Quick Start : Using FAOPGP for the first time


STEP 1 : Logging on

When you first start FAOPGP you are asked to provide a password so that FAOPGP can create your personal keystore. FAOPGP uses this password as one of the mechanisms for protecting your keystore.

Keystore Logon - first time


Enter New Password
Enter a password for the keystore. Your password must be between 8 and 40 alphanumeric or special characters in this field. Please see choosing a good password.

Confirm New Password
Retype the password you entered in the 'Enter New Password' field to confirm that it is correct.

As soon as you press Set Password button your keystore is created, protected with the password you just entered. You are now logged onto your keystore and the FAOPGP GUI is displayed where you can begin protecting files, managing your keys and changing your default settings.





STEP 2 : Generating / Importing your Own Key

Generating or importing your own key - so you can protect files for yourself

The first thing you must do before you can protect files is generate, or import, your own personal key (so you can encrypt files for yourself and digitally sign files). You will also need to send the public part of this key to others (see step 4 : exporting keys) so that they can encrypt files for you.

IMPORTANT NOTE:  If you want to encrypt files for other people then they must generate a key on their computer using their copy of FAOPGP (or FAOPGP Reader or any other OpenPGP application) and send it to you. You can then import this key into Key Manager so that it will become available for selection from the 'Encrypt For' drop-down list box. You cannot generate keys on behalf of others because when you export a key, only the public part of the key (used for encryption and signature verification) is exported.  The private part of the key (used for decryption and signing) never leaves the computer unless you specifically ask for this, which you should not normally do.

Generating and importing keys is done in FAOPGP's Key Manager.  Selecting 'Key Manager' from FAOPGP's Tools menu displays the following tabbed dialog:

Key Manager


 Generating your Own Key

Generate Signing Key  Pressing the Generate Key button displays the following dialog.  

Generate Self-Signed Key

Enter your information (every field must be filled in) and press .  An encryption and signing key is automatically generated for you and is displayed in the 'My Own Keys' tab in Key Manager.


Importing your Own Key
You can also import a key from a Certificate Authority (X.509) or another OpenPGP application (PGP, GnuPGP, etc.) if you prefer by pressing the Import Key File Import Key File icon.

Once you have generated or imported a key you will want to export it to other people. They need this key to encrypt files for you !



STEP 3 : Importing Other People's Keys

Importing keys - so that you can send encrypted files to others

If you are encrypting files for other people they must send you their keys and you will have to import them into FAOPGP before you can encrypt files for them.  They have to generate a key in Key Manager on their computer (they can do this with either FAOPGP, the FREE reader software or any OpenPGP application) or purchase one from a public Certification Authority (X.509). Once they have generated their key they can export it and send it to you so you can import it into Key Manager.

If the key is saved as a file, then in Key Manager, press the Import Key File Import Key File button and select their key.  See Importing Keys.

If the key is an ascii key block then you will need to copy it and paste it into FAOPGP's secure text editor.  Pressing the button in the secure text editor will start the key import process.

Once you have imported someone else's key it will be shown in the 'Other Peoples Keys' tab and will be available from the 'Encrypt For' pull-down list box when protecting files.



STEP 4 : Exporting Your Key

Exporting your key - so that others can send you encrypted files

Right-click on a key and select 'Export and send' from the pop-up menu. Choosing this option will open up your default MAPI email application with the exported key displayed as ascii text in the message body. Only the public part of your key is exported. It can only be used to encrypt files for you or to verify files you have signed.  If you would like to export your key as a key file please see Exporting Keys.

Once someone has received your key they just highlight the key block and copy and paste it into FAOPGP's secure text editor.  They just press the button in the secure text editor to start the key import process.  Your key will automatically be added to their 'Other Peoples Keys' tab.



STEP 5 :  Protecting (Encrypting & Digitally Signing) Files

1. Select the files you want to protect in the FAOPGP GUI.



2.  Select the people you want to encrypt files for from the Protect For list box.  This list box displays all the keys available in the 'My Own Keys' and 'Other Peoples Keys' tabs in Key Manager. If you want to also sign files select your key from the Sign As list box.

If you want to encrypt files for yourself choose a key that belongs to you.  If you want to encrypt files for other people then choose one of their keys (the files will automatically be encrypted for you too).  The 'Sign As' list box will only ever display keys that belong to you because you cannot sign files on behalf of others.

You can encrypt files for multiple recipients by selecting multiple users from the 'Encrypt For' drop-down list box. Hold down the CTRL or SHIFT key whilst selecting user names in order to highlight them.

Multiple Recipients selection

Press the button once you have made your selection.

NOTE: It does not matter if you do not include one of your own keys in the list as files will automatically be encrypted for you too using your Default key.

If you want FAOPGP to automatically email the files after they have been protected then check the 'E-mail' check box. On pressing the Protect button, FAOPGP will automatically open the default email client with the protected files attached and the email address(es) already filled in. See E-mailing Files Securely.
3.  Press the PROTECT button Secure button

Your files are automatically protected and saved in the location you specified. By default, files are automatically protected to the source folder (the folder where the original unprotected files are stored) with a .pgp or .asc extension. You can change where FAOPGP stores files in the Default Settings dialog accessible from the Security menu.



STEP 6 : Sending Protected Files to Others

Before you protect files select the 'E-mail' check box on the Protect dialog. On selection of the 'Protect' button FAOPGP will protect your files and open your default e-mail client with the files as attachments to a new mail message. FAOPGP automatically fills in the email address(es) for you by taking this information from the recipient public keys. All you need to do is type in a subject and click on Send.



STEP 7 : Unprotecting (Decrypting & Verifying) Files

Just double-click on a protected file (.pgp or .asc) in the FAOPGP GUI.
Alternatively, select the files you want to unprotect, and press the UNPROTECT button

FAOPGP displays a log of the files you have unprotected in a separate window. See Unprotecting Files for additional information.

If you want to change where FAOPGP stores unprotected files then change the settings in the Default Settings dialog accessible from the Security menu.  



STEP 8 : Securely Deleting Files

You do not have to generate or import keys in order to delete files securely.  Just select the files you want to securely delete, right-click and select 'Secure Delete' from the pop-up menu.  You will be asked to confirm deletion of the selected files. See Securely Deleting Files for additional information.



STEP 9 : Logging Off from your Keystore

At the very least you should activate your Windows secure screen saver (or similar security measures) when you are away from your PC to prevent other people from accessing protected files that they are not authorized to view or from signing files masquerading as you.  It will also prevent other people from importing, exporting or deleting keys that are in your keystore, changing your default settings and creating secure files and text.

The most secure approach is to log off from your keystore. To do this just close the FAOPGP GUI.