Google Chrome

Click here to open Mailvelope in the Chrome app store. Then click Install. When the confirmation prompt appears, click Install.

After installation, a lock icon is displayed in the main Google Chrome toolbar (to the right of the address bar). Click it to open the Mailvelope main menu.

Browser action menu

Browser action popup


Click on the icon below to download Mailvelope from Choose Allow and Install in the Firefox dialogs to install Mailvelope as an add-on in your browser.

Public and Private Keys

OpenPGP and therefore Mailvelope use public-key encryption, which means a key is split into two parts: public and private keys with different purposes:

  • Public key – Used to encrypt a message. Is and should be available to everybody.
  • Private key – Used to decrypt a message. Needs to be stored securely. Access is restricted by password.
This concept is illustrated on the page "How Gpg4win works". Gpg4win is another application based on OpenPGP, and the same principles also apply to Mailvelope.

Exchanging Keys

In order to send encrypted e-mails to a peer, you must have the public key of the recipient. Therefore, before secure communication can happen between two people, they must exchange their public keys with each other. There are multiple ways that public keys can be distributed:

  • Sending by e-mail to specific correspondence partners. See the Exporting Keys section to find out how this works in Mailvelope
  • Publishing the key on a website for everyone to access.
  • Uploading a key to a keyserver.

Message Formats

Public and private keys, as well as encrypted messages in OpenPGP, are encoded in a defined text formats that allow them to be exchanged or stored as text files.

For example, a public key would look like this:

Version: Mailvelope v1.1.0



Click on Mailvelope's lock icon in the toolbar to open the main menu. Click Options to navigate to Key Ring, where all the keys are stored:

Key Ring

Key Ring view

Generating Keys

To use Mailvelope, at least one key pair (consisting of a public and private key) must be available. You can either generate a new key pair as explained in this section, or import an existing key pair as described below.

Click Generate Key to open the key generation dialog. Fill out the boxes and assign a key password. Make sure you never lose this password. If it is lost, the password cannot be recovered and the key can no longer be used.

Generating keys

Key generation dialog

Enter all the necessary information. Click Submit to start generating a key. Afterwards, you can see the result in the key list by selecting Display Keys.

Importing Keys

Existing keys can be imported from other applications. In the option menu, click
Key Ring and then Import Key.

Importing keys

Key import dialog

Paste any keys into the text box in text format as shown above in the Message Formats section. Afterwards, check Display Keys to see whether the import was successful.

Exporting Keys

Key export functionality is used to extract keys in text format. We can use this function to publish public keys or to make a backup of a public-private key pair in a secure place.

Exporting all keys

For this purpose, click the Export button on the "Display Keys" option page. The keys are saved in asc format. This format can be read by all common PGP implementations.

Exporting individual keys

Hover over the relevant key pair and click the information icon (i). Switch to the Export tab and select the key(s). Then click Download.

Defining Master Keys

In the Display Keys menu, you can view more information about each key using the information icon (i). You can define your key as the master key here. The master key is always used unless another key is explicitly selected.


Mailvelope extends the user interface of webmail pages (e.g., GMX etc.) with controls that can be used for encryption and decryption of e-mails.

Encrypting Messages

Encryption in an external editor

Messages are created and encrypted in an external editor by default.

The Compose (icon) button is displayed in all e-mail composing areas of the webmail provider and will launch Mailvelope's external editor.

Launch editor button

Compose button

Clicking on the Compose button will open a new popup with a separate editor. This ensures that the e-mail creation and encryption process is completely isolated from the webmail provider.


Mailvelope's external editor

Compose popup

The e-mail can now be composed. Next, click the Encrypt button to display the encryption dialog. Here, you can choose the recipients, or more specifically the people who should be allowed to decrypt the message. You can add these people to the list. Their public keys must already be imported as described in Importing keys.

Encryption dialog

Encryption dialog

You can also sign the e-mail in the same window. An encrypted checksum is used to confirm to the recipient that your e-mail was not changed after it was sent.

Multiple recipients can be added to the Encrypt for section. All recipients listed here will be able to decrypt the message. It can be useful to also add yourself so that you can decrypt and read the messages in your Sent folder.
Mailvelope tries to identify the recipient's e-mail address. It will be preselected once the decrypt dialog opens.

Click OK to decrypt the e-mail. The e-mail text will be replaced with the encrypted message.

Encrypted message

Encrypted message

The Undo button will convert the content back to the unencrypted text and you can restart the process.

The final step is to copy the encrypted message back to the e-mail provider. Clicking Transfer will do this and close the external editor.

Encrypted message transfer

Encrypted message copied back to webmail provider

Now the encrypted message can be sent as usual.

Warning: do not use the webmail provider's main window while the external editor is open. To transfer the encrypted message successfully, it is important that you do not navigate away from the compose view of your webmail provider.

Message Decryption

Whenever Mailvelope detects an encrypted message in an e-mail, it marks it with an icon (closed envelope). Click this icon to start decryption.

Decrypting a message

Marked encrypted message

Enter your key password and confirm by clicking OK. The message is then decrypted and displayed directly.

Password dialog

Password dialog

Mailvelope tries to find the private key that is required to decrypt the message. If the correct key is found in the key ring, the corresponding User and Key ID are displayed.

After the key is unlocked with the password, the message is decrypted and directly shown in the marked area.

Decrypted e-mail

Decrypted e-mail

The image overlay can be closed at any time using the X button or the lock icon () in the browser extension toolbar, and updated with the Reload button.

Mailvelope comes preconfigured to work with the following webmail services:

  • GMX
  • WEB.DE
  • De-Mail
  • Gmail
  • Yahoo!Mail

Using this general approach, it can be configured to work with any webmail provider. You can make these settings in the Preferences section of the Options view.

The watch list defines a set of websites that are enhanced with the functionality provided by Mailvelope.

Deactivating Mailvelope for a site

By default, Mailvelope is active for all sites on the watch list. To deactivate a site, click Edit in the corresponding row and change the Active value. Confirm with OK.

Adding a website to the watch list

Load the website you want to add to the watch list in a browser tab (the active tab). Click the lock icon in the browser extension toolbar to open the main menu. Click Add page. The browser will open a new tab with Mailvelope's Options page and will add the website to the watch list. Reload the website to activate Mailvelope.

When you select Add page, Mailvelope analyzes the website's frame structure and adds this information to the watch list. Because the internal structure of the website might change in different scenarios, the following procedure is recommended when adding new websites:
  1. Open your webmail provider's website and log in.
  2. Navigate to your inbox and open an e-mail.
  3. Select Add page in Mailvelope's main menu.
  4. A new tab opens. There is a new entry in the watch list.
  5. Switch back to the webmail site and compose a new e-mail.
  6. Click on the lock icon again and select Add page.
  7. Reload the page with F5.

Click one of the entries to make additional settings:

Active: You can deactivate the entry without deleting it here.

Site: The name of the entry in the watch list.

Status/Domain Template/API: Allow individual pages to or prohibit individual pages from using the Mailvelope API.

Advanced: when expanding a row in the watch list, we see the frames that will be scanned for encrypted e-mails and e-mail composing areas. If we can identify irrelevant frames (e.g. from ads), we can set the Scan value to false and minimize the scanning effort.

You can also manually add websites and their frame structures to the list. However, this process is not described here.

Removing a website from the watch list

Load the website you want to remove from the watch list in a browser tab (the active tab). Click on the lock icon in the browser extension toolbar to open the main menu. Select Remove page. The browser will open a new tab with Mailvelope's Options page. After confirmation, the website is removed from the list.

Alternative: Directly remove entries in the watch list with the Delete button.

Mailvelope offers end-to-end encryption, which means that the application must ensure that the user's confidential data can never leave the computer.

Mailvelope's user interface consists of a set of isolated elements floating on top of the webmail provider's UI elements. This tight integration improves usability, but also requires measures to prevent any data leakage.

Mailvelope's security goals are as follows. All data must be safe even if:

  • A rogue sender is part of the communication
  • The webmail provider has malicious intent
  • The webmail provider was attacked or the user has a malicious tab opened
  • This attack scenario was thoroughly tested in a penetration test by Cure53, which was also involved in developing the security concepts used by Mailvelope.

In this section, we look at security from an end user perspective. Further information is also available in the security section of the FAQ. The relevant settings can be found in the following dialog.

Security Settings

Click the Mailvelope icon , Options, Options and Security to open the security settings.

Security settings

Security settings

Save passwords for this browser session?

Mailvelope can cache passwords for private keys in the local memory. You can activate the cache in the security settings or with the password dialog. Passwords have a certain lifetime, which can be adjusted in the settings, and are always deleted when you close the browser window.

Security background

Mailvelope input fields are identified with a background of lock icons. In order to detect potential fakes more easily, you can set how the background should look here, as well as adjusting the angle, scaling and color of the icons.

Where are decrypted messages displayed?

Two different modes are available for displaying the encrypted messages:

Inline (on the page of the webmail provider)

This offers the best usability. The encrypted messages are displayed inside an isolated sandbox that is not accessible by the webmail provider.

The watermark shown in the background of the decrypted message has the same purpose as the security token concept: You can clearly identify that the displayed message is the one decrypted by Mailvelope.

In a separate popup from Mailvelope

The decrypted message will be shown in a new browser window.

This setting is only relevant for email providers without a integration of the Mailvelope API. In the integrated version as implemented by GMX/WEB.DE/De-Mail decrypted messages are always displayed in the user interface of the page, but in an isolated area which is not accessible by the mail provider.

Security log

Click the lock icon in the Last activities section to view the security log. All events related to Mailvelope are logged here. If necessary, check the log for suspicious activities. Click More to go to a more detailed view