Differences

This shows you the differences between two versions of the page.

--- flowcrypt [2026.01.07 13:59] – Steve Isenberg
+++ flowcrypt [2026.01.16 13:55] (current) – Steve Isenberg
@@ Line 8: / Line 8: @@
 ⸻
-====== PGP Encrypted Email on iPad Using Gmail + FlowCrypt ======
+====== I. PGP Encrypted Email on iPad Using Gmail + FlowCrypt ======
 This guide explains how to add true end-to-end encrypted email (OpenPGP / PGP) to a Gmail account on an iPad using FlowCrypt.
@@ Line 66: / Line 66: @@
 ==== 4. Back Up Your Private Key (CRITICAL) ====
-You must back up your private key to avoid permanent data loss.
+You must back up your private key to avoid permanent data loss.  \\ //I do this using my free password manager, KeePass. [[security presentation|Learn about KeePass and protecting your passwords]]//
 Recommended backup locations:
@@ Line 112: / Line 112: @@
 ===== Gmail App Behavior =====
-	•	Encrypted messages cannot be read in the Gmail app
+  * Encrypted messages cannot be read in the Gmail app
-	•	Gmail shows a placeholder such as:
+  * Gmail shows a placeholder such as: “This message is encrypted”
-“This message is encrypted”
+  * You must open FlowCrypt to read or reply securely
-	•	You must open FlowCrypt to read or reply securely
 This is expected and normal.
@@ Line 181: / Line 179: @@
 ⸻
-Here are clear, DokuWiki-formatted instructions for viewing and sharing your public key in FlowCrypt on an iPad.
-You can paste this directly into your wiki.
+====== II. Viewing and Sharing Your Public Key (FlowCrypt on iPad) ======
-⸻
-====== Viewing and Sharing Your Public Key (FlowCrypt on iPad) ======
 Your public key is what others need in order to send you PGP-encrypted email.
@@ Line 251: / Line 244: @@
-Anyone can have this key. Only you have the private key.
+The … is hundreds of apparently random characters.  Anyone can have this (public) key. Only you have the private key (and don’t give the private key to anyone).
 ⸻
@@ Line 270: / Line 263: @@
 ===== Security Notes =====
-	•	Sharing your public key is safe
+  * Sharing your public key is safe
-	•	Never share your private key
+  * Never share your private key
-	•	Protect your private key with:
+  * Protect your private key with:
-	•	Strong passphrase
+    * Strong passphrase
-	•	Secure backup (password manager, encrypted vault)
+    * Secure backup (password manager, encrypted vault)
 ⸻
 ===== Quick Troubleshooting =====
-	•	Can’t see the key?
+  * Can’t see the key?
-	•	Make sure a key exists under Settings → Encryption Keys
+    * Make sure a key exists under Settings → Encryption Keys
-	•	Multiple keys listed?
+  * Multiple keys listed?
-	•	Use the one marked Active
+    * Use the one marked Active
-	•	Recipient can’t encrypt to you?
+  * Recipient can’t encrypt to you?
-	•	Confirm they imported your public key correctly
+    * Confirm they imported your public key correctly
 ⸻
+====== III. Sending Encrypted Email with a Shared Password (FlowCrypt) ======
-If you want, I can also:
+FlowCrypt primarily uses public-key (PGP) encryption, but it also supports password-encrypted messages for recipients who do not use PGP.
-	•	Add fingerprint verification steps
-	•	Explain key rotation and expiration
+This method uses a shared secret (password) instead of a public key.
-	•	Provide a short checklist version for your wiki
+⸻
+===== How Password-Encrypted Messages Work =====
+  * You choose a shared password
+  * The message is encrypted using that password
+  * The recipient receives: An email with a secure FlowCrypt link
+  * They enter the password in their browser to read the message
+  * No PGP software is required for the recipient
+⸻
+===== When to Use This Method =====
+  * Recipient does not use PGP
+  * One-time or infrequent secure messages
+  * You can safely share a password out-of-band
+    * Phone call
+    * Text message
+    * In-person
+⸻
+===== Limitations Compared to PGP =====
+	•	Not true end-to-end PGP
+	•	Relies on FlowCrypt’s secure message portal
+	•	Less suitable for long-term or repeated communication
+	•	Password must be shared securely ahead of time
+⸻
+===== Sending a Password-Encrypted Message =====
+==== Steps ====
+  - Open FlowCrypt
+  - Tap Compose
+  - Enter recipient email address
+  - If no public key is found, FlowCrypt will prompt: Send a password-encrypted message
+  - Choose a strong password
+  - Send the message
+  - Share the password with the recipient via a different channel
+⸻
+===== Recipient Experience =====
+	•	Recipient receives an email with a link
+	•	Clicks the link
+	•	Enters the shared password
+	•	Reads the message in a secure web page
+	•	Can reply securely using the same password
+⸻
+===== Security Best Practices =====
+	•	Use a long, unique password
+	•	Never send the password in the same email
+	•	Avoid reusing passwords
+	•	Set expiration dates if offered
+⸻
+===== Comparison: Public Key vs Shared Password =====
+^ Feature ^ PGP (Public Key) ^ Shared Password ^
+| Encryption type | True end-to-end | Password-based |
+| Key exchange | Public key | Shared secret |
+| Recipient setup | Required | None |
+| Best for | Ongoing secure email | One-off messages |
+| Reliance on FlowCrypt | Minimal | Required |
+⸻
+===== Important Notes =====
+	•	Subject lines are not encrypted
+	•	Gmail cannot index encrypted content
+	•	Password-encrypted messages may expire depending on settings
+⸻
+===== Recommendation =====
+	•	Use PGP public keys for regular, privacy-critical communication
+	•	Use password-encrypted messages only when PGP is not feasible
+⸻
+====== IV. Why FlowCrypt on iPad and iPhone  Does Not Offer “Shared Key” Messages ======
+When composing an email in FlowCrypt on iPad, you may only see:
+	•	Send unencrypted
+	•	Cancel
+and no option to send a password-encrypted (shared secret) message.
+This is by design.
+⸻
+===== Platform Limitation (Important) =====
+FlowCrypt features differ by platform:
+^ Platform ^ PGP (Public Key) ^ Password / Shared Key ^
+| Chrome extension (desktop) | Yes | Yes |
+| Web app (desktop) | Yes | Yes |
+| Android | Yes | Limited |
+| iOS (iPad / iPhone) | Yes | No |
+👉 iOS FlowCrypt only supports PGP public-key encryption.
+Password-encrypted messages are not implemented in the iOS app.
+⸻
+===== Why FlowCrypt Disabled Shared-Key on iOS =====
+  * FlowCrypt has stated (and demonstrated by behavior) that: Password-encrypted messages rely on a secure web portal
+  * This requires browser-based flows that are:
+    * Less reliable on iOS
+    * Harder to secure consistently
+  * FlowCrypt’s security model on iOS is:
+    * PGP only
+    * Or plaintext
+So if no recipient public key is found, on iOS (iPad, iPhone) FlowCrypt will only offer:
+  * Send unencrypted
+  * Cancel
+⸻
+===== What This Means Practically =====
+On an iPad and iPhone:
+	•	You cannot send encrypted email to non-PGP users using FlowCrypt
+	•	There is no hidden setting to enable shared passwords
+	•	Reinstalling or changing settings will not help
+This is a hard limitation, not a configuration issue.
+⸻
+===== Your Available Options =====
+==== Option 1: Use PGP Only (Best Security) ====
+  - Ask recipient to install:
+    * FlowCrypt
+    * Thunderbird
+    * Proton Mail (PGP mode)
+  - Exchange public keys with recipient
+  - Communicate securely end-to-end
+⸻
+==== Option 2: Use Desktop FlowCrypt for Shared-Key Messages ====
+If you occasionally need password-encrypted messages:
+	•	Use FlowCrypt Chrome extension on a desktop
+	•	Send the password-encrypted message there
+	•	Continue PGP communication on iPad
+⸻
+==== Option 3: Use a Different Tool for Shared Password Messages ====
+If your use case is mostly shared-secret messaging:
+	•	Proton Mail (password-protected emails)
+	•	Secure file sharing + separate email
+	•	Encrypted notes + link sharing
+FlowCrypt on iOS is not designed for this scenario.
+⸻
+===== Summary =====
+  * FlowCrypt on iPad and iPhone cannot send shared-password encrypted messages
+  * Seeing only “Send unencrypted” is expected behavior
+  * PGP public-key encryption does work fully
+  * Shared-key encryption requires desktop FlowCrypt
+⸻
-Just say the word.