Recently, I was visiting some friends out of town, and they left me a key to their house. Of course, I had no idea where the key might be, so they were kind enough to email me the exact location (“at the back of the house, under the tree”).
That was nice of them (the whole “mi casa es tu casa,” not just telling me where the key is), but the privacy and security freak that I am, I couldn’t but not cringe a bit.
To me, sending important information like this over anything but a secure email account is a big no-no.
Why You Should Encrypt Your Email Messages
So, you are probably wondering (just as my friend did when I told him this), what you should do instead.
You need to encrypt your email messages.
That way, only someone with the right private key can open and read that message.
In other words, no one but the most dedicated and skilled hacker could crack it and see your private or confidential information.
This can be:
- Your credit card information
- Social security number
- Email Password
- Remote login password
- Where the keys are
- And more
Yet, all too often, people send information like this over regular, less-than-secure email accounts.
How to Encrypt an Email?
Of course, maybe you realize why securing your email account is important but don’t know how to encrypt it.
Let me show you how it’s done on iPhone and iOS devices. The process can be a bit cumbersome, so bear with me.
To install a Secure Email (S/MIME) certificate, you’ll need to do a couple of things:
First, you must import the certificate to your device (in this case, iPhone). To do this:
- Go to Mail on your iPhone or other iOS device and tap the link in your Certificate Authentication Link.
- Next, tap the Generate Certificate button in the new Generate Request and Certificate For.
- If you scroll down to the Password field just below the Certificate field, you can create a password. You can use at least 6 characters, including letters, numbers, and special characters. Don’t forget it!
- Click or tap the Download button. You’ll get another prompt message asking you if you want to allow the download. Tap/click Allow.
- Once the profile downloads, tap Close in the dialog box.
- Now, go to Settings on your device.
- Find Profile Downloaded and tap on it.
- Tap Install.
- Next, you will need to enter your iOS passcode. You won’t be able to install an S/MIME certificate if you don’t already have a passcode set.
- Tap Install on the next screen.
- Now, enter the password you created for the certificate (not the iOS passcode) and tap Next.
- Your certificate is installed, so you can tap Done to finish the process.
Once done, you must also enable the S/MIME certificate in your Mail.
- Go to Settings, and in Mail, go to Accounts.
- Select the email account associated with the certificate.
- Select the email address or email address ID.
- Under Advanced on the next screen, select Mail.
- Scroll down and slide the slider next to S/MIME to On (green).
- Next, select Sign and turn it On as well. This turns on the digital signing and encryption.
- Finally, below that, make sure that Encrypt by Default is set to Yes.
Next time you want to compose a new email message, there will be a lock icon next to the recipient. A blue lock icon means you can encrypt that email, and a red one means you can’t. If you see the latter, and you already turned S/MIME On on your end, ask the recipient to do the same on their (both of you have to have S/MIME turned On for the encryption to work).
Finally, a closed lock means that you can encrypt the message.
And that is it! You can now send encrypted and protected email messages from your iPhone.
Default iPhone Encryption is Not Enough
When Apple announced they were making encryption a standard feature on their iOS devices (iPhones included, of course), they were hailed as messiahs (what’s different there) by IT security professionals (but not intelligence agencies, advertisers, and hackers).
But strong as it is (using 256-AES encryption), is iOS’s default encryption as strong as advertised?
Well, not quite.
The standard encryption protocol with your iPhone, S/MIME, is a client-side protocol. Unfortunately, it’s not without its weak points.
First, if you want to send a secure message to someone, you’ll have to get and verify their public key from them. That can be a bit complicated for the non-tech savvy so many people won’t even bother encrypting their email on iPhone.
Another problem is that S/MIME only works if both the sender and the recipient have it. If only one of them does, it’s not working.
Finally, the iPhone uses the SSL/TLS standard (the same used in HTTPS connections). This means that it is susceptible to the same problems that plague HTTPS and could be spied on in transit by a determined hacker.
Dada Mail iOS App
As you can see, while the standard iPhone encryption is better than no encryption, it won’t be enough to keep your sent data private from determined bad actors.
Dada Mail offers a more elegant and secure solution with our newly released iOS app.
This includes:
- End-to-End Encryption using Open Source Cryptography.
- Zero Access and full Anonymity using the Hash & Salt technique (even if we won’t know your password).
- An easy-to-use User Interface.
- Open Source code you can check any time you want at https://github.com/Dada Mail/webclient. We believe in transparency.
- And more.
You can get the app on the App Store here.