Contents x
    End-to-End Encryption User Guide
      • Print
      • Dark
        Light
      • PDF
      Contents

      End-to-End Encryption User Guide

        • Print
        • Dark
          Light
        • PDF
        Article summary

        End-to-end encryption (E2EE) is a method of secure communication in which only the senders and recipients can encrypt and decrypt the messages and files. Rocket.Chat provides an additional layer of security with the E2EE feature. To use E2E encryption, your workspace administrator must enable the E2E Encryption feature in the workspace settings.

        E2E encryption functionality is currently in beta and includes the following notable restrictions that workspace owners should carefully consider before activating this feature for production use:

        • E2E encrypted messages cannot be searched and audited.

        • Bots or other ancillary systems interacting via webhooks or REST API cannot read E2EE encrypted messages.

        • Rocket.Chat enables users to reset their private E2E key to avoid permanent data loss during the beta period.

        Save your E2E encryption password

        Once E2E is enabled in your workspace, a Save your encryption password banner is displayed at the top of your workspace.

        To save this password,

        • Click the Save your encryption password banner. It displays a modal with the encryption password.

        • Click copy password and save the password securely.

        • Finally, click on the I have Saved my Password button to confirm.

        The encryption password is displayed only once. Therefore, it is essential to save it securely as you will require it to decode or encode encrypted messages on your workspace from any client.

        After this, you can create encrypted rooms and communicate securely with the participants.

        Enter your E2E encryption password

        Now whenever you log in to your account, an Enter E2E password banner is displayed at the top of your workspace.

        To access your encrypted rooms and messages, enter your E2E encryption password by following these steps:

        • Click on the Enter E2E password banner.

        • A modal is displayed, prompting you to enter your encryption password.

        • Enter the password you saved earlier.

        • Click the Decode Key button.

        Create an encrypted room

        E2E is only available for DMs, private channels, and private teams. To create an encrypted channel or team, enable the Encrypted option while creating the room.

        Enable and disable E2E in an existing room

        To enable/disable E2E in an existing private room,

        Change the encryption password

        To set a new encryption password or reset your E2E key, see Account - Security. You can only change your encryption password in a workspace where you have already entered the existing password.

        FAQ

        How can I tell if the room is encrypted?

        If the room is using end-to-end encryption, you should see a key icon by the channel name.

        How can I tell if a message is encrypted?

        You will see a key icon by the username.

        Was this article helpful?
        What's Next
        Rocket.Chat versions receive support for six months after release. End-of-life for any version is the last day of the month when support ends.
        ESC

        Eddy AI, facilitating knowledge discovery through conversational intelligence