Thunderbird: PGP encryption for emails

You can also do something for your private sphere when communicating via email using Thunderbird. This is made possible by PGP encryption, which we will explain below for the popular Mozilla Thunderbird.

Communicate securely via Thunderbird using PGP encryption

Setting up PGP encryption is not easy. In the following steps we show you how to do it:

1. First download the encryption program Gpg4win.
2. After the successful download, install Gpg4win, whereby in the component selection it is sufficient to install only Kleopatra and the Gpg4win compendium. (See picture gallery)
3. Then create your first key pair. The key pair is because there is always a public key and a private key in so-called asymmetric cryptography.
4. To create the key pair, first call up Kleopatra and select the "New certificate" option under the "File" tab.
5. In the "Assistant for creating the certificate" menu, choose the option "Create personal OpenPGP key pair".
6. Under "Enter details" enter your name and the corresponding email account with which you want to send and receive your encrypted emails in the future.
7. You will then be asked to choose a secure password. Safe means: letters, numbers and special characters as well as a length of at least eight characters. To confirm the password, you have to enter it a second time.
8. After the message "Key pair successfully generated" click on "Finish". You should now see the key you have created in your Kleopatra main menu.

Exchange of public PGP keys

The key alone is of no use, of course. Therefore, you should still exchange the public PGP keys with your communication partners so that the encrypted e-mails can also be read by the respective recipient - otherwise it would perhaps be a little confidentiality.

1. In the Kleopatra main menu, you will find the "Import certificates" option on the one hand and the "Export certificate" option on the other.
2. To send your public key your public key, go to "Export certificate" and then send the file to your communication partner.
3. Conversely, you also need the public key from the person you are talking to. After he has sent you the corresponding file, select "Import certificates" and add the public key of your communication partner to your Kleopatra main menu.
4. Alternatively, you can upload your public key to a key server.

Install Enigmail in Thunderbird

After the main work is done, all you have to do is integrate the Enigmail add-on into the Thunderbird email client.

1. To do this, click on the "Application menu" button - which you can find on the far right - and select "Add-ons" from the drop-down list.
2. In the Add-ons Manager, first go to "Find add-ons" and then enter "Enigmail" in the search field.
3. After a successful search, click the "Install" button behind Enigmail.
4. After restarting Thunderbird, discover the "OpenPGP" tab when composing emails.
5. Finally, in the "OpenPGP Security" menu, select the option "Use special OpenPGP key ID" and then import the previously created key using the "Select key" button. Activate the legal options according to your ideas.

We explain another security aspect in the article on "Thunderbird SSL encryption".

Latest videos

The Gpg4win components

Generate PGP key pair

Details for the certificate

Set secure password

The PGP key pair