WELCOME TO THE FIRETRUST
CUSTOMER CARE CENTRE

FIRETRUST CUSTOMER CARE CENTRE

MY ACCOUNT

PRODUCT HELP

ASK A SUPPORT QUESTION

TOP FREQUENTLY ASKED QUESTIONS

How does EncryptUs work?

EncryptUs is installed as a local proxy, so it intercepts your outgoing email when you press the Send button, it then grabs the public key of the recipient from the Firetrust key server and uses that to encrypt the email. The encrypted email is then sent to the recipient. Once the recipients computer receives the email, EncryptUs intercepts the encrypted email and uses the recipients private key to decrypt the email and send it to the users email program inbox.

With the very strong encryption used by EncryptUs, generally speaking it would take computers millions of years to crack your messages.

Using recognized industry standard encryption, EncryptUs goes a step further and makes email encryption usable for everyone. It sits in the background automatically encrypting and decrypting your email (in case you were not aware, email encryption has traditionally been difficult to setup and cumbersome to use).

Industry Standard Encryption
EncryptUs uses 256 bit AES Rijndael Block Cipher combined with RSA 4096 bit Public key encryption. If you want to fry your brain with some reading about encryption used in EncryptUs, try the links below.

See Public Key Cryptography and Advanced Encryption Standard

How do I setup EncryptUs?

After logging in with your Firetrust Login, go to the Accounts page and enter the email addresses you wish to send and receive encrypted email with.

Once you have entered the email accounts, you will be sent a verification email. Go to your email program and open the email. Your email address is now verified for encryption.

Next, go to the Contacts page and enter any of your contacts emails addresses you wish to send/receive encrypted emails with. When that contact installs and uses EncryptUs, it will become enabled for sending/receiving encrypted emails with. Otherwise your emails will still be sent in plain text.

How do I use EncryptUs?

Working with EncryptUs is simple. Once it's installed, you still send and receive emails as you normally would. There's nothing special or different you need to do. EncryptUs operates invisibly in the background, encrypting and decrypting emails automatically as it manages your cryptographic keys.

EncryptUs works when someone else you send an email is also using EncryptUs, then all your email communications together are automatically encrypted.

If you send an email to someone who doesn't use EncryptUs, then your emails are sent as usual. ie. Not encrypted.

Do my emails stay encrypted in my email program?

No, your emails are only encrypted during transit. Once an encrypted email is downloaded to your email program, it is decrypted so you can read and store it (and search for it).

There's a few distinctions between how POP3 and IMAP work in this regard.

POP3 downloads email and stores it on your computer. Your encrypted email has already been decrypted and will remain readable.

IMAP stores the email on the server and downloads it when requested. Your email will be decrypted in your email program but will remain encrypted on the server. This means you will need to use EncryptUs to read any old IMAP messages if you switch computers. An option is to set your email program to download a copy of the complete email to your email program and store it locally.

Another point to note is if you are receiving encrypted email, and decide to read messages via webmail, you won't be able to read them. They need to be downloaded to your email program where they are decrypted.

Does the recipient also need to have EncryptUs installed?

Yes, only if you want to send encrypted emails between each other. Otherwise all your emails will be sent as they normally are. The need for the recipient to also have EncryptUs installed is a pretty common complaint of email encryption software, hence why EncryptUs doesn't force it or change the way you work. EncryptUs does add a byline to the email footer of the free version which states they can install the software to have encrypted emails between each other. This can be removed upon buying a license. It's pretty passive, if the recipient cares, then they can install it, otherwise it won't make any difference for them.

Any known issues?

POP3 emails with TLS security is not supported in Thunderbird (IMAP with TLS is). Self signed email certificates when used with TLS will cause timeouts in Thunderbird.

OVERVIEW

A Quick Introduction

EncryptUs makes sending emails safe. It does this by encrypting the contents of each email so that only the recipient can read it. The email cannot be read by anyone else while it is in transit.

Working with EncryptUs is simple. Once it's installed, you still send and receive emails as you normally would. There's nothing special or different you need to do. EncryptUs operates invisibly in the background, encrypting and decrypting emails automatically as it manages your cryptographic keys.

EncryptUs works when someone else you send an email is also using EncryptUs, then all your email communications together are automatically encrypted.

If you send an email to someone who doesn't use EncryptUs, then your emails are sent as usual. ie. Not encrypted.

Simple and secure!

Why make emails safe?

Have you ever emailed personal details, finances, credit card details etc to someone via email?

You probably didn't know, but sending email is very insecure.

Your email usually passes through a large number of computers, other networks and countries, leaving a copy of itself each time. At all times your messages can be read by the people who are in charge of these computers and network equipment (and in many cases your government).

Because email is sent in an easily readable format and is often stored for years, it has no protection from prying eyes meaning any personal information you send could be hacked years into the future. Messages you thought were deleted years ago may still be sitting on servers around the world.

So, in a nutshell...

* email is sent in a plain readable format.
* copies of your email are left on servers.
* stored email may be read in the future.

This is why you should encrypt your email.

What is encryption?

Encryption is the science of securing communications against eavesdropping by converting the content of a message into a code, or cipher, which can only be unlocked using a secret "key".

In practice, when I send a message to a friend, it is encrypted, that means it is changed in a way that nobody can read it. Only my friend is able to change it back to the original message (decrypt it), and will then be able to read it.

How does EncryptUs work?

EncryptUs is installed as a local proxy, so it intercepts your outgoing email when you press the Send button, it then grabs the public key of the recipient from the Firetrust key server and uses that to encrypt the email. The encrypted email is then sent to the recipient. Once the recipients computer receives the email, EncryptUs intercepts the encrypted email and uses the recipients private key to decrypt the email and send it to the users email program inbox.

With the very strong encryption used by EncryptUs, generally speaking it would take computers millions of years to crack your messages.

Using recognized industry standard encryption, EncryptUs goes a step further and makes email encryption usable for everyone. It sits in the background automatically encrypting and decrypting your email (in case you were not aware, email encryption has traditionally been difficult to setup and cumbersome to use).

Industry Standard Encryption
EncryptUs uses 256 bit AES Rijndael Block Cipher combined with RSA 4096 bit Public key encryption. If you want to fry your brain with some reading about encryption used in EncryptUs, try the links below.

See Public Key Cryptography and Advanced Encryption Standard

SETUP AND INSTALLATION

Download and Installation

Download EncryptUs here.

Using the instruction on the download page, locate the file and double click with your mouse to run it.

The installation of EncryptUs will begin.

Once installed, run EncryptUs. If you don't have a Firetrust Login, you will need to create one.

How do I setup EncryptUs?

After logging in with your Firetrust Login, go to the Accounts page and enter the email addresses you wish to send and receive encrypted email with.

Once you have entered the email accounts, you will be sent a verification email. Go to your email program and open the email. Your email address is now verified for encryption.

Next, go to the Contacts page and enter any of your contacts emails addresses you wish to send/receive encrypted emails with. When that contact installs and uses EncryptUs, it will become enabled for sending/receiving encrypted emails with. Otherwise your emails will still be sent in plain text.

How do I use EncryptUs on more than one computer?

To use EncryptUs on multiple computers, you need to export your encryption keys and then import them on your other computer(s). Pressing the Export button places a file called keys.encryptus on your Desktop. Move this file by USB key to your other computer(s) and place it on the Desktop. Press the Import button to import the keys.
NOTE: You must be signed in with the same Firetrust Login on all computers for this to work.
In Summary: What you need to do is add your email accounts to one computer, then export the keys.encryptus file. Take it to your other computer and place it on the desktop and login to your firetrust Login and import the keys.encryptus file.

If you're having trouble, follow these steps to start again.
1. Log out of EncryptUs on your #2 computer.
2. On Computer #1, delete your email addresses inside EncryptUs.
3. Add each email address back and verify each email address.
4. Export the keys.encryptus file and move to your #2 computer on the desktop.
5. Login to EncryptUs on #2 computer, you should see your email accounts already there.
6. Import the keys.encryptus file.

USING ENCRYPTUS

How do I use EncryptUs?

Working with EncryptUs is simple. Once it's installed, you still send and receive emails as you normally would. There's nothing special or different you need to do. EncryptUs operates invisibly in the background, encrypting and decrypting emails automatically as it manages your cryptographic keys.

EncryptUs works when someone else you send an email is also using EncryptUs, then all your email communications together are automatically encrypted.

If you send an email to someone who doesn't use EncryptUs, then your emails are sent as usual. ie. Not encrypted.

How can I tell if my email has been encrypted?

There's a few ways.

1. Try adding your email address to the Contacts screen and send yourself an email, then when you receive the email it will have a footer telling you it was sent and received securely at date/time. Or go to your webmail and login, or your mobile phone and you'll see you won't be able to read the encrypted email.

2. Ask a friend to install EncryptUs and correspond with each other.

Email Accounts Screen

The Email Accounts screen is where you enter your email addresses you want to use for email encryption.

Enter your email address, click the 'Add' button. Next, you will be sent an email to verify this email address. Click on the link in the email to verify the email address.

Contacts Screen

The Contacts screen is where you enter your contacts email addresses who you want to exchange encrypted emails with.

Enter each email address, and when one of these contacts has also installed EncryptUs, the question mark will change to a shield icon and become enabled. To stop encrypted emails to this contact, click the shield icon to disable.

Settings Screen

Email footer added to outgoing email
An informational message is added to the bottom of your outgoing emails because this is a free product. This can be removed with the purchase of a license key.

Export and Import your private keys
To use EncryptUs on multiple computers, you need to export your encryption keys and then import them on your other computer(s). Pressing the Export button places a file called keys.encryptus on your Desktop. Move this file by USB key to your other computer(s) and place it on the Desktop. Press the Import button to import the keys.
NOTE: You must be signed in with the same Firetrust Login on all computers for this to work.

Buy Screen

The Buy screen lets you buy a license key and enter it to activate the license in EncryptUs. A license can be used on an unlimited number of your own PC's for an unlimited number of email addresses.

When you activate a license, you'll get access to extra features in the future and be able to disable the promotional footer in outgoing emails.

Can I use EncryptUs with MailWasher?

Yes, it intercepts the POP/IMAP mail stream and will decrypt it in Mailwasher on your PC so you can read your email there.

SECURITY

What encryption does EncryptUs use?

EncryptUs uses 256 bit AES Rijndael Block Cipher combined with RSA 4096 bit Public key encryption. It would take computers millions of years to break the encryption used in EncryptUs.

EncryptUs uses the https://www.cryptopp.com open source libraries for this encryption.

How does the encryption work?

When you verify your email address in EncryptUs, a pair of encryption keys are generated.

A private key - which is kept on your computer and must be kept private.
A public key - which is made public. When you send an email, the email message is encrypted using AES encryption and secured with a password.

This password is then encrypted using the recipients public key. The encrypted email message and the encrypted password are sent to the recipient.

Once the recipient receives the encrypted email message and the encrypted password, their private key is used to decrypt the password, and the now decrypted password is used to decrypt the email message.

TROUBLESHOOTING

I'm getting an error about an unrecognized certificate when I check or send mail.

Perhaps you installed EncryptUs before Thunderbird. Please restart the EncryptUs service (efservice). First shut down Thunderbird then go to Start, and type 'services.msc' and click Enter on your keyboard. The Windows services window will appear. Scroll down and locate 'efservice' and highlight it. Click the 'Restart the service' link. Now restart Thunderbird.

I can't Send/Receive email after installing EncryptUs.

1. Please check your Windows Firewall to make sure EncryptUs is not being blocked after install. If Windows prompts during install to let EncryptUs through the firewall, then please allow it.

2. Also, let us know if you're using a non-standard port for your email. EncryptUs uses Ports 110,143,993,995,587,465,25

3. Most commonly, some Antivirus programs have a mail scanner which can interrupt EncryptUs. These mail scanners are a gimmick and can be switched off as the real-time scanner in your antivirus will pick up any email viruses anyway. eg Avast Mail Shield.

Email is sent encrypted, but not decrypted when received by recipient.

In this case you'll receive an email with an attachment encryptus.bin

There might be a few reasons for this.
1. You need to have the recipient email address in the Contacts screen with the shield enabled.
2. If you have an email address which is set to receive encrypted emails, but you don't have EncryptUs installed on your PC, or you're looking at the email on your mobile device or webmail. We don't yet support mobile or webmail.

Email is not encrypted when sent.

In the Email Accounts screen, make sure your email account is enabled with the green check mark. You also need to have the recipient email address in the Contacts screen with the shield enabled.

Thunderbird times out when sending/receiving emails

This can be caused by these scenarios in Thunderbird.
POP3 with TLS is not yet supported with EncryptUs.
TLS self-signed certificates are not supported with EncryptUs.

There's a key mismatch error.

There's a few reasons for this.

1. If you use EncryptUs on multiple computers, there's a special key.encryptus file generated for your email addresses which needs to be the same on all of your computers.

2. You signed in with a different Firetrust Login to EncryptUs, and it's using a different keys.encryptus file for your email address. If so, login to this different Firetrust Login and either decide to delete the email address or export the keys.encryptus file and use that on all your computers.

Encryptus can't find my keys.encryptus file.

You'll need to place this on the desktop so EncryptUs can import it.

My Outlook.com/Hotmail account doesn't work with EncryptUs and Microsoft Outlook, Windows Live Mail or Mail.

By default when you setup an Outlook.com or Hotmail account in Microsoft Office, Windows Live Mail or Mail, it sets it up with Microsoft's proprietary protocol called ActiveSync.

EncryptUs does not support ActiveSync, only POP3 or IMAP. Please re-setup these types of email accounts as POP3 or IMAP types.

MISCELLANEOUS

What does buying a license give me?

A license can be used on an unlimited number of your own PC's for an unlimited number of email addresses. It also lets you disable the EncryptUs promotional footer in outgoing emails, and will give you access to advanced features in the future.

Is the license annual or one off?

The license is an annual cost, but if you don't renew it will still work for you, but just without the extra features.

What if the recipient is already using another email encryption program?

EncryptUs won't be affected, each email encryption will do it's own thing.

Will all my emails be encrypted?

No, by default your emails are only encrypted if the recipient of your emails is also using EncryptUs.

Do my emails stay encrypted in my email program?

No, your emails are only encrypted during transit. Once an encrypted email is downloaded to your email program, it is decrypted so you can read and store it (and search for it).

There's a few distinctions between how POP3 and IMAP work in this regard.

POP3 downloads email and stores it on your computer. Your encrypted email has already been decrypted and will remain readable.

IMAP stores the email on the server and downloads it when requested. Your email will be decrypted in your email program but will remain encrypted on the server. This means you will need to use EncryptUs to read any old IMAP messages if you switch computers. An option is to set your email program to download a copy of the complete email to your email program and store it locally.

Another point to note is if you are receiving encrypted email, and decide to read messages via webmail, you won't be able to read them. They need to be downloaded to your email program where they are decrypted.

Where are the encryption keys generated and stored?

The keys are generated on your computer. The public key is stored on Firetrust servers, and the private key stays on your computer where you should keep it secure.

Could this be hacked or the decryption keys be changed?

We're using standard Public/Private key cryptography and AES encryption, it's used because it's been proven secure and all the encryption/decryption happens on your PC, not our servers. There are no decryption keys on our server, your private key remains on your computer. Your public key is the only thing on the server, and it's public so anyone can see it. If someone were to hack one and replace it, then since the public and private key have to match as a pair then the encryption/decryption wouldn't work - so it would be a pointless hack. We use best practices for security on our servers.

Can I turn encryption on and off?

In the Email Accounts screen you can't currently disable your email address, although you can delete it. This will be added in the near future when versioning is added.

The Contacts screen gives you control over who you want to send encrypted email to, and won't send encrypted emails unless the recipient is also using EncryptUs and the shield icon is active.

Will EncryptUs work with my Antivirus Program?

Yes, EncryptUs works at a very low level so doesn't conflict with Antivirus programs.

Known issues?

POP3 emails with TLS security is not supported in Thunderbird (IMAP with TLS is). Self signed email certificates using TLS will cause timeouts in Thunderbird.