Using ProtonMail with Facebook PGP emails

Facebook can end-to-end encrypt email notifications using your public PGP key. Because ProtonMail uses, and is interoperable with, PGP, taking advantage of this important security feature is easy if you have a ProtonMail account.  

Why enable PGP-encrypted emails from Facebook?

Facebook notifications can contain a great deal of private, sensitive information. For example, they can contain Facebook password reset links or details about who has messaged you on Facebook.

Encrypting Facebook email notifications using PGP does not hide this information from Facebook, but it does prevent third parties, such as your ISP, your workplace network, or a government agency, from accessing them. 

Isn’t it a security risk to give my public key to Facebook?

No. Your public key is exactly that, public. You can share it without compromising the security of your ProtonMail account. By sharing it, you enable others (such as Facebook) to send you encrypted messages.

Learn more about how PGP encryption works

How to enable PGP encrypted emails from Facebook

1. Download your ProtonMail public key by logging in to account.protonmail.com and going to SettingsEncryption & keys. Choose which key you wish to use (if you have more than one) and click Export in the Actions column. 

Export public RSA key

Note: Unfortunately, Facebook does not accept the Curve25519 elliptic curve used by our ECC keys. If your existing Key type is ECC (ed25519) then you’ll need to create a new key. To do this, click the Create key button and generate a 4096-bit RSA key.

Generate RSA key

2. Open the public key you just downloaded in a text editor. Select the entire text (EditSelect all in most text editors) and Copy it to your clipboard.

Copy your PGP key3. Log in to www.facebook.com using your browser and go to Account (downward-facing arrow at top right of screen) → Settings & PrivacySettingsSecurity and LoginAdvancedEncrypted notification emails.

Paste the text you copied in Step 2 into the box that says Enter your OpenPGP Public Key here

Click the checkbox to Use this public key to encrypt notification emails that Facebook sends you and click Save changes when you are done. 

Add your PGP to Facebook4. Facebook will send you an encrypted email notification asking you to confirm that you want it to send you PGP-encrypted notifications. Click Yes, encrypt notification emails sent to me from Facebook to confirm.

Conformation email from Facebook

Your email notifications from Facebook are now secure.

Final confirmation

Rate This Article

(20 out of 36 people found this article helpful)