~~NOCACHE~~
//This page last changed ~~LASTMOD~~ Visits: {{counter|today| time| times}} today,
{{counter|yesterday| time| times}} yesterday, and
{{counter|total| time| total times}}.//
This is a work in progress, bear with me
⸻
====== I. PGP Encrypted Email on iPad Using Gmail + FlowCrypt ======
This guide explains how to add true end-to-end encrypted email (OpenPGP / PGP) to a Gmail account on an iPad using FlowCrypt.
FlowCrypt encrypts email on your device, so neither Google nor FlowCrypt can read your messages.
⸻
===== What You Get =====
• True end-to-end encryption (OpenPGP)
• Works with existing Gmail accounts
• Messages and attachments encrypted locally on the iPad
• Compatible with other PGP email clients (Thunderbird, Proton Mail, etc.)
⸻
===== Requirements =====
• iPad (iPadOS)
• Gmail account
• FlowCrypt app from the App Store
• Recipients who support PGP encryption
⸻
===== Step-by-Step Setup =====
==== 1. Install FlowCrypt ====
• Open the App Store
• Install FlowCrypt – Encrypted Email
• Launch the app
⸻
==== 2. Sign In to Gmail ====
• Tap Sign in with Google
• Select your Gmail account
• Approve access
Note:
FlowCrypt uses Google OAuth. Your Gmail password is never shared.
⸻
==== 3. Create a PGP Key ====
When prompted:
• Choose Create a new encryption key
• Select 4096-bit key (recommended)
• Create a strong passphrase
Important:
• This passphrase protects your private key
• If lost, encrypted email cannot be recovered
⸻
==== 4. Back Up Your Private Key (CRITICAL) ====
You must back up your private key to avoid permanent data loss. \\ //I do this using my free password manager, KeePass. [[security presentation|Learn about KeePass and protecting your passwords]]//
Recommended backup locations:
• Encrypted password manager (e.g., KeePassXC)
• Cryptomator vault
• Encrypted USB drive
Backing up allows you to:
• Add FlowCrypt on another device
• Recover access after reinstalling the app
⸻
==== 5. Share Your Public Key ====
To receive encrypted email, contacts need your public key.
You can:
• Email it to contacts
• Attach it once in a normal email
• Publish it on a public key server
FlowCrypt can automatically fetch public keys for many recipients.
⸻
===== Sending Encrypted Email =====
• Tap Compose in FlowCrypt
• Enter the recipient
• If a public key is available, a lock icon appears
• Write the message
• Attach files if needed (attachments are encrypted)
• Send
If no public key exists, FlowCrypt will warn you before sending.
⸻
===== Receiving Encrypted Email =====
• Encrypted messages appear normally in FlowCrypt
• Enter your PGP passphrase to decrypt
• Decryption happens locally on the iPad
⸻
===== Gmail App Behavior =====
* Encrypted messages cannot be read in the Gmail app
* Gmail shows a placeholder such as: “This message is encrypted”
* You must open FlowCrypt to read or reply securely
This is expected and normal.
⸻
===== Attachments =====
• Fully encrypted
• Only readable by intended recipients
• Suitable for PDFs, images, documents, and text files
⸻
===== Important Limitations =====
==== Recipient Must Support PGP ====
PGP works best with:
• FlowCrypt
• Thunderbird with OpenPGP
• Proton Mail (PGP mode)
It is not ideal for one-time or non-technical recipients.
⸻
==== Subject Lines Are Not Encrypted ====
Avoid sensitive information in subject lines.
• Bad: Medical test results
• Good: Document
⸻
==== Search and Previews ====
• Gmail cannot index encrypted content
• Message previews and search will be limited
• This is the privacy trade-off for encryption
⸻
===== Recommended FlowCrypt Settings =====
Go to Settings in FlowCrypt and enable:
• Face ID / biometric unlock
• Auto-lock timeout
• Disable lock-screen message previews
⸻
===== When FlowCrypt Is the Right Choice =====
• Regular communication with the same people
• Privacy-sensitive email and documents
• Recipients already using PGP
• You want encryption without changing email providers
⸻
===== Related Topics =====
• Importing an existing PGP key
• Sending password-encrypted messages to non-PGP users
• Using FlowCrypt on macOS or Windows
• Comparing FlowCrypt vs iPGMail or Canary Mail
⸻
====== II. Viewing and Sharing Your Public Key (FlowCrypt on iPad) ======
Your public key is what others need in order to send you PGP-encrypted email.
It is safe to share publicly and does not expose your private key.
⸻
===== Method 1: View & Share from FlowCrypt Settings (Recommended) =====
==== Steps ====
• Open FlowCrypt on your iPad
• Tap the ☰ menu (top left)
• Go to Settings
• Tap Encryption Keys
• Select your active key
• Tap Public Key
You can now:
• View the full public key text
• Copy it to the clipboard
• Share it via email or other apps
⸻
===== Method 2: Email Your Public Key Directly =====
FlowCrypt can automatically send your public key to a contact.
==== Steps ====
• Open FlowCrypt
• Tap Compose
• Enter the recipient’s email address
• If they do not already have your key, FlowCrypt will prompt:
• Send your public key
• Confirm and send
This sends a normal (unencrypted) email with your public key attached.
⸻
===== Method 3: Attach Your Public Key Manually =====
If you want to include your public key with other information:
==== Steps ====
• Open FlowCrypt
• Go to Settings → Encryption Keys
• Select your key
• Tap Export Public Key
• Attach the exported file to an email or message
⸻
===== What a Public Key Looks Like =====
A public key is plain text and begins and ends like this:
-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----
The … is hundreds of apparently random characters. Anyone can have this (public) key. Only you have the private key (and don’t give the private key to anyone).
⸻
===== Optional: Publish Your Public Key =====
You may publish your public key so others can find it automatically.
Options include:
• PGP public key servers
• Personal website
• Wiki page
• Email signature (link or attachment)
FlowCrypt can automatically discover keys published on common key servers.
⸻
===== Security Notes =====
* Sharing your public key is safe
* Never share your private key
* Protect your private key with:
* Strong passphrase
* Secure backup (password manager, encrypted vault)
⸻
===== Quick Troubleshooting =====
* Can’t see the key?
* Make sure a key exists under Settings → Encryption Keys
* Multiple keys listed?
* Use the one marked Active
* Recipient can’t encrypt to you?
* Confirm they imported your public key correctly
⸻
====== III. Sending Encrypted Email with a Shared Password (FlowCrypt) ======
FlowCrypt primarily uses public-key (PGP) encryption, but it also supports password-encrypted messages for recipients who do not use PGP.
This method uses a shared secret (password) instead of a public key.
⸻
===== How Password-Encrypted Messages Work =====
* You choose a shared password
* The message is encrypted using that password
* The recipient receives: An email with a secure FlowCrypt link
* They enter the password in their browser to read the message
* No PGP software is required for the recipient
⸻
===== When to Use This Method =====
* Recipient does not use PGP
* One-time or infrequent secure messages
* You can safely share a password out-of-band
* Phone call
* Text message
* In-person
⸻
===== Limitations Compared to PGP =====
• Not true end-to-end PGP
• Relies on FlowCrypt’s secure message portal
• Less suitable for long-term or repeated communication
• Password must be shared securely ahead of time
⸻
===== Sending a Password-Encrypted Message =====
==== Steps ====
- Open FlowCrypt
- Tap Compose
- Enter recipient email address
- If no public key is found, FlowCrypt will prompt: Send a password-encrypted message
- Choose a strong password
- Send the message
- Share the password with the recipient via a different channel
⸻
===== Recipient Experience =====
• Recipient receives an email with a link
• Clicks the link
• Enters the shared password
• Reads the message in a secure web page
• Can reply securely using the same password
⸻
===== Security Best Practices =====
• Use a long, unique password
• Never send the password in the same email
• Avoid reusing passwords
• Set expiration dates if offered
⸻
===== Comparison: Public Key vs Shared Password =====
^ Feature ^ PGP (Public Key) ^ Shared Password ^
| Encryption type | True end-to-end | Password-based |
| Key exchange | Public key | Shared secret |
| Recipient setup | Required | None |
| Best for | Ongoing secure email | One-off messages |
| Reliance on FlowCrypt | Minimal | Required |
⸻
===== Important Notes =====
• Subject lines are not encrypted
• Gmail cannot index encrypted content
• Password-encrypted messages may expire depending on settings
⸻
===== Recommendation =====
• Use PGP public keys for regular, privacy-critical communication
• Use password-encrypted messages only when PGP is not feasible
⸻
====== IV. Why FlowCrypt on iPad and iPhone Does Not Offer “Shared Key” Messages ======
When composing an email in FlowCrypt on iPad, you may only see:
• Send unencrypted
• Cancel
and no option to send a password-encrypted (shared secret) message.
This is by design.
⸻
===== Platform Limitation (Important) =====
FlowCrypt features differ by platform:
^ Platform ^ PGP (Public Key) ^ Password / Shared Key ^
| Chrome extension (desktop) | Yes | Yes |
| Web app (desktop) | Yes | Yes |
| Android | Yes | Limited |
| iOS (iPad / iPhone) | Yes | No |
👉 iOS FlowCrypt only supports PGP public-key encryption.
Password-encrypted messages are not implemented in the iOS app.
⸻
===== Why FlowCrypt Disabled Shared-Key on iOS =====
* FlowCrypt has stated (and demonstrated by behavior) that: Password-encrypted messages rely on a secure web portal
* This requires browser-based flows that are:
* Less reliable on iOS
* Harder to secure consistently
* FlowCrypt’s security model on iOS is:
* PGP only
* Or plaintext
So if no recipient public key is found, on iOS (iPad, iPhone) FlowCrypt will only offer:
* Send unencrypted
* Cancel
⸻
===== What This Means Practically =====
On an iPad and iPhone:
• You cannot send encrypted email to non-PGP users using FlowCrypt
• There is no hidden setting to enable shared passwords
• Reinstalling or changing settings will not help
This is a hard limitation, not a configuration issue.
⸻
===== Your Available Options =====
==== Option 1: Use PGP Only (Best Security) ====
- Ask recipient to install:
* FlowCrypt
* Thunderbird
* Proton Mail (PGP mode)
- Exchange public keys with recipient
- Communicate securely end-to-end
⸻
==== Option 2: Use Desktop FlowCrypt for Shared-Key Messages ====
If you occasionally need password-encrypted messages:
• Use FlowCrypt Chrome extension on a desktop
• Send the password-encrypted message there
• Continue PGP communication on iPad
⸻
==== Option 3: Use a Different Tool for Shared Password Messages ====
If your use case is mostly shared-secret messaging:
• Proton Mail (password-protected emails)
• Secure file sharing + separate email
• Encrypted notes + link sharing
FlowCrypt on iOS is not designed for this scenario.
⸻
===== Summary =====
* FlowCrypt on iPad and iPhone cannot send shared-password encrypted messages
* Seeing only “Send unencrypted” is expected behavior
* PGP public-key encryption does work fully
* Shared-key encryption requires desktop FlowCrypt
⸻