High security encryption for email. PassLok is in no way associated with Gmail, Yahoo, or Outlook.
ATTENTION CURRENT USERS:
version 0.4 is around the corner. There are multiple enhancements in this version, which require the format of encrypted items to change. This means that you won't be able to decrypt items encrypted by the current version, and that Read-once conversations in course will need to be reset. We apologize for the inconvenience.
TAKE PRIVACY INTO YOUR OWN HANDS
Easy, end-to-end secure encryption for email, plus real-time chat. Right now PassLok for Email supports Gmail, Yahoo, and Outlook online.
--PassLok for Email is incredibly easy to use--
To encrypt a message or file, just click the PassLok icon at the bottom of the Compose or Reply box. A popup will take your private message and encrypt it with the click of a button. Then you can send it out like any other message, or as an attachment.
To decrypt it, click the PassLok icon at the top of the encrypted message. A popup will show the decrypted message or file immediately, or will tell you if there is any problem.
PassLok asks you for your Password only once, as soon as you ask it to encrypt or decrypt something. It can be anything you want, so you can actually remember it. PassLok will evaluate its strength and compensate for its weakness by lengthening the computations. It won't be stored or sent anywhere, and PassLok will forget it after five minutes of inactivity.
If you want to change your Password, go ahead and start using a new one when PassLok asks you for it. You may be asked for the old Password if PassLok can't decrypt something, but otherwise that's all you'll have to do.
--Lots of power in a slender package--
You can use either of these two encryption modes, by just clicking a button:
1. Signed mode: encrypted messages can be decrypted again, so long as the recipients supply their authentic passwords. Recipients are also assured that the message was encrypted by the sender.
2. Read-once mode: after a few encrypted messages have been exchanged they can no longer be decrypted by anyone, even if they supply the correct password.
In addition, you can make encrypted chat invitations which, when decrypted by the recipients, open a webRTC real-time chat session where participants are directly connected to one another. The chat session includes text, files, audio, and even video.
PassLok for Email allows you to encrypt files as well. Just select the file with a button.
You can also communicate with users of services not supported by PassLok for Email. They can use PassLok Privacy (also in the Chrome store), which has a special mode fully compatible with PassLok for Email.
For the very paranoid, PassLok for Email includes two special features that you can turn on at any time:
a. Hidden mode: the encrypted message does not look encrypted, but actually looks like normal text. PassLok still detects it and decrypts it normally, though. In Gmail, there is also Invisible mode, where the encrypted message cannot be seen at all.
b. Decoy mode: there is a hidden message in addition to the regular message, and it is encrypted by a separate key. The hidden message is completely undetectable to those who don't know it exists.
--State-of-the art security--
PassLok is based on the NaCl encryption engine, which uses 255-bit standard elliptic curves vetted against weaknesses by experts. On top of that, it uses the 256-bit XSalsa20 symmetric cipher, a high-performance, open source algorithm, which has been scrutinized by experts for nearly a decade without any practical weaknesses being found.
PassLok does not use servers that might compromise your private data. All encryption is done client-side. All data sent to the email server is encrypted, and they don't have the password that decrypts it.
With PassLok, you can actually SEE that that your messages have been encrypted. You can also see the code. PassLok hides nothing from you.
PassLok for Email has just entered beta testing. To report any bugs or suggest improvements, please submit them as "Issues" at this GitHub page:
Authentication for the latest version, which is 0.3.1:
This is the SHA256 of the .crx file obtained from the Chrome store, as described in the Help document: 2dd92b64329675580d300324e259bc61e2d319517dfb9b5c8fd9bcf547f641cb
And this is the SHA256 of the .xpi file obtained from the Firefox store: 74632cef269e1c72666c3e950ade8116a7dcf73dc50d5e564f668e44172dc313