GPGTools offers quick encryption options for OS X Mail

If you regularly send confidential information via e-mail and wish to make it as secure as possible, one option for OS X users is GPGTools, which provides encryption and decryption services for any of your e-mail accounts.

GPGTools is a free and open-source encryption project for OS X, based on OpenPGP, which gives OS X users quick access to options for signing and encrypting e-mail messages, as well as offering file-level services for encrypting documents and folders. The project has been around since 2011, but was recently updated to version 2, and supports a number of new features. The suite no longer becomes disabled when OS X is updated, it now works properly with exchange servers, it has new hot-key options for toggling signing and encrypting, and offers quick-switching between OpenPGP and S/MIME standards for providing digital signatures.

Once installed, the program first launches the GPGTools keychain manager, where you set up key pairings for your e-mail addresses and those of recipients (the installer opens a help page in your browser to guide you through the process). When you do this, public and private encryption keys are generated based on unique aspects of your system including standards like date and time, but also details like mouse movements.

With these keys set up, you simply launch Mail and now will see an encryption status at the top-right of a new message's toolbar. By default, the suite's digital signing feature is always enabled, but you will have to enable encryption for messages you would like to secure. Since this requires a key pairing entry for each recipient in the GPGTools keychain, the encryption option will only be available if you enter an e-mail address to which a key has already been paired.

When the e-mail is sent, its contents will be wrapped in an attachment that will appear to a recipient as garbled text if opened, unless they have GPGTools or another compatible encryption manager installed.

In this sense, one drawback to using GPGTools, or any encryption routine, for that matter, is that those wishing to view the contents will be required to have a means of decrypting it. Therefore, you cannot arbitrarily encrypt e-mails and expect recipients to quickly read them; they will first need to install GPGTools for OS X, or a Windows or Linux alternative (e.g., GPG4Win, or GPA) to view the e-mail content in a client on those platforms. While these tools are not difficult to install and configure, you will have to contend with recipients perhaps not wishing to install the software on their systems, or in some cases not being able to do so.

Unfortunately, the fact that GPGTools is only available for Apple's Mail e-mail client, and other compatible encryption managers require desktop e-mail clients, means that the use of GPGTools will be only available to those when using configured Mac or PC e-mail software. If someone checks their e-mail using a mobile device, or with a Webmail client like Gmail, then the message will only show the garbled encrypted data.

Overall, GPGTools offers a relatively seamless approach to encrypting e-mails as long as both the sender and recipient have GPGTools or a similar service installed and configured. With this done, OS X Mail will display the encrypted message quickly.

This means that using GPGTools is perhaps best for those who have a defined workgroup of individuals for which they would like to keep communications secured, such as a development team that needs to send confidential design ideas back and forth, and even have dedicated workstations with GPGTools installed to manage the encryption. On the other hand, it may be impractical for an teacher at an educational institution to use it for sending grades or to revolving classrooms of students.

Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.