Because its easy, and because it provides so many benefits, i now try to use encryption everywhere. GPG is my tool of choice; i actually don’t even know what other options there are. Here are some things I have found to be useful:
- Password management. I use the pass application for this. After installing gpg, i just do a “pass init <keyid>” and from there i am good to go. I use qtpass as a graphical frontend. The way this works is as follows: you add a password “pass insert blah”, which then asks you for the password to store. Later you can ask for the password by typing “pass blah”. Storing passwords sure is a good idea, but even better is to just have pass generate good ones for you. To do this i type “pass generate foobar 12” and a 12-char password is generated and stored. Now i can have unique passwords for all my websites, and pass will remember them. The one thing that weired me out is that after unlocking any password i could get at any others without entering my passphrase. This worried me a bit because it looked like you only had to unlock things once and then they remained unlocked. Turns out it was because gpg-agent is running and caching passwords for up to 10 min (default). I figure its ok to leave things open for 10 min, in fact it would essentially mean if youre checking a lot of websites and you dont remember their passwords, you dont have to keep typing your passphrase over and over.
- GPG also has great integration into mac os x. I use this for mail and file encryption. For mail, it lets me sign all my emails, regardless of where they go. If the recipients are also using encryption, i can encrypt the messages. When i receive an encrypted email i can decrypt it, etc. Its literally 1-button email encryption for free. Not bad!
As for my philosophy: “why encrypt?” I think the burden is more on people to answer: “why not encrypt?” It takes almost no effort, and the benefit is that emails sent directly to you are no longer viewable by anyone else along their way.