Set up PGP to Get Secure Email Notifications from Facebook – New Feature

Shaikh Rafia
Posted 1 year ago

Facebook has announced today that users can share their OpenPGP keys on their profiles for increased email notifications security. Available only on desktops for now, the experimental feature will help end-to-end encryption to boost notification email security.

What this means for you? It essentially means that the next time when Facebook sends you a notification to your email ID, no one will be able to snoop into it. Not even the folks at NSA! Or so we are made to believe, at least.

While it may sound unnecessary to get encrypted email notifications for when someone tags us on some Obama meme or a Dubsmash video (when is this trend going to be mummified, seriously!), it can be critical in some scenarios. For example, if your email account gets hacked, hacker can use it to access many other sites linked with your account by requesting a password reset.

Encrypted notification email would render it impossible for an intruder to get into your FB account using your emails. While encryption doesn’t matter for regular, friendly notifications, security notifications are possibly going to get the most benefit from this.

In the announcement, Facebook mentions its increased focus on security features. Back in October, company started offering users to connect using Tor Onion for anonymity.

It’s very important to us that the people who use Facebook feel safe and can trust that their connection to Facebook is secure; for instance this is why we run connections to our site over HTTPS with HSTS and why we provide a Tor onion site for people who want to enjoy security guarantees beyond those offered by HTTPS.

What is Facebook OpenPGP:

Pretty Good Privacy (PGP) is an open-source, end-to-end encryption standard that is widely used by activists, journalists, and security enthusiasts among others to encrypt communications. PGP lets you encrypt emails protecting you from unwanted snooping of governments, agencies and just about everyone else.

To use OpenPGP, you create two keys: one private and another public. You share your public key with anyone who wants to send you encrypted messages. However, the private key is like the key of your locker that needs to be kept securely.

If you are interested to see how Facebook OpenPGP works, you can access the feature (limited roll out) from: https://www.facebook.com/me/about?section=contact-info OR from your profile, go to About > Contact and Basic info.


As spotted in the image, under the CONTACT INFORMATION, you will see an option + Add a public key if it hasn’t been added before.

Click it and you will get a text box.

Copy and paste your public key into that box. You can also check the box at the bottom if you want Facebook to send you encrypted email alerts.

You can then select if you want to make your public key displayed on your profile. Go forward and choose if it should be visible to everyone, your friends or some custom lists. Save the changes.

Afterwards, you will receive an encrypted email from Facebook (if you checked the box) confirming your choice of receiving encrypted email notifications.

Ta da! Have fun getting secure Facebook notifications. We will be on the look out for what privacy activists have to say about this. Let us know what you as a user think about this feature.

Share on Facebook Share on Twitter Share on Reddit