Hackpads are smart collaborative documents. .

Asheesh Laroia

1385 days ago
Thomas Mailvelope UX
  •  Setup Wizard
 After installation the user has to generate a key pair or import existing keys to get started with Mailvelope. There should be a guidance to help with the setup.
  • Current Steps to send encrypted mail
  1. User sees icon in toolbar. Click on Mailvelope icon in browser toolbar, click options
  1. Click on import key in options page, upload or paste key from wherever.
  1. compose email in secure modal window.
  1.  click lock icon in top right corner of sercure modal window
  1. add recipient keys, click add, encrypts text in secure modal window
  1. Then click transfer to send encrypted text to secure modal window
  1. Send Email
  • Setup Wizard Outline
  1. After installation, Mailvelope opens tab with setup wizard UI
  1. Explain requirements: (copy from other sites) Basic simple, explanation pgp cryptography
  1. Generate or import your private key
Zaki M
  1. Retrieve Public Key for your contacts 
  1. Do you have a key pair? Okay if not, we will create one:
  1. Yes, navigate to import
  1. No, Generate Key pair 
  1. Your private key is stored. This is your public key: share, tweet, etc
  1. Import Public keys from contacts. List 3 common directories. Copy and paste into text field.
Setup Wizard Copy
  1. Encryption and decryption
  1. Data that can be read and understood without any special measures is called plaintext or cleartext.  Encryption changes plaintext into unreadable gibberish called ciphertext. . The process of reverting ciphertext to its original plaintext is decryption.
  1. To view, or send encrypted emails, you need to generate keys.
  1. Your private key is your own unique secret key that decrypts email sent to you. It is the equivalent of a password. This information must be kept secret. Never give it to anyone.
  1. Your public key is like your email address, it's simply a way for you to be sent encrypted mail.  To send mail to someone, you must know their public key. Public keys are not secret, and you can publish your key in many directories online so people can send you secure email.
  1. Mailvelope can generate and store these keys securely for you. Lets get started.
  1. For more information consult the Mailvelope documentation or this explaination http://gpg4win.de/doc/en/gpg4win-compendium_8.html
  1. Do you have an existing pair of public and private keys? Import (button)
  1. OR click to generate your private key.
  1. Generate your public key. 
  1. Import your public Key, 
  1. Done!
Asheesh L Alternate setup wizard
  • (screen 1) Mailvelope secures your email
If you can read this message, it is cleartext. Mailvelope can turn that into ciphertext that only the intended recipient can read, using a key.
That process is called encryption.
Turning aaDDD33DFDFDSOIO*LKJLK back into hello is called decryption.
(tech info) <-- link to mailvelope website that links to the gpg4win docs
(I have an existing PGP key) <-- click this and it opens the "Import my key" UI in Mailvelope
Set up a new key >> <-- onclick, launches pop-up asking you for: email address, name, and password for your key
  • (screen 2) Congratulations!
You have a new key.
Here's the fingerprint, the public part that you can share with the world:
Share it!
(twitter logo) (facebook logo) (instagram logo??)
The private key is stored safely in Mailvelope.
Print a backup >>
  • (screen 3) Print a backup
Your private key lets only you decrypt aaDDD33DFDFDSOIO*LKJLK back into hello.
Anyone who has a copy can do that!
If you lose it, you can't.
So print this page now. We'll wait.
--- BEGIN PGP private key ---
--- END PGP private key ---
 Find your friends >>
  • (screen 4) Find your friends' public keys
To send encrypted mail to your friends, you need their public keys. Otherwise, they can't read the ciphertext you'll send them.
Find your friends' keys:
<iframe of twitter search, search for users: my followees, plus the maintainers of mailvelope, for hash tag pgpkey </iframe>
...and click to import.
 Send yourself a test mail >>
  • (screen 5) Send yourself a test email >>
This is the fun part: send yourself some ciphertext and make sure you can see it as plaintext.
Mailvelope enhances GMail, Yahoo Mail, Something Else, and Something Else Else so that in your compose view, you can click this icon:
and see this pop-up:
(screenshot of pop-up)
Type your message in the pop-up, and choose your own public key:
(screenshot of that)
Then bring it back into the mail app, and hit "send".
Now, visit your "Sent mail" and you'll see the mail.
Once you click "decrypt", you'll see the original plaintext:
You'll also see a watermark (Sdt) unique to this computer.
Thanks for setting up mailvelope!
Zaki M New Usability ideas 
  1. List directories of public keys
Zaki M
  1. Encourage users to tweet their key signature/hash
  • Compose mails securely. 
Mailvelope comes with its own mail compose editor. This is a requirement to securely write mails: the user should not write mails in the editor of the webmail client as the cleartext is then exposed to the provider. Currently Mailvelope allows to misuse this feature and strategies should be found to prevent that.
  • User starts to write email in Gmail, warning popups informs about Mailvelope editor concept. "Don't warn me again" checkbox. Automatically don't warn after certain time.

Contact Support

Please check out our How-to Guide and FAQ first to see if your question is already answered! :)

If you have a feature request, please add it to this pad. Thanks!

Log in