The main advantage of end-to-end encryption is its restriction of transmitted data from anyone but the recipient. It is as if when you mailed a letter you put it in a box that was physically impossible to open — immune to any sledgehammer, saw, lockpick, and so forth — except by the addressee. End-to-end encryption ensures the privacy of your communication. (Kaspersky Lab)
Why does nobody else have this?
Because it is very expensive and was a pain in the ass to implement.
But I think it's worth it for the improved user privacy.
How do I enable this? What are the drawbacks?
E2EE is not enabled by default. I've made it opt-in (and opt-out) and because there are drawbacks that come with this increased privacy. I want users to have the choice between privacy and convenience, rather than choose for them. Here are the main drawbacks:
1. Your data is encrypted with a password that you choose and if you lose this password then you cannot recover your data. (most important)
2. Push notifications will become generic and not reveal content. You can always opt-out of E2E anytime
3. There is a performance hit involved in encrypting and decrypting data. This is about 1-2 ms per field, per person.
Example: If you have 1,000 people and 5 fields per person then you can expect a 5-10 seconds performance hit (1,000 x 5 x (1 to 2)) when it comes to initial loading of the page. The more data you add, the more of a performance hit you take.
If these drawbacks are worth it for the increased privacy, then you can enable E2EE through the Settings page.
End to End Encryption Settings
You'll be prompted to choose an Encryption Password that will be used for you to unlock your data on other devices.
If you lose this password, we cannot recover it for you. You will have to delete all encrypted data from your account
We then encrypt your data and you'll now see a message at the bottom left "E2E Encryption Enabled" that indicates your encryption status.
You can change your encryption password or opt-out at any time by visiting the Settings page and scrolling down to the End to End Encryption section.
"End to End Encryption is disabled" how do I re-enable it?
If you are on a new device and E2EE is enabled on your account, you will need to re-enter your encryption password to verify that device. Your data should look like this if it is encrypted and you have not verified the device:
To verify he device, simply go to the Settings page and click "Enter your encryption password to re-enable E2E". Once you do so, the page should refresh and your data should be decrypted.
I'm technical and want to see how you've implemented this
So I (Chris, Mogul developer) tried to implement it myself from scratch and realized I was way in over my head. So I now pay for this service called Virgil Security that handles all of the heavy aspects of End to End Encryption. Specifically, I'm using their E3Kit service. You can read more about how it works here.
Curious about how they handle private keys? I was too. In terms of private key, Virgil does store the private key on a server but it is encrypted with a user-generated password. This allows for multi-device support. You can read more about that here.
If you enable this feature on your Mogul account, nothing in plaintext hits my servers. The only data that isn't encrypted are ID's (these are random and unique strings to identify data), booleans and any dates. At the moment, images (for avatars) are also not encrypted but it is on the roadmap.
Feel free to reach out to me directly ([email protected]) if you have any specific questions about the implementation, happy to chat.
Something went wrong
E2EE is a very complicated feature and has gone through a very long beta process before we rolled it out. Hover, things could still go wrong.
If the feature is not working as expected, please reach out to me directly ([email protected]) and I will work with you to fix things.