Differences

This shows you the differences between two versions of the page.

--- flowcrypt [2026.01.07 13:59] – Steve Isenberg
+++ flowcrypt [2026.01.07 14:15] (current) – [Recommendation] Steve Isenberg
@@ Line 288: / Line 288: @@
 ⸻
-If you want, I can also:
+Short answer: Yes, but with important limitations.
-	•	Add fingerprint verification steps
+FlowCrypt supports password-encrypted messages (shared secret) instead of public-key (PGP) encryption, but this is not the same as true PGP and works differently.
-	•	Explain key rotation and expiration
-	•	Provide a short checklist version for your wiki
+Below is a DokuWiki-formatted explanation you can paste directly into your wiki.
+⸻
+====== Sending Encrypted Email with a Shared Password (FlowCrypt) ======
+FlowCrypt primarily uses public-key (PGP) encryption, but it also supports password-encrypted messages for recipients who do not use PGP.
+This method uses a shared secret (password) instead of a public key.
+⸻
+===== How Password-Encrypted Messages Work =====
+	•	You choose a shared password
+	•	The message is encrypted using that password
+	•	The recipient receives:
+	•	An email with a secure FlowCrypt link
+	•	They enter the password in their browser to read the message
+	•	No PGP software is required for the recipient
+⸻
+===== When to Use This Method =====
+	•	Recipient does not use PGP
+	•	One-time or infrequent secure messages
+	•	You can safely share a password out-of-band
+	•	Phone call
+	•	Text message
+	•	In-person
+⸻
+===== Limitations Compared to PGP =====
+	•	Not true end-to-end PGP
+	•	Relies on FlowCrypt’s secure message portal
+	•	Less suitable for long-term or repeated communication
+	•	Password must be shared securely ahead of time
+⸻
+===== Sending a Password-Encrypted Message =====
+==== Steps ====
+	•	Open FlowCrypt
+	•	Tap Compose
+	•	Enter recipient email address
+	•	If no public key is found, FlowCrypt will prompt:
+	•	Send a password-encrypted message
+	•	Choose a strong password
+	•	Send the message
+	•	Share the password with the recipient via a different channel
+⸻
+===== Recipient Experience =====
+	•	Recipient receives an email with a link
+	•	Clicks the link
+	•	Enters the shared password
+	•	Reads the message in a secure web page
+	•	Can reply securely using the same password
+⸻
+===== Security Best Practices =====
+	•	Use a long, unique password
+	•	Never send the password in the same email
+	•	Avoid reusing passwords
+	•	Set expiration dates if offered
+⸻
+===== Comparison: Public Key vs Shared Password =====
+^ Feature ^ PGP (Public Key) ^ Shared Password ^
+| Encryption type | True end-to-end | Password-based |
+| Key exchange | Public key | Shared secret |
+| Recipient setup | Required | None |
+| Best for | Ongoing secure email | One-off messages |
+| Reliance on FlowCrypt | Minimal | Required |
+⸻
+===== Important Notes =====
+	•	Subject lines are not encrypted
+	•	Gmail cannot index encrypted content
+	•	Password-encrypted messages may expire depending on settings
+⸻
+===== Recommendation =====
+	•	Use PGP public keys for regular, privacy-critical communication
+	•	Use password-encrypted messages only when PGP is not feasible
+⸻
+This is a known and intentional behavior in FlowCrypt, not something you’re doing wrong.
+Short answer:
+👉 On iOS (iPad/iPhone), FlowCrypt does NOT support password-encrypted (“shared key”) messages.
+That’s why you only see “Send unencrypted” or “Cancel.”
+Below is a DokuWiki-formatted explanation you can paste into your wiki.
+⸻
+====== Why FlowCrypt on iPad Does Not Offer “Shared Key” Messages ======
+When composing an email in FlowCrypt on iPad, you may only see:
+	•	Send unencrypted
+	•	Cancel
+and no option to send a password-encrypted (shared secret) message.
+This is by design.
+⸻
+===== Platform Limitation (Important) =====
+FlowCrypt features differ by platform:
+^ Platform ^ PGP (Public Key) ^ Password / Shared Key ^
+| Chrome extension (desktop) | Yes | Yes |
+| Web app (desktop) | Yes | Yes |
+| Android | Yes | Limited |
+| iOS (iPad / iPhone) | Yes | No |
+👉 iOS FlowCrypt only supports PGP public-key encryption.
+Password-encrypted messages are not implemented in the iOS app.
+⸻
+===== Why FlowCrypt Disabled Shared-Key on iOS =====
+FlowCrypt has stated (and demonstrated by behavior) that:
+	•	Password-encrypted messages rely on a secure web portal
+	•	This requires browser-based flows that are:
+	•	Less reliable on iOS
+	•	Harder to secure consistently
+	•	FlowCrypt’s security model on iOS is:
+	•	PGP only
+	•	Or plaintext
+So if no recipient public key is found, FlowCrypt will only offer:
+	•	Send unencrypted
+	•	Cancel
+⸻
+===== What This Means Practically =====
+On an iPad:
+	•	You cannot send encrypted email to non-PGP users using FlowCrypt
+	•	There is no hidden setting to enable shared passwords
+	•	Reinstalling or changing settings will not help
+This is a hard limitation, not a configuration issue.
+⸻
+===== Your Available Options =====
+==== Option 1: Use PGP Only (Best Security) ====
+	•	Ask recipient to install:
+	•	FlowCrypt
+	•	Thunderbird
+	•	Proton Mail (PGP mode)
+	•	Exchange public keys
+	•	Communicate securely end-to-end
+⸻
+==== Option 2: Use Desktop FlowCrypt for Shared-Key Messages ====
+If you occasionally need password-encrypted messages:
+	•	Use FlowCrypt Chrome extension on a desktop
+	•	Send the password-encrypted message there
+	•	Continue PGP communication on iPad
+⸻
+==== Option 3: Use a Different Tool for Shared Password Messages ====
+If your use case is mostly shared-secret messaging:
+	•	Proton Mail (password-protected emails)
+	•	Secure file sharing + separate email
+	•	Encrypted notes + link sharing
+FlowCrypt on iOS is not designed for this scenario.
+⸻
+===== Summary =====
+	•	FlowCrypt on iPad cannot send shared-password encrypted messages
+	•	Seeing only “Send unencrypted” is expected behavior
+	•	PGP public-key encryption does work fully
+	•	Shared-key encryption requires desktop FlowCrypt
+⸻
-Just say the word.