Streak SecureGmail is a Google Chrome or Chromium browser plugin. You are required to use the chrome browser to encrypt your GMail using Streak. Streak does not use Public Key Encryption but relies on you and the recipient both using a secret shared password and the Streak Chromium plugin. With an encrypted email, you are able to send a password hint to the recipient. The encrypted email is only as strong as your password so make it a strong one. Remember to never email or IM your password for others to intercept unless you have a secure means to tell this person the password.
Start by opening your Chrome browser and download the plugin.
Next login to your Gmail account, and you will see the Streak plugin working. You will see a lock next to your Compose button. Now click it.
Now you will be given a compose message screen. Go ahead and begin composing a message normally. Gmail will not auto save messages written in this box. This is important because you would not want to have a message in clear text reside anywhere on Google’s servers if you are wanting to send an encrypted message.
Once your email has bee written and recipient selected, click on Send Encrypted. Enter a strong password. The security of this encryption lies in a password which cannot easily be guessed or brute force attacked. Streak SecureGmail uses symmetric encryption to encrypt and decrypt each message.
This shows an encrypted email in the recipients Gmail. Notice the link to decrypt message with password:
Any recipient which does not use Gmail or a Chromium browser will be prompted with this message:
Once the correct password is entered, the email will be decrypted.
With any security project, community involvement is the key to helping identify flaws and verify the what the app is actually doing. Streak has posted the entire project on github here.