FLOSS Manuals

 English |  Español |  Français |  Italiano |  Português |  Русский |  Shqip

Encrypt your Email with GPG

Help I Forgot my Password! (and other tips)

This chapter called 'What if I forgot my password' is a bridge to finding out more about email security and encryption which this challenge doesn't cover.

This first challenge is an introduction to the subject and we can't cover everything. However as people start to complete the tasks then questions do come up. Including the inevitable 'Help I forgot my password.'

This chapter is constantly evolving as more and more people take the challenge. It is also a good way to work out what should be in the second challenge.

Forgetting your password

If you forget your password or passphrase then you have to generate a new key.

But there are some things you can do. Back in Task 2 when we were creating the key we created a revocation certificate. "Think of it as a 'kill switch' for your PGP identity. You can use this certificate in case you have generated a new set of keys, or in case your old key-pair has been compromised" - OR if you have forgotten your password!

If you have forgotten your password and want to revoke your current keypair then you can do that by selecting File > Import Keys from File in the Key Management window and choosing the revocation certificate that you created earlier. 

Once you have done this then you can generate a new keypair and try the process again. Don't worry about it we've all been there!

Setting expiry date and advanced settings for key pairs

Enigmail allows you to set an expiration date and other advanced settings for your keypair, but this option isn't in the 'wizard' described in this challenge.

To create a new key pair with full control over parameters like expiration, start from the OpenPGP menu in Thunderbird  and choose Key Management. You get a new window listing all your keys. From the menu in this new window, choose Generate > New Key Pair. You now have access to most of what you might do from the command line.

Using Key Servers

You can send public keys via email but another way to share your key with the world is to publish it on the public keyserver network, an online database of keys. There is more information about using Key servers as part of the Enigmail manual

Key signing and the Web of Trust

Key signing is where people present their PGP-compatible keys to others in person, who, if they are confident the key actually belongs to the person who claims it, digitally sign the PGP certificate containing that public key and the person's name, etc. This is one way to strengthen the web of trust.

Other Resources

These tasks were created by reusing other materials from the following Manuals. 

Basic Internet Security - http://en.flossmanuals.net/basic-internet-security

Enigmail Manual - http://enigmail.mozdev.org/documentation/handbook.php.html

Thunderbird Manual - http://en.flossmanuals.net/thunderbird/

These are great places to start if you want to take your learning further.


There has been error in communication with Booktype server. Not sure right now where is the problem.

You should refresh this page.