Don’t get pwned like Sony—use Mixmax Secret Message
Send password-protected email messages from Mixmax
Wednesday, Jan 28th, 2015
Mixmax is a communications platform that brings professional communication & email into the 21st century.
Today we’re adding a new in-email app to Mixmax called Secret Message. It allows you to embed one or more secret (i.e., password-protected) messages inside your email. It’s yet another way that Mixmax gives your email superpowers.
Who can use it?
As with all Mixmax apps, anyone on any email client can read your message (provided they have the password you gave them). Your recipient doesn’t need to install any plugins or extensions.
What is this great for?
Mixmax Secret Message protects confidential material from falling into the wrong hands. Specifically it:
- Protects your conversations from security breaches or hacking
- Ensures privileged conversations aren’t stored on the email servers of your business partners
- Prevents sharing of your email via forwarding… or even snooping CIOs!
- Allows you to send “self destructing” messages that expire at a certain time
If only Sony had adopted Mixmax as their corporate email solution before they got hacked…
How does it work?
To add a Secret Message, select it in the app picker. You’ll be prompted to add a password that secures your message. Once you choose a password, you can enter your message. Let the recipient know about the password via some other communication channel. You can optionally also set a date that the message will self destruct.
When your recipient opens the message they’ll be prompted for the password you provided before they can access the message.
How secure is it?
The Secret Message app uses in-browser “symmetric encryption”, meaning your message content is encrypted entirely in your browser and never passes through Gmail or Mixmax servers in plaintext form. Likewise for your recipient: the message is decrypted using your shared password, entirely in the browser. As an additional measure, messages are viewed on a secure (https://) url so there is no risk of someone snooping on your internet connection.
If you chose an expiration date for your message, our servers will delete the encrypted message from our database on the date you specify. There is no trace left behind.
As with all shared-password encryption, it is only as secure as the password you choose and how you choose to share it. Remember to never include your password in the same Mixmax Secret Message email.
Send a secret message yourself by adding Mixmax to Gmail. This is one of the many in-email apps you can create on the Mixmax platform to power up your email. Email us firstname.lastname@example.org or tweet us @Mixmax if you’d like to make one of your own!