• INTRODUCTION
• ABOUT THIS WORKBOOK
• INTRODUCTION TO THUNDERBIRD
• ENCRYPT AND SIGN YOUR EMAIL
• WHY ENCRYPT AND SIGN EMAIL
• CREATE YOUR PGP KEYS
• SEND AND RECEIVE PUBLIC KEYS
• SEND ENCRYPTED AND SIGNED EMAIL
• RECEIVE ENCRYPTED MAIL
• HELP I FORGOT MY PASSWORD
• INSTALLING ON WINDOWS
• INSTALLING THUNDERBIRD IN WINDOWS
• INSTALLING PGP IN WINDOWS
• INSTALLING ON UBUNTU
• INSTALLING THUNDERBIRD IN UBUNTU
• INSTALLING PGP IN UBUNTU
• INSTALLING ON OSX
• INSTALLING THUNDERBIRD IN OSX
• INSTALLING PGP IN OSX
• SET UP AN ACCOUNT
• ACCOUNT SET UP

Help I Forgot my Password! (and other tips)

This chapter called 'What if I forgot my password' is a bridge to finding out more about email security and encryption which this challenge doesn't cover.

This first challenge is an introduction to the subject and we can't cover everything. However as people start to complete the tasks then questions do come up. Including the inevitable 'Help I forgot my password.'

This chapter is constantly evolving as more and more people take the challenge. It is also a good way to work out what should be in the second challenge.

Forgetting your password

If you forget your password or passphrase then you have to generate a new key.

But there are some things you can do. Back in Task 2 when we were creating the key we created a revocation certificate. "Think of it as a 'kill switch' for your PGP identity. You can use this certificate in case you have generated a new set of keys, or in case your old key-pair has been compromised" - OR if you have forgotten your password!

If you have forgotten your password and want to revoke your current keypair then you can do that by selecting File > Import Keys from File in the Key Management window and choosing the revocation certificate that you created earlier. 

Once you have done this then you can generate a new keypair and try the process again. Don't worry about it we've all been there!

Setting expiry date and advanced settings for key pairs

Enigmail allows you to set an expiration date and other advanced settings for your keypair, but this option isn't in the 'wizard' described in this challenge.

Using Key Servers

You can send public keys via email but another way to share your key with the world is to publish it on the public keyserver network, an online database of keys. There is more information about using Key servers as part of the Enigmail manual. 

Key signing and the Web of Trust

Key signing is where people present their PGP-compatible keys to others in person, who, if they are confident the key actually belongs to the person who claims it, digitally sign the PGP certificate containing that public key and the person's name, etc. This is one way to strengthen the web of trust.

Other Resources

These tasks were created by reusing other materials from the following Manuals. 

Basic Internet Security - http://en.flossmanuals.net/basic-internet-security

Enigmail Manual - http://enigmail.mozdev.org/documentation/handbook.php.html

Thunderbird Manual - http://en.flossmanuals.net/thunderbird/

These are great places to start if you want to take your learning further.