It’s well-known that email isn’t really that secure, with a large percentage of mail servers communicating without TLS, mail clients not being set up to use secure connections, and more commonly easily guessed user passwords.
Using PGP to encrypt messages helps to retain the privacy that age-old email systems don’t give you, keeping your message contents secured between you and the recipient (and back again).
While this is great, a lot of email come from systems and not people – and the contents of the messages can be equally as confidential. Thankfully, Facebook have, as of June 2015, added experimental support for users to add their OpenPGP public keys to their profiles and opt for all mails from Facebook to be encrypted.
Securing your Facebook Mails
Sound good right? Here’s a quick two-step guide how to encrypt your Facebook Notification Emails with PGP!
Step 1 – Get set up with PGP
If you’ve already got a PGP key that’s great, skip this first step. Otherwise, use one of my other guides to get set up with OpenPGP and create your keys:
Step 2 – Add your Public Key to your Facebook Profile
Head over to Facebook and login to you account, and go to your profile.
Under your cover image look for the “About” tab and give it a click, then on the left side go to the “Contact and Basic Info” Section.
Look for the “PGP Public Key” section in the middle pane, then click to edit it.
Paste in your public key from step 1, and save!
If you see a long key fingerprint (like in the above screenshot) then you’re all set – Facebook will now send all of your notifications encrypted, which can only be decrypted with your private key.