Please click on any section below to view a detailed answer to that sections.
From any email program: To encrypt an email using Bracket simply open your favourite email program, and send an email as you normally would. All you have to do is wrap your subject in brackets [like this] before you send your message. When you wrap your subject line in brackets it will tell our systems to encrypt the message and will automatically send notifications to the recipients you have defined.
From bracket.email: You can also create and send an encrypted email when you’re signed in to bracket.email. Just click the pencil icon in the left navigation bar to create a new message. If you’re on your smartphone just tap the button in the bottom right of your inbox. When you create a new message directly from the Bracket portal, you’ll notice that brackets wrap your subject automatically, so there’s no need to add them manually.
New messages and replies are automatically saved as a draft. If something happens to your computer or device while you’re creating a message don’t worry – it will simply show up in your inbox as a draft which you can open and finish anytime.
No. With Bracket, you can create and send an encrypted email from any client configured to accept and send mail from your email address. All you have to do is wrap your subject in brackets [like this] before you send it (you can also send encrypted email from bracket.email). Recipients of your message won’t need to download anything either.
Go to https://bracket.email and enter your email address. If you have an active Bracket account, we’ll email you a secure sign-in link. After opening the email, click or tap the sign-in button or enter the sign-in code shown in the email to access your Bracket inbox. For your security, your sign-in link and code will work only once and will expire in 15 minutes from the time it was requested.
Please also see this video tutorial: Get sign-in code for Bracket **Video Tutorial**
No. When creating an encrypted email with Bracket, you’ll need to be using the email address your email administrator has configured to work with Bracket. If you tried to send an encrypted email from a personal address @gmail.com, @outlook.com, or @yahoo.com, those mail systems wouldn’t be set up to handle encryption for Bracket, so your email would be delivered without ever passing through Bracket’s systems.
Bracket is great for sharing large attachments which normally can’t be sent through email. Bracket limits the single file attachment size to 250 MB, but you can send multiple attachments of this size at once. When sending a large attachment, be sure to send your message from the bracket.email portal instead of your normal email client. While Bracket has no problem with sending large attachments, your own mail systems might not be so accommodating.
When you receive a new message notification, click the button in the email to view the message, then click or tap one of the reply buttons shown. Your reply will be added to the message thread chronologically, and all recipients of the original message will receive a notification with a secure link which will log them in and take them to your reply.
Bracket doesn’t do forwarding like normal email clients. Instead, Bracket lets you give new recipients access to the message thread. If you’re the thread creator, you can simply click the “Add Recipient” button from the message view page and enter an email address to add someone to the thread. If you didn’t create the original message you can still add a recipient the same way, but the creator of the message will need to approve the change before they are added. Once a new recipient is added to the recipients’ list, they’ll be emailed a notification that will take them to the current thread where they can read through the original message as well as any attachments and replies.
Sometimes there may be a message preview which shows the subject line in a notification. If your subject content is sensitive, you may want to switch this setting on to keep away prying eyes from seeing the notifications.
Bracket is super easy to use, but we haven’t sacrificed your privacy or security. Here’s why you can rest assured that your data is also very safe. One thing that really makes Bracket intuitive is signing in doesn’t require a password. You’re probably thinking “What?… no password! How is that secure?” But think about it… if someone has access to your email on one of your devices your security is already compromised. This method of logging in is even more secure than the widely accepted practice of emailing yourself a password reset link for the following reasons:
Expiring sign in links – Whether you’re requesting a sign-in link or viewing a message from a notification, the email you receive contains a one-time-use button that securely signs you in and takes you directly to the message. If that button is clicked again, you’ll be prompted to request a fresh sign-in link. After 15 minutes, an unused sign in URL is invalidated and will no longer work.
Device fingerprinting – We’ve added an extra layer of security called “device fingerprinting”. If a sign-in link is clicked on a device which is different from the device used when requesting the sign-in link, the sign-in session will be invalid. To sign in to Bracket, you must use the same device you used when requesting the sign-in link. This way, your email link cannot be spoofed or intercepted in any way.
Geolocation of sign in requests – Each sign-in request contains a geolocation signature which shows the approximate location from which the sign-in request originated. This is displayed in the footer of your sign in email as text and a map image.
The message creator can remove a recipient by clicking the X button next to their name in the “recipients” section at the bottom of each thread. Once a person is removed from the recipients’ list they will lose access to the conversation and will no longer receive notifications when a new reply is added.
To completely remove access for all recipients of a message and delete your message from existence, click or tap the “recall message” button in the top toolbar. This will effectively terminate all user access to the message (including your own) and delete the message from Bracket. There’s no way to restore a message once you’ve recalled it, so please be careful. If you’d like to keep the message available to yourself, a safer option would simply be to remove all individual recipients of your message by scrolling to the bottom and clicking the X button beside each recipient.
Because most people don’t want or need their sensitive data lingering around forever, Bracket retains your messages for one year. But if you want to save it for longer than that, we’ve made it very simple to export your data to archiving solutions or even securely download them to the inbox on your email client. If you’d need a message to expire more quickly, you can set the message expiration by clicking the message options icon in the top navigation and adjusting the expiration date (both when creating a new message or viewing a message you’ve already created).
Just remember that expired messages are deleted and will no longer accessible to you or any of the other recipients of that message.
Yes, you can, as long as the original creator of the email has allowed it. Exporting a message lets you deliver an entire message thread to your inbox via secure SMTP delivery. If exporting a message is allowed by the message creator there will be a download icon in the top toolbar. Simply tap or click this icon to export a message thread to your inbox. You can disable the Export to Inbox option for every message you send from the settings page, or you can revoke the export option from the message options for an individual message.
You’ll be prompted with a warning if the message contains attachments that are larger than what most mail servers would allow. The reason for this is that many email servers outside of Bracket have relatively small attachment size limits which would cause your message to not be delivered. If you get the warning message that your attachments are too large to export, you should export the message without attachments, then download the individual attachments you want from the message thread itself when logged into Bracket.
Yes. When viewing a message that you originally created, you can see when your recipients opened your message, downloaded an attachment, or took various other activities related to your message. As the message thread creator, you are the only person in the thread who sees this information.
If you really want to lock your Bracket access down we also have two advanced options which make your content so secure that our highest level engineers couldn’t access your email… even if another entity tried to force us.
You can enable Two Factor Authentication – Two-factor authentication makes it so you’ll be prompted to enter a unique code when signing in (in addition to the normal sign-in process). This code will be sent to your mobile device via SMS. You can set up TFA from your settings page. When setting up TFA you will be required to enter your mobile phone number. Be sure you give this a mobile number that you have readily available access to. Once TFA is enabled, you’ll sign in by requesting a sign-in link as usual, but you will then be prompted to enter a randomly generated, single-use, six-digit code (which is automatically delivered via SMS to your mobile device).
Enable a Personal Data Key – You can tell Bracket to generate a secure personal data key from the settings page. Your personal data key will be shown to you only during setup, at which time you will be responsible for recording your key and storing it in a safe place. Once enabled, this unique key will be required when you sign in. If you have enabled this security mechanism, it will be impossible to view your data without your personal data key.
Please note that without this key our only way to restore your access to Bracket is to reset your account, which will wipe any previously existing messages. It’s that secure.
Last Update: July 24, 2018