Send passwords, keys, tokens and personal information within your team. Everything’s protected with open source, end-to-end encryption.
Protect against phishing attacks with signed emails and keep sensitive emails safe with encryption. Fluidkeys automates key exchange and verification so you’ve always got the right key when you need it.
Store shared passwords in an encrypted git repository using the popular open
source password manager. Fluidkeys keeps your
.gpg-ids file up
to date so joiners and leavers are added and removed automatically.
Sign your git commits and only merge verified code from trusted developers. Fluidkeys helps you verify commits by ensuring you’ve always got the right keys for your whole team.
Many tools rely on GnuPG to carry out their encryption. Fluidkeys stores your team’s keys in GnuPG and ensures they’re correctly trusted, so any tool that relies on GnuPG works with your team.
By listening to engineering teams around the world, we’ve tackled the barriers to using GnuPG and OpenPGP tools in a team.
Setting up a PGP key for the first time can be daunting, with difficult questions and unfamiliar concepts.
Fluidkeys creates a new key, encrypted backup and revocation certificate without asking any difficult questions. It creates a strong, memorable password which it stores safely in the system keychain.
Emailing keys around the team doesn’t scale and using the keyservers can be confusing and unreliable.
Fluidkeys automatically fetches keys from a reliable, private keyserver. New starters are added to everyone’s keyring seamlessly.
Joining a team and fetching everyone’s keys is error prone, leading to missing, outdated or incorrect keys. There’s no single source of truth for all the keys in a team.
With Fluidkeys you create a team roster: a list of email addresses linked to keys and cryptographically signed by an administrator. Fluidkeys syncs the roster to every team member, automatically fetching verified keys for the whole team.
The web of trust was a nice idea, but key signing parties aren’t practical. We all know we should verify fingerprints, but in practice many of us skip this step and hope for the best.
With Fluidkeys, the team admin verifies new keys using safety numbers and adds them to the team roster. Everyone else in the team trusts keys verified by the admin. And because the signed roster is verified client-side, it can’t be tampered, even by us.
We know it’s insecure practice to use the same encryption key for years, but current tooling makes it difficult to automate key rotation.
Fluidkeys uses encryption subkeys which add to the end of your key without changing the rest of the key. With a new key every month you get forward secrecy without having to change your key.
Protect sensitive information by simplifying powerful encryption tools.
You can now create a best practice PGP key from the command line. Fluidkeys backs it up and pushes it into GnuPG so you can start using it right away.
You’ll be able to send private keys, certificates, and other sensitive text files from the terminal.
Add and remove team members and their keys will be automatically synchronised across the whole team.
You’ll be able to automatically configure these popular open source tools to work with your team. When team members are added or keys are updated, everything will be kept in sync.
Allow anyone to find your team’s keys from their email address using Web Key Directory (WKD).
You’ll be able to send and receive encrypted emails from the browser using Mailvelope. Each team member will always have the right key for everyone in the team, eliminating awkward key exchanges.
You can send files of any size to team mates from the command line. Fluidkeys will handle the encryption, delivery and verify that the file arrived ok.
You can use the convenience of Slack with the added protection of end to end encryption. You’ll no longer have to worry about Slack’s security.
You’ll have a graphical interface for people less familiar with the command line.