OpenPGP Email Encryption Support

Since Bitwarden is a security product, there should definitely be an option to have emails sent from Bitwarden (i.e. activity notifications, customer support, etc.) be encrypted with OpenPGP instead of being in plain text. This would help bring security and privacy to the users since their emails from Bitwarden are encrypted.

An idea of how it can be implemented
The user goes to their Bitwarden account settings and click the checkbox that says “I want my emails from Bitwarden to be encrypted.” After clicking the checkmark, the user has the option to import/copy-and-paste their public PGP key. After clicking save, Bitwarden will then send a verification email with a clickable confirmation link that is encrypted with the user’s public PGP key to confirm that the user is able to decrypt the email. If the user successfully decrypts the verification email to click the link, all future emails sent from Bitwarden to the user will be encrypted, unless the user disables it or wants to change their keys.

The user could also send encrypted emails to Bitwarden by importing Bitwarden’s public key into their email client.

Overall, I think this would be a great feature to have and would make Bitwarden stand out from other password managers.

I would totally support that idea as well. Frankly, I don’t trust that “brand name” email providers won’t peak inside accounts if they ever suspect something at all. I use GPG daily so there would be no learning curve on this end!

6 Likes

I’d love to have this as an option as well!

4 Likes

Also, there’s a lot of email services out there that have built in OpenPGP key support like Protonmail and Mailbox as examples.

5 Likes

Yes please, this would be a much better solution than uploading your private keys as attachments.

1 Like

This would be excellent. I like to have as many emails be PGP encrypted as possible, especially for situations relating to security - which my Bitwarden notification emails are perfect example of.

4 Likes

Yes please! I am in the process of degoogling, and I would prefer the option of having more security and privacy whenever possible.

4 Likes

Awesome! Please make pgp encryption possible!

1 Like

Great feature request!
I think there should be a way to disable encryption in case a user loses his private key and can no longer decrypt emails.
Maybe generate some recovery codes at the time of enabling encryption, the same way it’s usually done when enabling 2FA? Recovery codes should be shown on screen, not emailed encrypted.

1 Like

My email aliasing service uses PGP when forwarding emails and I think it would be a slam-dunk if Bitwarden could adopt this as well. Bitwarden plus my aliasing service are like peanut butter and chocolate: two great tastes that taste great together!

1 Like

I now use Protonmail as my email provider. Having all emails to and from me encrypted and untraceable is a major goal. So I support this one!

1 Like

I love also the idea for privacy and security

2 Likes

I agree.
All websites need to support PGP mail encryption in a near future, forced by the laws

1 Like

Yes please!
Really shouldn’t be too difficult to implement.

This would be nice,
Why would Facebook have this feature but not Bitwarden ?

1 Like

I appreciate this as well.