PassLok for Email by F. Ruiz
High security email encryption for Gmail, Yahoo, and Outlook online. PassLok is in no way associated with those services.
Easy to use, powerful extension, which includes message hiding, forward secrecy and attachments, and runs also on Chrome.
You'll need Firefox to use this extension
Extension Metadata
Screenshots
About this extension
TAKE PRIVACY INTO YOUR OWN HANDS
Easy, end-to-end secure encryption for email, plus real-time chat, that does not rely on servers and is therefore immune to hacking or government intervention. Right now PassLok for Email supports Gmail, Yahoo, and Outlook online.
--PassLok for Email is incredibly easy to use--
To encrypt a message or file, just click the PassLok icon at the bottom of the Compose or Reply box. A popup will take your private message and encrypt it with the click of a button. Then you can send it out like any other message, or as an attachment.
To decrypt it, click the PassLok icon at the top of the encrypted message. A popup will show the decrypted message or file immediately, or will tell you if there is any problem.
PassLok asks you for your Password only once. It can be anything you want, so you can actually remember it. PassLok will evaluate its strength and compensate for its weakness by lengthening the computations. It won't be stored or sent anywhere, and PassLok will forget it after five minutes of inactivity.
If you want to change your Password, go ahead and start using a new one when PassLok asks you for it. You may be asked for the old Password if PassLok can't decrypt something, but otherwise that's all you'll have to do.
--Lots of power in a slender package--
You can use either of these two encryption modes, by just clicking a button:
1. Signed mode: encrypted messages can be decrypted again, so long as the recipients supply their authentic passwords. Recipients are also assured that the message was encrypted by the sender.
2. Read-once mode: after a few encrypted messages have been exchanged they can no longer be decrypted by anyone, even if they supply the correct passwords.
In addition, you can make encrypted chat invitations which, when decrypted by the recipients, open a webRTC real-time chat session where participants are directly connected to one another. The chat session includes text, files, audio, and even video.
PassLok for Email allows you to encrypt files and images as well. Just load them with a toolbar button. You can also encrypt them separately and load them as regular attachments.
You can also communicate with users of services not supported by PassLok for Email. They can use PassLok Privacy (also in the Chrome store), which has a special mode fully compatible with PassLok for Email.
For the very paranoid (and who isn't these days?), PassLok for Email includes four special features:
1. Encrypt to image: the message is encrypted into an image you supply and then attach to your email, so the presence of a hidden message cannot be detected even by computer analysis.
2. Concealed mode: the encrypted message does not look encrypted, but actually looks like normal text. PassLok still detects it and decrypts it normally, though.
3. Invisible mode: the encrypted material cannot be seen at all. It is hidden in the space between the lines of an otherwise normal message.
4. Hidden msg: there is a hidden message in addition to the regular message, and it is encrypted by a separate key. The hidden message is completely undetectable to those who don't know it exists. Images also can contain hidden messages.
--State-of-the art security--
PassLok is based on the NaCl encryption engine, which uses 255-bit standard elliptic curves vetted against weaknesses by experts. On top of that, it uses the 256-bit XSalsa20 symmetric cipher, a high-performance, open source algorithm, which has been scrutinized by experts for nearly a decade without any practical weaknesses being found.
The image-encryption part of PassLok, developed in-house but open-source, has recently been shown to be much harder to detect than F5, the champion steganography tool until now.
PassLok does not use servers that might eventually compromise your private data. All encryption is done client-side. All data sent to the email server is encrypted, and they don't have the password that decrypts it.
With PassLok, you can actually SEE that that your messages have been encrypted. You can also see the code. PassLok hides nothing from you.
PassLok for Email is now in public beta testing. To report any bugs or suggest improvements, please submit them as "Issues" at this GitHub page:
https://github.com/fruiz500/PassLok4email/issues
Easy, end-to-end secure encryption for email, plus real-time chat, that does not rely on servers and is therefore immune to hacking or government intervention. Right now PassLok for Email supports Gmail, Yahoo, and Outlook online.
--PassLok for Email is incredibly easy to use--
To encrypt a message or file, just click the PassLok icon at the bottom of the Compose or Reply box. A popup will take your private message and encrypt it with the click of a button. Then you can send it out like any other message, or as an attachment.
To decrypt it, click the PassLok icon at the top of the encrypted message. A popup will show the decrypted message or file immediately, or will tell you if there is any problem.
PassLok asks you for your Password only once. It can be anything you want, so you can actually remember it. PassLok will evaluate its strength and compensate for its weakness by lengthening the computations. It won't be stored or sent anywhere, and PassLok will forget it after five minutes of inactivity.
If you want to change your Password, go ahead and start using a new one when PassLok asks you for it. You may be asked for the old Password if PassLok can't decrypt something, but otherwise that's all you'll have to do.
--Lots of power in a slender package--
You can use either of these two encryption modes, by just clicking a button:
1. Signed mode: encrypted messages can be decrypted again, so long as the recipients supply their authentic passwords. Recipients are also assured that the message was encrypted by the sender.
2. Read-once mode: after a few encrypted messages have been exchanged they can no longer be decrypted by anyone, even if they supply the correct passwords.
In addition, you can make encrypted chat invitations which, when decrypted by the recipients, open a webRTC real-time chat session where participants are directly connected to one another. The chat session includes text, files, audio, and even video.
PassLok for Email allows you to encrypt files and images as well. Just load them with a toolbar button. You can also encrypt them separately and load them as regular attachments.
You can also communicate with users of services not supported by PassLok for Email. They can use PassLok Privacy (also in the Chrome store), which has a special mode fully compatible with PassLok for Email.
For the very paranoid (and who isn't these days?), PassLok for Email includes four special features:
1. Encrypt to image: the message is encrypted into an image you supply and then attach to your email, so the presence of a hidden message cannot be detected even by computer analysis.
2. Concealed mode: the encrypted message does not look encrypted, but actually looks like normal text. PassLok still detects it and decrypts it normally, though.
3. Invisible mode: the encrypted material cannot be seen at all. It is hidden in the space between the lines of an otherwise normal message.
4. Hidden msg: there is a hidden message in addition to the regular message, and it is encrypted by a separate key. The hidden message is completely undetectable to those who don't know it exists. Images also can contain hidden messages.
--State-of-the art security--
PassLok is based on the NaCl encryption engine, which uses 255-bit standard elliptic curves vetted against weaknesses by experts. On top of that, it uses the 256-bit XSalsa20 symmetric cipher, a high-performance, open source algorithm, which has been scrutinized by experts for nearly a decade without any practical weaknesses being found.
The image-encryption part of PassLok, developed in-house but open-source, has recently been shown to be much harder to detect than F5, the champion steganography tool until now.
PassLok does not use servers that might eventually compromise your private data. All encryption is done client-side. All data sent to the email server is encrypted, and they don't have the password that decrypts it.
With PassLok, you can actually SEE that that your messages have been encrypted. You can also see the code. PassLok hides nothing from you.
PassLok for Email is now in public beta testing. To report any bugs or suggest improvements, please submit them as "Issues" at this GitHub page:
https://github.com/fruiz500/PassLok4email/issues
Developer comments
Rate your experience
PermissionsLearn more
This add-on needs to:
- Access your data for sites in the mail.yahoo.com domain
- Access your data for sites in the live.com domain
- Access your data for mail.google.com
This add-on may also ask to:
- Access your data for sites in the mail.yahoo.com domain
- Access your data for sites in the live.com domain
- Access your data for mail.google.com
- Access your data for google.com
More information
- Add-on Links
- Version
- 0.5.10
- Size
- 204.86 KB
- Last updated
- 2 years ago (Mar 23, 2023)
- Related Categories
- License
- GNU General Public License v3.0
- Version History
Add to collection
Release notes for 0.5.10
Updated to Manifest v3.
More extensions by F. Ruiz
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
This extension is in public beta testing phase. Please report any bugs as issues on the GitHub repo.