mirror of
https://github.com/M66B/FairEmail.git
synced 2024-12-23 16:25:30 +00:00
Updated FAQ
This commit is contained in:
parent
25352a9fe5
commit
9af588d6bc
1 changed files with 10 additions and 7 deletions
17
FAQ.md
17
FAQ.md
|
@ -4988,20 +4988,23 @@ Send is only available in non-Play Store versions of the app (since version 1.19
|
||||||
<a name="faq184"></a>
|
<a name="faq184"></a>
|
||||||
**(184) How do I password protect content?**
|
**(184) How do I password protect content?**
|
||||||
|
|
||||||
Select some text by long pressing it, and in the style toolbar at the bottom tap on the *<ins>A</ins>*-button and select *Password protect* in the pop-up menu.
|
Password protected content is a simple, yet secure form of end-to-end encryption that requires no configuration.
|
||||||
|
|
||||||
|
How to use: select some text by long pressing it, and in the style toolbar at the bottom tap on the *<ins>A</ins>*-button and select *Password protect* in the pop-up menu.
|
||||||
|
This will replace the selected content with a link that the recipient can click to decrypt the content on a dedicated static web page.
|
||||||
|
|
||||||
Password protected content is sent as a [URI fragment](https://en.wikipedia.org/wiki/URI_fragment) and decrypted in the browser with JavaScript.
|
Password protected content is sent as a [URI fragment](https://en.wikipedia.org/wiki/URI_fragment) and decrypted in the browser with JavaScript.
|
||||||
In other words, password protected content is never stored on or seen by third party servers.
|
In other words, protected content is never stored on or seen by third party servers.
|
||||||
|
|
||||||
Password protected content is encrypted with AES/GCM with a 256 bits key derived with PBKDF2/SHA-512 with 120,000 iterations.
|
Password protected content is encrypted with [AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) / [GCM](https://en.wikipedia.org/wiki/Galois/Counter_Mode)
|
||||||
|
with a 256 bits key derived with [PBKDF2](https://en.wikipedia.org/wiki/PBKDF2) / [SHA](https://en.wikipedia.org/wiki/Secure_Hash_Algorithms)-512 with 120,000 iterations.
|
||||||
With a sufficiently long/complex password, which is communicated to the recipient securely, this is considered safe in 2022 and for the foreseeable future.
|
With a sufficiently long/complex password, which is communicated to the recipient securely, this is considered safe in 2022 and for the foreseeable future.
|
||||||
|
|
||||||
The maximum content size is 1,500 characters, which includes HTML formatting tags.
|
The maximum content size is 1,500 bytes, which includes [HTML](https://en.wikipedia.org/wiki/HTML) formatting tags.
|
||||||
Images will be replaced with placeholders to reduce the content size, but other formatting, like bold, italic, etc., will be retained.
|
Images will be replaced with placeholders to reduce the content size, but other formatting, like bold, italic, etc., will be retained.
|
||||||
|
[Cross-site scripting](https://en.wikipedia.org/wiki/Cross-site_scripting) is prevented by using [DOMPurify](https://github.com/cure53/DOMPurify) (Apache License Version 2.0).
|
||||||
|
|
||||||
Cross-site scripting (XSS) is prevented by using [DOMPurify](https://github.com/cure53/DOMPurify) (Apache License Version 2.0).
|
This feature is available since version 1.1985, but only in the GitHub version of the app.
|
||||||
|
|
||||||
This feature is available since version 1.1985. This feature is not available in the Play store version of the app.
|
|
||||||
|
|
||||||
Sending protected text is a pro feature, decrypting protected text is a free feature.
|
Sending protected text is a pro feature, decrypting protected text is a free feature.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue