Fluidkeys

Protect your team with strong encryption

Fluidkeys builds on OpenPGP and makes it easy to implement great security across your organisation

We’re building a better way to do PGP, you can test the current release or sign up for release announcements:

Screenshots of signed emails and code commits.

Supporting PGP in a team is time consuming and error‑prone

The steep learning curve means supporting new team members is time consuming and costly.

Keys get out of sync, leading to confusing errors. Verifying, retrieving and refreshing keys is a repetitive, manual process.

A lack of agreed best practice means lots of keys use old, insecure algorithms. Auditing a team’s keys often gets forgotten.

An illustration of the world of pain and confusion managing PGP.

Automate PGP for stronger, simpler security

Icon for a new key and backup

Onboard new team members

Automatically create a key for new starters, along with an encrypted backup and revocation certificate.

Icon for syncronising keys

Keep your team in sync

Automatically update keys and sync across the team. Starters and leavers are added and removed seamlessly.

Icon for the best key

Audit keys against best practice

Use strong ciphers, short expiries and clear certification policies on all the teams' keys.

Icon for an imposter

Look out for imposters!

Get alerted for any new keys claiming to be @yourdomain.com

Icon for signed code commits

Enforce Github signed commits

Monitor code repositories to ensure all code is correctly signed.

Icon for a key with an expiry date

Rotate keys periodically

Automatically generate new encryption keys every quarter for forward secrecy.

Current release: 0.3

Send end-to-end encrypted secrets from the command line using strong, automatically rotating PGP keys.

Download now

Our progress

  • Get started with OpenPGP (v0.1)

You can now create a best practice PGP key from the command line. Fluidkeys backs it up and pushes it into GnuPG so you can start using it right away.

Level up your legacy keys (v0.2)

  • Connect Fluidkeys to your existing key in GnuPG
  • Fix issues like weak signatures and out of date preferences
  • Automatically rotate your encryption subkey to limit the impact of key compromise

Send encrypted secrets (v0.3)

  • Send and receive passwords, token and certificates right from the command line
  • End-to-end encrypt secrets so only the recipient can read them
  • Automatically fetch public keys from a verified email address
  • Send encrypted files (v0.4)

You'll be able to send private keys, certificates, and other sensitive text files from the terminal.

Simple PGP for teams (26/03/2019)

  • Add and remove team members and their keys will be automatically synchronised across the whole team.
  • Allow anyone to find your team's keys from their email address using Web Key Directory (WKD).
  • Use git-crypt, pass, and any other GnuPG-based tools with your team.

Safeguard your source code on Github

  • Sign git commits and verify commits from other team members. Fluidkeys will configure git for you, and everyone’s keys will be synchronised with Github automatically.
  • Verify commits inside Github using status checks. You'll be able to ensure pull requests are legitimate before merging them.
  • Automate configuring git-crypt and pass

You'll be able to automatically configure these popular open source tools to work with your team. When team members are added or keys are updated, everything will be kept in sync.

  • Integrate with Mailvelope

You'll be able to send and receive encrypted emails from the browser using Mailvelope. Each team member will always have the right key for everyone in the team, eliminating awkward key exchanges.

  • Send large sensitive files

You can send files of any size to team mates from the command line. Fluidkeys will handle the encryption, delivery and verify that the file arrived ok.

  • Integrate with Slack

You can use the convenience of Slack with the added protection of end to end encryption. You’ll no longer have to worry about Slack’s security.

  • Use from the desktop

You’ll have a graphical interface for people less familiar with the command line.

We’re building a better way to do PGP, you can test the current release or sign up for release announcements: