Why you can trust ZDNET
:ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission.Our process
'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
Back in October, I wrote a piece about using encrypted email in Thunderbird. If you ever have to send sensitive information via email, you should be using encryption. If you're not encrypting those missives, the information they contain can be read by a third party.
One of the complexities of using encryption in Thunderbird (or most email clients) is that you have to track down the recipient's public GPG key and add it to the client. Without that key, you can't send encrypted emails to the owner of the key, thereby rendering GPG useless.
There are ways you can get the recipient's public key. You can have them send it to you, and you will then have to manually add it to your keyring. You can download it from a public GPG key server through the software that manages your keyring.
Fortunately, there's another way that's sort of hidden from sight. This less-than-obvious method is much easier than the other two options, so I highly recommend you try these simple steps first.
How to locate a user's GPG key in Thunderbird
Let me show you the way.
The only thing you'll need is a running instance of Thunderbird and an email from the recipient in question. I'll demonstrate with Thunderbird version 102.5.0 on Pop!_OS Linux but the process is the same, no matter the operating system you are using.
If you're using an older version of Thunderbird, I suggest you upgrade to the latest version, so you gain the advantage of new features and (more important) all the security patches that have been applied.
That's all you need. Let's make this happen.
1. Open Thunderbird and choose an email
The first thing you must do is open Thunderbird and locate an email from the recipient whose public GPG key you wish to add so you can send them encrypted emails.
2. Open the email from the recipient
Open the email from the recipient by clicking on the entry in Thunderbird's top right pane.
3. Access the context menu
In the reading pane (bottom right), right-click the email address in the From field, and then click Discover OpenPGP Key.
4. Accept the key
In the resulting window, click Accepted and then click Import. A second pop-up will appear, including the details of the key that was successfully imported.
Close out that pop-up by clicking OK and you're done.
Now that you've imported the recipient's GPG key, you can encrypt any emails you send them. You can refer back to the post I cited earlier to find out exactly how to encrypt those emails, but it's essentially a matter of composing an email to the recipient that belongs to the key you just imported and then clicking the Encrypt button in the composer window. Email encryption has never been so easy.