This solution is based on Google Chrome, Gmail, and the Mailvelope extension for Chrome, which are all free.
First-time procedure
From the second time on, you only need Step 4 for storing and Step 6 for retrieving.
- Register a new Gmail account or use one of yours. Be it `X@gmail.com`.
- Install Mailvelope.
- Generate a key pair for `X+secrets@gmail.com`.
- Compose a message for `X+secrets@gmail.com`.
- Use a Subject like `Awesome Service` for your Awesome Service account.
- Click the Mailvelope icon that appears when you hover the body.
- You’ll see that a dialog appears with `X+secrets@gmail.com` in green.
- Enter account details, like your password.
- `Encrypt`
- You’ll see that the body of the message is now encrypted.
- Send the message.
- Given that `X+secrets@gmail.com` is just an alias of `X@gmail.com` you got the message in your inbox.
- Open it and confirm that it’s still encrypted.
- Click the Mailvelope icon that appears when you hover the body.
- Enter the password you specified in Step 3.
- You’ll see that the message is now decrypted.
- Close the message.
Why is this secure?
- The network connection between your browser and Gmail servers is encrypted by default, so only you and Google can read your messages. With this encryption, not even Google will be able to read them.
- When you send an email message protected by someone’s public encryption key, such a message can only be read by that someone using their matching private decryption key.
- Anyone who got access to your browser without your consent and tried to steal one of these secrets would have to enter your password to read them.
Why is this practical?
- It’s secure and free.
- You can add a filter to label these messages so they appear collected.
- You can search the subject or any other metadata you added to the bodies.
- You can access your secrets from any Gmail device, anywhere in the world.
- You can also keep all related secrets in a text file and send it as an encrypted attachment to `X+secrets@gmail.com`.