End to End Encryption User Guide
When E2E is enabled on your workspace, users can create encrypted rooms and send encrypted messages.
IMPORTANT: E2E encryption functionality is currently in beta and includes notable restrictions that workspace owners should carefully consider before activating this feature for production use as follow:
- E2E encrypted messages will not appear in search operations.
- Bots or other ancillary systems interacting via webhooks or REST API cannot read E2EE encrypted messages.
- File uploads are not encrypted.
- Rocket.Chat enables users to reset their private E2E key to avoid permanent data loss during the beta period.
To use E2E Encryption, your Rocket.Chat workspace administrator must turn on the End to End Encryption feature.
If E2E Encryption is enabled on your workspace, you see a banner notifying you to Enter your E2E Password.
- Click on the banner
- A modal is displayed with your password.
- Copy and store the password securely. You'll need it when using Rocket.Chat on another device.
- Confirm by clicking on I Saved My Password.
To change your Encryption password,
- Click your avatar and select My Account.
- Navigate to Security > E2E Encryption.
- Set the new encryption password
- Click Save changes.
To create an End to End Encrypted room,
- Enable Encrypted.
To convert an existing room to an encrypted room,
- Click the Room Information icon from the menu bar to view the Channel information. (link channel info).
- Click Edit to edit the Channel information.
- Toggle on Encrypted
- Click Save.
Last modified 2mo ago