End-to-end encryption (E2EE) is a communication system in which only the communicating users can read the messages. This feature can prevent potential eavesdroppers by allowing users to create encrypted rooms.
IMPORTANT: E2E encryption functionality includes notable restrictions that workspace owners should carefully consider before activating this feature. Here is what to keep in mind:
Encrypted messages of encrypted rooms will not be found by search operations.
Bots may not be able to see encrypted messages until they implement support for it.
Spotted a bug? Help us improve by reporting it directly to Rocket.Chat!
To access this setting, go to Administration > Workspace > Settings > End-to-end encryption.
Field | Description |
|---|---|
Enabled | When this option is enabled, users can create encrypted rooms and set direct messages to be encrypted. |
Unencrypted messages in encrypted rooms | Enable this option to allow plain text messages to be sent in encrypted rooms. These messages will not be encrypted. |
Encrypt files | Enable this option to encrypt uploaded files. Your File Upload settings affect the files supported in encrypted rooms. |
Enable encryption for Direct Rooms by default | Enable this option to encrypt new DMs by default. |
Enable encryption for Private Rooms by default | Enable this option to encrypt new private rooms by default. |
Mentions | Enable this option to notify people and highlight users, channels, and team mentions in encrypted channels by using the |
Once you have configured the settings, refer to the End-to-End Encryption User Guide to learn how to use the E2E feature for more secure communications. Refer to the E2EE Specifications document to learn about the technical implementation, such as key generation and encryption processes.