Prompt The Recipient To Create a Password for End-to-End Encryption

End-to-end encryption in Xeams converts any incoming email into an AES 256-bit encrypted PDF file protected by a password. 

There are several ways to specify this password:

  • The sender can explicitly specify in the email's subject line.
  • The sender or the administrator can assign passwords for specific recipients.
  • Prompt the recipient to create a password for themselves on your Xeams.

This article discusses the last method: prompting recipients to create their own passwords.

Configuration Steps

  • Log in as the administrator
  • Click Home/Plugins and click the Manage button for End-To-End Encryption.
  • Check the Prompt Recipient To Create Password box.
  • Save

How It Works

There is minimal configuration on the sender's end when this option is used. The sender can compose their email and the encryption word in the subject line. For example:

Information about your financial statement encpass

In this example, "encpass" is a sensitive word that will trigger end-to-end encryption.

Xeams will perform the following actions in the background

  • It saves the incoming email in a temporary holding area. This message is encrypted using AES 256-bit when at rest.
  • Send another email to the recipient asking them to create a password. This email is based on a configurable template, and companies are encouraged to modify it before using this feature in production.
  • Recipient creates a password on your Xeams.
  • Email held in a temporary holding area will be encrypted using this new password.
  • Subsequent messages will be encrypted using the same password.

Customization

The email prompting the recipient to create their password is based on a template file that is saved in $INSTALL_DIR\config\e2e-pwd-invite.html file. Administrators are encouraged to modify this file to give it a more personal touch. Adding your company name and phone number is a good choice.

Resetting Passwords

Use the following steps to reset a password:

  • Log in as an administrator
  • Click Home/Plugin, and Manage the plugin for End-To-End Encryption.
  • Click the Password button
  • Remove the password for the desired user

Next time a sensitive email is sent to the recipient, Xeams will again prompt the user to assign a password.