In short, no. Sending email attachments is not secure for many reasons. Even if you connect to your email service in a secure way (e.g. by using https), you have to think about where your email goes once you hit "Send." Your email will travel across the Internet passing through various devices and servers before eventually arriving at its destination. Just like a postcard in the mail passes through many hands, the same goes for email. It might just pass it on or it could save your data making it available for someone to view.
Additionally, you should consider the destination (the email address you are sending it to). Your email and its attachment will reside on the recipient's email server until it's deleted. Any employee (or even worse, an intruder) would have easy access to whatever information is contained in that email attachment.
Send Files Securely is the best alternative to email attachments. Simply upload your file and send the link by email. The file is securely stored and can be password protected.
Ready to send files securely? Start here by uploading your file!
Send Files Securely uses the latest encryption techniques and algorithms to secure data which includes the Advanced Encryption Standard (AES) with a 256-bit key. This is the same encryption standard used by governments and banks to protect confidential data. The 256-bit key is derived from your secret password (if provided*) using a function that adheres to RSA Laboratories' Public-Key Cryptography Standards (PKCS). Your secret password and encryption key are never stored and therefore your encrypted file and filename are extremely secure and can only be accessed by using your selected password.
See below "Providing a Password" for more details.
When uploading a file using Send Files Securely, users have the option of providing a password. Providing a password with every upload is important and highly recommended.
The password is used as part of the creation of the encryption key. The encryption keys used for both the file and the filename are created from this password. Neither the password you enter nor the encryption keys are ever stored. There is no way to retrieve a password or file should the password be forgotten.
Including a password also protects the file from being downloaded by unintended recipients. Without a password, anyone with the file link could download the file. Since the file link is often emailed over insecure email, obtaining the file link may be possible by a hacker.
If a user does not provide a password, the Send Files Securely application will use its own random password to create the encryption key. Although the file and filename are still encrypted using the same high-grade algorithm, this password is known by the application and will be used again when downloading the file.
For these reasons, it is recommended that users enter a password when uploading files. See Why should passwords be so complex? for recommendations on password complexity.
Send Files Securely was built with security as one of the number one goals. One of the best ways to help protect your files is to add the optional password before uploading. Since the file can be accessed using the password, it should be as long and complex as possible. This includes uppercase (A-Z), lowercase (a-z), numeric (0-9), and special character (!@#$%^&*()<>,. …etc.). We would recommend a password no less than 12 characters- more is even better.
A password containing all four character types and having a length of at least 12 characters is considered strong. This type of password would require an attacker to try a very large pool of possible passwords, which with today's computing power would prove to be very difficult (or impossible) to do in any realistic timeframe.
For additional information regarding password strength (including an interactive password calculator) you may be interested in visiting https://www.grc.com/haystack.htm.
Transport and file encryption are both necessary to properly secure your file and Send Files Securely uses both. Many other free websites use one or the other or neither at all! We are committed to protecting your files with the best possible technology.
You'll notice all of our pages start with "https." The "s" stands for secure. We use an SSL certificate to ensure everything between your computer and our servers is protected with high-grade encryption. Some services stop there and then save your file unsecured on their servers. This provides no security against unauthorized people viewing your files while they are in storage. If an employee or even worse a hacker got a hold of the file they could open and view it just like you do on your own computer.
This is where Send Files Securely really stands out above other services. Every file uploaded to our servers over the secure SSL channel is encrypted with AES-256 encryption and neither your password* which is used to help generate the encryption key nor the key itself is ever stored. It's noteworthy to also mention that filenames are also encrypted. What does this mean? It means a couple of things:
*User-entered file passwords are optional. If a file is uploaded without a password, Send Files Securely will still encrypt the file using the same high-grade encryption, however, the values used to create the encryption key will be known by the Send Files Securely application. For this reason, it is recommended that users enter a password when uploading files.
We feel we have provided the most secure and easy way to send files online and we think you'll agree.
Ready to send files securely? Start here by uploading your file!
Yes. Using 256-bit AES encryption, both your file and the filename are encrypted while in storage. This adds an additional layer of security since the filename could potentially contain confidential or identifiable information.
Yes. All of our webpages use Hypertext Transfer Protocol Secure (HTTPS) which provides a secure, encrypted connection (via the SSL/TLS protocol). Any data you enter or file you upload is securely transferred from your computer to our servers. You can verify this by viewing the certificate information with your browser while on our website. HTTPS is the same technology used by online financial institutions.
No. You've probably noticed many other sites either require you to register to use their service or require you to enter your email address and the email addresses of those you want to send the file to so they can send the file on your behalf. Send Files Securely works differently. We don't require anything from you (for the Free plan). Just upload your file- that's all. This way you have complete control, are able to send the unique link to your file from your own email account, and don't have to give your email address or personal information to yet another website. We've made it easy to send files securely and we think you'll agree.
We do not recommend emailing the file's password. It is ok to email the link to your file, but emailing the password (either in the same email or in a subsequent email) increases the chances that someone could view both the link to your file and its password and therefore access your secured file. It is better to communicate the password some other way (e.g. phone, in person, text message, etc.).
No (sorry). We never store your password and passwords cannot be reset. Files are encrypted in such a way that only the original password can be used to retrieve a file. Since passwords are never stored, we have no way of recovering your file. It will remain securely encrypted until it is permanently deleted from our servers (see How long is my uploaded file available? for more details on when files are deleted). This is part of what makes using Send Files Securely so secure- nobody can view your encrypted file unless they have the password you created for that specific file.
Free Plan - Files are available for 7 days. After the 7th day, the file is deleted and can no longer be downloaded.
Pro Plan - Pro users can select when each file is deleted: after a set number of days, after a set number of downloads, or manually.
Send Files Securely is an American company- created, hosted, and maintained in the USA. Hosting and file storage is provided by Microsoft's Cloud Platform, Windows Azure. Encrypted files are replicated and stored in separate secure data centers located in the Western and Eastern US for high availability.
As a reminder, all uploaded files are encrypted during transmission and storage.