High security encryption for email. PassLok is in no way associated with Gmail, Yahoo, or Outlook.
TAKE PRIVACY INTO YOUR OWN HANDS
Easy, end-to-end secure encryption for email, plus real-time chat, that does not rely on servers and is therefore immune to hacking or government intervention. Right now PassLok for Email supports Gmail, Yahoo, and Outlook online.
--PassLok for Email is incredibly easy to use--
To encrypt a message or file, just click the PassLok icon at the bottom of the Compose or Reply box. A popup will take your private message and encrypt it with the click of a button. Then you can send it out like any other message, or as an attachment.
To decrypt it, click the PassLok icon at the top of the encrypted message. A popup will show the decrypted message or file immediately, or will tell you if there is any problem.
PassLok asks you for your Password only once. It can be anything you want, so you can actually remember it. PassLok will evaluate its strength and compensate for its weakness by lengthening the computations. It won't be stored or sent anywhere, and PassLok will forget it after five minutes of inactivity.
If you want to change your Password, go ahead and start using a new one when PassLok asks you for it. You may be asked for the old Password if PassLok can't decrypt something, but otherwise that's all you'll have to do.
--Lots of power in a slender package--
You can use either of these two encryption modes, by just clicking a button:
1. Signed mode: encrypted messages can be decrypted again, so long as the recipients supply their authentic passwords. Recipients are also assured that the message was encrypted by the sender.
2. Read-once mode: after a few encrypted messages have been exchanged they can no longer be decrypted by anyone, even if they supply the correct passwords.
In addition, you can make encrypted chat invitations which, when decrypted by the recipients, open a webRTC real-time chat session where participants are directly connected to one another. The chat session includes text, files, audio, and even video.
PassLok for Email allows you to encrypt files and images as well. Just load them with a toolbar button. You can also encrypt them separately and load them as regular attachments.
You can also communicate with users of services not supported by PassLok for Email. They can use PassLok Privacy (also in the Chrome store), which has a special mode fully compatible with PassLok for Email.
For the very paranoid (and who isn't these days?), PassLok for Email includes four special features:
1. Encrypt to image: the message is encrypted into an image you supply and then attach to your email, so the presence of a hidden message cannot be detected even by computer analysis.
2. Concealed mode: the encrypted message does not look encrypted, but actually looks like normal text. PassLok still detects it and decrypts it normally, though.
3. Invisible mode: the encrypted material cannot be seen at all. It is hidden in the space between the lines of an otherwise normal message.
4. Hidden msg: there is a hidden message in addition to the regular message, and it is encrypted by a separate key. The hidden message is completely undetectable to those who don't know it exists. Images also can contain hidden messages.
--State-of-the art security--
PassLok is based on the NaCl encryption engine, which uses 255-bit standard elliptic curves vetted against weaknesses by experts. On top of that, it uses the 256-bit XSalsa20 symmetric cipher, a high-performance, open source algorithm, which has been scrutinized by experts for nearly a decade without any practical weaknesses being found.
The image-encryption part of PassLok, developed in-house but open-source, has recently been shown to be much harder to detect than F5, the champion steganography tool until now.
PassLok does not use servers that might eventually compromise your private data. All encryption is done client-side. All data sent to the email server is encrypted, and they don't have the password that decrypts it.
With PassLok, you can actually SEE that that your messages have been encrypted. You can also see the code. PassLok hides nothing from you.
PassLok for Email is now in public beta testing. To report any bugs or suggest improvements, please submit them as "Issues" at this GitHub page:
Authentication for the latest version, which is 0.4.7:
This is the SHA256 of the .crx file obtained from the Chrome store, as described in the Help document: ac5790fc31893e0ec20f2ec51728d4dab6d24376531a4fac03c5a30d05cc9f26
And this is the SHA256 of the .xpi file obtained from the Firefox store: c9fc1d7d8788b761f867d47b47db71d1b5ac3906c00b4a3ad2c98453b7780722