OpenPGP Email Encryption Support

yX3h4Z3XZe · January 16, 2021, 4:12pm

Since Bitwarden is a security product, there should definitely be an option to have emails sent from Bitwarden (i.e. activity notifications, customer support, etc.) be encrypted with OpenPGP instead of being in plain text. This would help bring security and privacy to the users since their emails from Bitwarden are encrypted.

An idea of how it can be implemented
The user goes to their Bitwarden account settings and click the checkbox that says “I want my emails from Bitwarden to be encrypted.” After clicking the checkmark, the user has the option to import/copy-and-paste their public PGP key. After clicking save, Bitwarden will then send a verification email with a clickable confirmation link that is encrypted with the user’s public PGP key to confirm that the user is able to decrypt the email. If the user successfully decrypts the verification email to click the link, all future emails sent from Bitwarden to the user will be encrypted, unless the user disables it or wants to change their keys.

The user could also send encrypted emails to Bitwarden by importing Bitwarden’s public key into their email client.

Overall, I think this would be a great feature to have and would make Bitwarden stand out from other password managers.

OpSec · January 16, 2021, 6:13pm

I would totally support that idea as well. Frankly, I don’t trust that “brand name” email providers won’t peak inside accounts if they ever suspect something at all. I use GPG daily so there would be no learning curve on this end!

MONKiPASS · January 17, 2021, 1:39am

I’d love to have this as an option as well!

yX3h4Z3XZe · February 3, 2021, 7:51pm

Also, there’s a lot of email services out there that have built in OpenPGP key support like Protonmail and Mailbox as examples.

Essadon · February 4, 2021, 12:13am

Yes please, this would be a much better solution than uploading your private keys as attachments.

67yzid11 · February 22, 2021, 3:47am

This would be excellent. I like to have as many emails be PGP encrypted as possible, especially for situations relating to security - which my Bitwarden notification emails are perfect example of.

chesspawn · February 22, 2021, 4:05am

Yes please! I am in the process of degoogling, and I would prefer the option of having more security and privacy whenever possible.

Zhor · February 22, 2021, 4:54am

Awesome! Please make pgp encryption possible!

Nerevar · February 22, 2021, 5:43am

Great feature request!
I think there should be a way to disable encryption in case a user loses his private key and can no longer decrypt emails.
Maybe generate some recovery codes at the time of enabling encryption, the same way it’s usually done when enabling 2FA? Recovery codes should be shown on screen, not emailed encrypted.

haplesstechnoweenie · February 22, 2021, 6:02am

My email aliasing service uses PGP when forwarding emails and I think it would be a slam-dunk if Bitwarden could adopt this as well. Bitwarden plus my aliasing service are like peanut butter and chocolate: two great tastes that taste great together!

TheOldFellow · February 22, 2021, 9:02am

I now use Protonmail as my email provider. Having all emails to and from me encrypted and untraceable is a major goal. So I support this one!

olaxe · February 22, 2021, 12:26pm

I love also the idea for privacy and security

Alexio · February 22, 2021, 3:26pm

I agree.
All websites need to support PGP mail encryption in a near future, forced by the laws

Yes · February 22, 2021, 9:55pm

Yes please!
Really shouldn’t be too difficult to implement.

JoseParentre · February 23, 2021, 12:09pm

This would be nice,
Why would Facebook have this feature but not Bitwarden ?

NuppyDuck · February 28, 2021, 6:49pm

I appreciate this as well.