Why you should avoid sending passwords via email

July 31st, 2021

Let's face it, sending passwords direcly via email or messenger is the most convenient way. We've all done it. And many people still do it. But is it safe? Nah, not really.

5 reasons why passwords should not be send via email

  1. Emails are often send in clear-text, meaning the information is unencrypted – thus unsecure. If an email is intercepted, it's quite simple to extract information from it.

  2. Vendors like Gmail actually scan your emails to get a better understanding about the contents of your email. Bots and other technologies have full access to your sensitive data and probably use them for analysing and who know what.

  3. Your data is probably stored on multiple servers worldwide. You have no control over who has access to it or for how long your data is stored. Plus, hackers might find a way to gain access to one of those servers and have full access to your unencrypted data.

  4. Deleting an email probably does not really removes all of it's contents from the servers. They might be deleted in a form of "soft delete", so they are visually gone, but remain in databases. This is actually common practise.

  5. If someone has access to your email account, they have access to passwords you have send and also passwords you received by others. In the past, many email apps such as Spark, Superhuman or Edison have come under fire for storing emails on their own servers. Even if just temporarily, you have no control over this. And you don't know what happens with your data on those servers.

All of the above points do also apply to many messengers such as Facebook Messenger, Slack, or WhatsApp. You may read more about this here.

Have some peace in mind

InPrivy allows you to send a secure link that will be voided once it was opened, or your defined open-limit was reached. There is no way to access your sensitive information after it was deleted. You have full control over your shared data and if needed, you can void your secret manually at any time.

See which secrets were opened, or voided due to expiration. You can even get a notification via email when your secret was opened. There is much more to discover.

Sounds good, right? Try InPrivy for free for 20 days. No commitment. No credit card upfront. And if you are not a fan of subscriptions, simply top-up your account. Repeat as often as you need.

Sign up to InPrivy

Blog