a link to Tutanota (browser opens up),

- enters the exchanged password,

- can read the automatically decrypted email, reply confidentially, export all exchanged messages and save them locally.

Note: The link within the notification email contains a salt which is needed for decryption along with the password. Thus, someone who wants to intercept your encrypted messages needs the exact link and the password. (An old link gets deactivated as soon as you send a new email to the same email address.)

 

[Do3Gs]

According to Tutanota, the process is as follows:

Great explanation. Thank you.

 

[Skull]

According to Tutanota, the process is as follows:

Yep that sums up what I thought about their having to he a password to send the encrypted email to a different email provider. Thanks bro....Good find!!!!

 

[Winnie the Pooh]

As may be apparent, from my posts, I am a great fan of PGP, if for no other reason than it is endorsed by Edward Snowden, and he knows a damn sight more than I do.

If you are running Windows or Linux, then I would highly recommend the use of GPG4USB. This project has been around for several years. The nicest thing about GPG4USB is its' interface -- when you launch the program, you have a button-bar at the top, a menu in the left-hand pane, and a list of PGP keys in the right-hand pane.

Keys for which you have the private half to (in other words, your keys) have a little gold/silver pair of keys beside them.

To encrypt a message, merely type your message in the editor pane. Then place a check in the boxes next to the keys that you wish to encrypt to. Press the Encrypt button, and your orignal message in the left-hand pane will be replaced with the encrypted version.

To decrypt a message, just paste the encrypted message into the editor pane, and press the Decrypt key -- you will be prompted for a passphrase. If correct, the decrypted message will appear in the left-hand pane replacing the encrypted message that was there before.

As the name implies, the software and PGP key can be kept on a USB stick or SD card, but it doesn't have to -- you could just as easily run it from a folder on your HD.

You can get GPG4USB from their homepage: gpg4usb - project : home -- just download the .zip file and unpack.

 

[planedriver]

One thing I have found is to ask if the site has a tutanota account. Folks I have felt with have multiple accounts including tutanota. That way it is secure without the password.

 

[OlderWolf]

The password needs to be exchanged via a second channel.

If this password is exchanged through a regular e-mail account; i.e. hotmail, wouldn't it be a way for someone lurking to intercept your message to have the key to decrypt them? Or what would be the safest way to give an external recipient a password? Or could you send an unencrypted email first with the password using tutanota then the encrypted email?

I know this is an old thread but if anyone has any ideas i'd appreciate it.