Our forms work with all email clients that support PGP encryption. However, Google Gmail does not have its own built-in support for PGP end-to-end encryption, but can be supplemented with a third-party solution.
Google Gmail is one of the world’s most used e-mail clients. But, like most other similar services, is an important source of data collection for various purposes. And Google, like all other providers, is required by local law to give authorities access to data.
Google Gmail only offers encryption for paid service. But here, as always, whoever has access to your private keys has access to your encrypted data. Google Gmail therefore does not offer secure e-mail but can be used as a client for our e-mail forms if a third-party extension for PGP is installed.
IMPORTANT! All email handled by Gmail is seen by your email provider, even if you use their encryption. Since the form content is end-to-end encrypted (E2EE) with our service, the content itself is protected. However, the transport and amounts of metadata are logged by your email provider. Do not use this solution if untraceability is important to you! We recommend Proton Mail if our service is used as a whistleblower channel!
We’ve tested a selection of third-party solutions for PGP in Gmail. Several perfectly fine, but we’re recommend FlowCrypt’s browser extension , an easy-to-use free solution for up to 100 users per domain.
FlowCrypt integrates tightly with the Gmail menu system, delivering PGP email encryption in a way that even non-technical users can handle. Browser extensions are available for Chrome, Firefox, Brave, Edge and Opera.
To use Gmail with FlowCrypt’s browser extension as a recipient of the form data from our secure web forms:
- Go to FlowCrypt’s website , download and install the extension according to this instructions .
- A set of PGP keys needs to be created during installation. We recommend that you create and import your own set of keys that you only use with our service, please use our online service. You can use multiple PGP keys for the same email address.
- Export the public key to a file if you are using an already installed key pair, or use the public key you received when you created the key pair yourself, and use this in your ANON::form account along with the email address associated with the key.
- In the LITE control panel; open the downloaded file in a text editor, enter the email address associated with the key in the “Recipient email” field and copy the contents of the file with your public key into the “PGP public key” field.
IMPORTANT! Be sure to create strong passwords for the keys and store them in at least two or more secure places. If you lose the password for a key, there is no way to recreate the password, all data encrypted with the key is irretrievably lost. Also, always save a copy of your private key in the same way.
IMPORTANT! Key files are text files that, regardless of the file extension, must be opened in a text editor (such as Notepad in Windows) that displays plain text in the Unix (LF) UTF-8 format, without formatting, when you copy the content. You cannot therefore use a normal word processor such as Word for this.
IMPORTANT! Be sure to use the correct email address for the public key you use for your web forms as they are linked. So you cannot use a PGP key pair for any other e-mail address than the one for which the key pair was created.
We also recommend that you use a dedicated email address that is only used to receive form data. So do not use the same e-mail address that you use to receive form data to, for example, communicate with the person who submitted the form.