Security of email and iMessage sharing

sjmadsen

Sharing items through email and iMessage produces a long, encoded string. Given the usability shortcomings of vaults, it seems like sharing individual items with others via email or iMessage might be my best choice, so that these items can be added to their primary vaults and synced to their iOS devices.

I can't find any discussion anywhere about the security of these methods. Without a shared secret, it seems like anyone with knowledge of the encoding method can simply decode the string and have my information. Not publishing the encoding method is security through obscurity, which is no security at all.

I'd like to understand the risks of sharing using these methods so that I can make an informed choice about what and how I share items. Honestly, I'm surprised this isn't already covered in the documentation.

Jasper

@sjmadsen

There's a great blog post about exactly this, it'll likely answer most of your questions:

Understanding Sharing | Agile Blog

MikeT

Hi @sjmadsen,

JasperP's link is perfect, please do check it out. If you have further questions, please let us know, and we'll make sure Jeff can help answer any questions you have.