How To Install Pgp On Windows

How to utilise PGP encryption on Windows for costless

Paranoid well-nigh your emails? Want to send them in ane of the safest ways possible? And then this guide on using PGP encryption on Windows has everything you lot demand. If y'all are looking for a background on PGP, who invented information technology, and how it works on a deeper level, head to our more extensive guide on PGP encryption and how information technology works.

If you would adopt to dive straight in and start communicating securely, then stick around. This tutorial has screenshots and directions for every step of the style, making it like shooting fish in a barrel to install, set up and use PGP encryption.

In order to run PGP smoothly and with the least risk to your privacy and security, we volition combine several different pieces of software. The offset of these is the PGP encryption package Gpg4win, which is an installation for Windows that comes with the Gnu Privacy Guard (GPG) and some additional components.

On peak of Gpg4win, nosotros will also be using an electronic mail client from Mozilla chosen Thunderbird, and Enigmail, which is a Thunderbird addon that brings everything together. The best role is that all three of these downloads are free, then it won't cost anything to go upwardly and running.

Y'all will be using these three components with your own electronic mail accost. Ideally, this accost should come from a provider that has a reputation for taking security and privacy seriously, but these directions will nonetheless piece of work with any sometime Gmail or Hotmail business relationship. And so strap yourselves in and become ready to encrypt.

What'south the problem with your normal email?

Most of us use email every day, only many aren't aware of simply how insecure information technology is. Unfortunately, email isn't very safe at all. Betwixt your outbox and the inbox of your recipient, you never know who could be intercepting your letters. Criminals, the authorities, or your crazy ex-boyfriend could be reading everything that goes in and out.

The lack of security is fine in most situations. For the average person, it doesn't really matter if an interceptor reads the latest chain email to enter their inbox, or if their ISP can access their correspondence with an old friend from college.

Bug arise when y'all want to ship something valuable or sensitive. You lot wouldn't want to electronic mail your online cyberbanking password to your wife, or organize a plot to overthrow the regime through email. In both cases, the information could easily be found, leading to your funds being stolen or a very angry official knocking on your door.

What'southward the solution?

If y'all want to go on your emails safe, the all-time matter y'all tin practice is encrypt them. Past encrypting your messages with PGP, you are putting them into a complex lawmaking which can only be broken by your recipient's private central. The same goes for when you lot receive an encrypted message—your private key is the just affair which allows information technology to be accessed.

This system ways that even if someone does intercept your letters, they tin can't really read them. They volition be able to run across who you are communicating with, when the bulletin was sent, the subject championship and the metadata, but the contents of the message itself will be obscured with unreadable ciphertext.

Come across likewise: Famous codes and ciphers

Which email provider should you use?

We will exist downloading Gpg4win, Thunderbird and Enigmail in just a moment, just you will also need an electronic mail address to become started. You can use whichever one you commonly practise, but gratuitous emails similar Gmail and Yahoo are probably a bad idea. Many of these services are only free considering these companies excerpt your data and sell it to advertisers.

While Google can't scan the contents of a PGP encrypted electronic mail, information technology can still collect the metadata. If your whole motivation for using PGP is to enhance your privacy and security, so using the services of companies with such questionable records probably isn't a good start.

And then which e-mail service should you use? If y'all have a high chance-level, you may want to consider an email provider that specifically focuses on secure and private email, such as Tutanota or ProtonMail.

They both offer free plans with limited functionality, as well every bit premium accounts with more storage and features. These will toll you a few dollars a calendar month, but the expense tin definitely be worth it in a lot of cases.

Setting up PGP encryption on Windows

At present that you understand why this is such a useful organisation for securing your email, information technology's time to become started. This is a multi-step process that includes downloading and installing three separate apps, then configuring them to piece of work together.

Downloading and installing Gpg4win

Gpg4win is an open-source package of programs for Windows. Information technology comes with some document managers and plugins, but all we will need for today's tutorial is the Gnu Privacy Guard encryption software.

The first thing you need to practise is caput over to the Gpg4win website and download the encryption package for Windows.

Click on the big green push that says Download Gpg4win, followed by the version number:

You will exist taken to the post-obit screen, where you are asked for a donation:

You don't take to donate annihilation, because Gpg4win is ultimately a free software package. Despite this, it'southward of import to keep in mind that GPG is a projection that helps to secure the communications of millions of people around the earth. Donations are a disquisitional part of keeping the project alive, and so if you have some extra cash, it'south a worthwhile cause to support.

If yous don't want to donate, just click the $0 that is under the PayPal logo, then hitting the Download push button. You volition exist taken to the following page while you wait for the GPG package to download:

Once the download has finished, double click on it to run the setup wizard. This will bring you to a carte du jour where yous can choose your language. Pick whichever language y'all are most comfy with, then click OK:

You will be taken to the post-obit page, where you can merely click Next:

This brings you to a screen where you can cull which aspects of the GPG package you would like to install. All that we actually demand for our purposes is GnuPG, but downloading the default selections won't hurt. You can as well cull to download the Browser integration or GPA if you experience similar y'all will need them for something else.

Once yous take fabricated your selections, click Next:

You volition be brought to the following folio, where you can either choose somewhere to salvage Gpg4win, or simply leave the destination as is. Click Install:

Look for a few moments while Gpg4win is installed. Then yous will be taken to the post-obit page:

Click Next, then yous will end upwards hither:

Click Finish to complete the setup of Gpg4win of your estimator. You won't demand to run Kleopatra for today'south tutorial, so you lot can either deselect the box or just close the plan when it opens. Kleopatra is a document managing director which y'all can use to manage your keys, but today nosotros will exist using Enigmail instead.

Installing Thunderbird

The first footstep is to make your way to the Thunderbird website, so striking the big dark-green Download button in the middle:

Look for the file to download, and then run it. A window might pop upward, asking if you lot want to allow the program to make changes to your computer. If information technology does, click Yep. The following setup wizard will launch:

Click Next, which will bring you lot here:

If you are a ability user, feel free to go with the Custom setup option. If you aren't also technically-minded, it's probably best to choose the Standard installation instead. Click Next, which volition take you to this review page:

Review your selections, then click Install if you are happy with them. Otherwise go back through the setup wizard and change the file's location, or whichever other options you want to change.

If you do make any changes, cycle through each of the above steps again until you click Install. Look for the installation to finish, then you will be brought to the completion page. Click Finish to consummate Thunderbird'southward installation.

Setting up Thunderbird

Thunderbird should launch by itself. If it doesn't, search through your files and open up it manually. You volition be brought to this setup screen:

Make full in your name, the email address you lot would like to use and the password that belongs to that business relationship. Potent passwords are crucial, considering weak ones arrive trivial for an attacker to break into your PGP encrypted email. For more details on strong passwords, head to our tutorial on how to make strong passwords.

See also: Password Generator tool

Once you lot have entered your details, click Continue. This takes you to the following screen:

If you aren't sure what you are doing, it's probably best to leave the settings as they are. IMAP is a protocol that stores the chief copies of your email folders on the server, with boosted copies hosted locally. POP3 volition store your messages on the start device that accesses them. In general, IMAP is more than convenient when it comes to syncing your email across devices.

Once you lot are happy with your configuration, click Washed. The setup sorcerer will accept a moment to bank check your password, and so you will be led to the interface of your new Thunderbird email client.

At that place are a lot of other configuration options that you tin can experiment with in Thunderbird, such every bit setting upwards the security preferences and disabling HTML in your emails. In fact, many of these are of import for your overall condom and privacy. Despite their importance, we accept a lot of other things to comprehend in this postal service, then we volition be saving them for another day.

Setting upwards Enigmail

The easiest way to ready upwardly Enigmail is to do it from the Thunderbird customer that we just downloaded. From the chief screen of your Thunderbird inbox, you lot will meet a pocket-sized icon in the menu with three horizontal lines. It is located in the peak right, side by side to the search box.

Hover over this icon to bring up the settings. In the right column of the menu, y'all will come across Add-ons. Move your mouse across this, and then wait for the third menu cavalcade to pop up. Click Add-ons when information technology does:

This brings you to the Add-ons folio. If y'all ringlet downwards, Enigmail should be in the Featured Add together-ons section. Click on information technology:

Clicking on the Enigmail icon will take you through to the following page:

Click on the green Add to Thunderbird button. It volition bring up the post-obit popup. Click Install Now:

In the Add together-ons screen which you navigated to before, you lot can now click on the 2d option in the vertical carte to the left, Extensions:

You lot should now encounter the Enigmail icon listed amid your extensions.

To make sure that Enigmail and Gnu Privacy Guard are prepare up correctly, go back to the menu bar, hover over Add-ons in the second column until the other Add-ons menu comes up. You will now run across Enigmail beneath it. Click on information technology:

This volition accept you to the following screen:

Under Basic Settings, where it says Files and Directories, y'all want it to say "GnuPG was found in …". If it says "Could not find GnuPG", then check the box underneath that says "Override with", and enter the location where you saved Gpg4win before in the tutorial. Click Okay to caput back to Thunderbird'due south main screen.

To configure Enigmail, click on the Setup Wizard by going dorsum into the menu, then curl down to where it says Enigmail in the 2d column. Setup Magician should exist the showtime option that pops upwards when y'all hover over it:

For this tutorial, we will be sticking with the standard configuration. If you are an advanced user, feel free to choose 1 of the other settings. Click Next:

Yous will be brought to a new page for setting up your key pair. Key pairs are a crucial aspect of PGP, comprised of both the public key that your correspondents utilize to encrypt your messages, and the private cardinal, which you use to decrypt them.

If anyone ever discovers your individual key, information technology allows them to access your PGP encrypted messages. This is why it is crucial to always keep your private key safe from the optics of others. A adept solution is to continue it on a USB drive that is locked abroad in a safe.

The first thing you volition demand to do is enter a strong password to protect your keys:

In one case you take entered your countersign, click Adjacent. It may take a few minutes to generate your key, and then you will be brought here:

Click Close, then Next, which takes you to the following screen:

Click Create Revocation Document. This certificate will allow you lot to revoke your public key if you ever need to. There are several situations where y'all may want to revoke your document, such as if you lose your private key, or if you always think that your PGP details have been compromised by attackers.

To ready up the revocation document, you will have to enter the password that you merely created. Y'all volition then be led to the following page, where y'all tin choose where you would like to save the certificate:

Now y'all can click Adjacent on the Create Revocation Certificate page. You volition exist brought to the terminal screen of the setup wizard, where all y'all have to practise is click Finish.

As the last stride in setting up Enigmail, we want to brand sure that everything has been configured properly. Head dorsum into the card with the three horizontal bars, then gyre downward to Options and so Account Settings. In the menu on the left side, click on the sixth option, OpenPGP Security:

In this section, y'all desire to make sure that the checkbox that says "Enable OpenPGP back up (Enigmail) for this identity" has been ticked. This ensures that you lot are using PGP encryption through Enigmail.

Generating new key pairs

If you desire to use PGP with multiple email accounts, information technology is suggested that y'all use a different central for each one. If you are happy with the account that you have already integrated, experience free to skip this pace.

With the tools that you have but downloaded, there are two ways that you tin generate new fundamental pairs for each of your accounts. You lot tin can utilise the certificate manager, Kleopatra, or the Thunderbird addon, Enigmail. In this tutorial, we will focus on generating keys with Enigmail.

To generate another key pair, you will demand to add an additional email business relationship starting time. Y'all tin practise this by firing up Thunderbird, then clicking on the menu at the top right. Hover over Options, then click on Business relationship Settings:

This volition take you to the post-obit window. On the bottom left, click where it says Account Actions:

A submenu will pop upward. Select Add Mail Account, which will bring up the following screen:

Enter your details, and so click on Continue. Thunderbird should prepare up the account automatically. If you use a less-common email provider, y'all may have to enter these settings manually.

Once you have added the account, it'southward time to set a new key pair for information technology. Click on Thunderbird's carte du jour, hover your cursor over the Enigmail choice, so click on Key Management, which opens upwards in the new menu:

This will bring you to the following popup:

Click on Generate in the top menu. Select the New Key Pair selection that comes up in the submenu. This will bring up the post-obit screen:

At the tiptop, select the account which you would like to generate a key pair for. Then enter a strong countersign to protect your private key. If yous desire, you can alter the expiry appointment of your keys, but this is merely necessary in sure employ cases. Click on Generate primal, then wait a few moments for the program to produce your key.

Importing an old central pair

If yous already accept an existing fundamental pair which you would like to employ, become to Thunderbird's menu, and so put your cursor over the Enigmail pick which pops upwards.

Click on Key Direction, which opens up in the new menu:

This volition bring yous to the post-obit popup:

To import your key, simply click on File, then Import Keys from File. Yous tin can also click on Edit, then Import Keys from URL instead. Information technology but depends on where you want to import the cardinal from. Enigmail will then import your key from its location.

Sending and receiving PGP encrypted emails on Windows

Now that you lot accept your programs installed and your keys prepare, it's time to learn how to send PGP encrypted emails. In that location's just one more problem that nosotros have to solve commencement. Who do yous ship them to?

Adding your recipients

PGP encryption is an first-class tool for encrypting emails, but it'due south useless if you don't take anyone to talk to. To secure a bulletin with PGP encryption, you will need your intended recipient's public fundamental start.

If they are already a PGP user, it makes things like shooting fish in a barrel. They may have their key displayed on their website, you can ask them for it directly, or you can search for it on central servers.

If the person that you lot demand to communicate with doesn't already use PGP, and then you may have to convince them to ready it up in order to be able to communicate securely.

One of the most common ways of sharing a PGP key is by sending the .asc file. If your intended recipient has already sent you the .asc file for their key, save it locally, then caput back to the Key Management carte that we talked nigh in the last section:

Click on File, then Import keys from file. Navigate through your computer to where you saved the recipient's .asc file, then select it to add information technology to Enigmail.

Another option is to add the cardinal's URL. If you come across your intended recipient's URL in the post-obit format, it's elementary to add information technology in Enigmail:

All you have to do is copy the URL, then become to the Central Direction menu in Enigmail. Click Edit, followed by Import Keys from URL:

Y'all volition be brought to a new screen where you can paste the URL. Click OK, and thenOK over again on the confirmation screen. Yous will be met with a screen that says Success! Keys imported if the fundamental has been imported properly.

Another choice for finding your recipient's public key is to look them up on one of the key servers.  From the Enigmail Central Management menu, hover over Keyserver, then click on Search for Keys:

Enter the name or email of your intended recipient, then select which server yous would like to conduct the search through. Click OK to begin your search:

The results of your search volition come upwards in a new screen. If you find the correct recipient, click on their proper noun, then select OK. The recipient's fundamental will be imported and you will be met with a screen that says Success! Keys imported.

Distributing your public key

It'southward just equally important for potential contacts to be able to detect your PGP key equally it is for you to be able to observe theirs. If you are already talking to someone through an insecure channel, only want to switch to PGP, you can send them the .asc file for your public key. This volition allow you to proceed your correspondence in a secure fashion.

One of the simplest ways to transport the .asc file is through Thunderbird. Begin by composing an email. Add the recipient's address and any relevant bulletin. When yous have finished, go to the Enigmail menu, and so click on Adhere My Public Key:

This volition add your public cardinal equally an attachment. Be aware that this doesn't encrypt your message, information technology just gives your recipient your public cardinal so that they can send yous encrypted letters in the future.

You lot tin too distribute your public key by list it on a key server. To practise this, head back to the Enigmail Central Management menu. Click on the key which you would like to place on the server, then hover over the Keyserver bill of fare. Click on Upload Public Keys:

It will simply take a few moments for your public key to upload. Once it's upwardly, people will be able to search for it on the public server.

Encrypting your emails

Now that you lot take added the keys of some contacts and they besides have your key, information technology'south time to encrypt an e-mail. Start an electronic mail as you commonly would, by going to the Write tab in the meridian left of Thunderbird's main interface.

Enter the email accost of ane of the contacts whose public keys yous have already added, then type out your message. If you want, y'all tin can include a discipline line, but make sure that it doesn't contain anything too specific or sensitive. This is critical, because subject lines and metadata aren't encrypted in PGP messages:

If the recipient'southward email accost appears in red, like it does in the to a higher place picture, then information technology ways that the public primal hasn't been associated with the e-mail nevertheless in Thunderbird.

Thunderbird will by and large do this automatically, every bit long as it can notice the correct public key. When you send the contact subsequent PGP emails, their email accost should appear in blackness instead.

Notice a lock icon in the menu above the sender address. It will either be a blackness lock with a red Ten, or a gilded lock with a green tick. To encrypt your message, click this icon to make sure it shows the gold lock with the tick.

Once y'all have washed this, simply click Send and your encrypted bulletin will be delivered to your recipient'due south inbox. They will but be able to admission it by entering their individual key. If an attacker intercepts the message, all they volition see is the ciphertext.

If your recipient doesn't already have your public key, yous may desire to attach information technology using the method discussed earlier nether Distributing your public key. This makes it easier for your recipient to reply in an encrypted format.

Decrypting PGP encrypted email southward

When you lot receive a PGP encrypted email, double click on information technology. A new window volition then come up, asking yous to enter your password. Type it in, then click OK:

Every bit long every bit you entered your password correctly, the bulletin should open up as plaintext, allowing you lot to read it:

Now that you know how to decrypt your messages, you take all of the data you need to ship and receive letters in a secure mode. Certain, PGP is a bit more difficult to get used to than normal electronic mail, but it is significantly safer.

When to utilise PGP encryption depends on your threat model. Almost people will just ship emails with information technology when they demand to discuss sensitive or valuable data. They tend to prefer standard email in other situations for its simplicity and universality.

If you lot face greater risks or but to prefer to err on the side of paranoia, you may cull to send all of your messages through PGP, despite the extra attempt. I of PGP'southward greatest advantages is that it gives you lot the freedom to enhance your security when you demand to, every bit well as offering a range of configuration options to accommodate each user'southward individual needs.

Why should y'all use Gpg4win, Thunderbird & Enigmail together?

There are a number of dissimilar ways that you tin send secure emails, including both paid and gratuitous options. The combination of Gpg4win, Thunderbird and Enigmail stands out for a few unlike reasons.

I of the most important is that all of these components are open source, and they have a potent community behind them. This customs is incredibly dedicated to providing safe communication options to its users.

Another key factor is that all of these downloads are free, which means that fifty-fifty those without much money tin implement the security features that they need. This is especially important for activists and whistleblowers across the world.

When considering the secure messaging alternatives, virtually of the big tech companies have some decent security features in their software packages, besides as options for secure messaging.

In many situations, these offerings can exist fine to apply without any negative results. Despite this, companies like Google and Microsoft have pretty poor records when it comes to privacy.

Many people prefer to stay abroad from these tech giants and their proprietary software, instead choosing to go with open-source options whose code can be inspected by anyone. This is why the combination of Gpg4win, Thunderbird and Enigmail is incredibly popular in the privacy community.

One of the few minor problems with this setup is that it is a little more than hard to configure than some of its alternatives, but it's nothing that the average internet user shouldn't be able to handle.

Considering what this software combination offers in terms of security and customization, the actress bit of tinkering isn't too much of a trade-off. Together, Gpg4win, Thunderbird and Enigmail is an excellent package for keeping your communications safety.

Run across also: Public fundamental cryptography

Source: https://www.comparitech.com/blog/information-security/pgp-encryption-windows-free/

Posted by: olivasbobsoo.blogspot.com

Share this post