Trusted Device keys provide a convenient and secure way to access all of your SendSafely items from devices you use frequently. We generally recommend that you set up at least two different trusted devices (a primary and a backup) to ensure historical access to your SendSafely files in the event that access to your primary device is lost or your browser cache is cleared/reset.
In addition to setting up a second Trusted Device, we also recommend that you export and save at least one of your Trusted Device Keys as a manual alternative for re-establishing access if needed. This article will walk you through the process of exporting and importing a SendSafely Trusted Browser Key. For more information on how Trusted Browsers work, you can find a dedicated blog post on that topic here.
Exporting a Device Key
Your device key can be exported from the Trusted Devices section of the Edit Profile page when you are logged into the SendSafely Web Portal (Account Menu > Edit Profile).
- You can only export a trusted device key if you are using a device that has already been trusted. If you do not see the export button (refer to screenshot below) then it means your device is not currently trusted.
- The key that will be exported is the one associated with the device at the top of the list, which should be marked with the "This Browser" badge.
- A Trusted Device Key can only be exported from a desktop web browser. Mobile device keys, and keys associated with other SendSafely integrations (Chrome Extension, Outlook Plug-in, etc) cannot be exported at this time.
Once the key file is downloaded, you should store it in a safe location where you will be able to access it later if needed. Ideally you should store the file on a different device or backup drive in case you lose access to the device.
The key will be saved in a .SSKEY file that is named based on your SendSafely user account and the unique identifier associated with the private key (ie email@example.com_KEYID.sskey).
If you are not prompted where to save the file to, the key might be automatically saved to your Downloads folder. Locate the file and move it to a safer location.
- Your exported Browser Key is protected with encryption, and can only be used with your unique SendSafely account.
- Do not store on any public folder or shared drive that other users have access to. Treat the exported key as you would any other sensitive files you keep for long term storage.
Importing a Trusted Device Key
If you ever lose access to your Trusted Device and want to restore the key, or need to trust a new device and want to re-use an existing backup key, you can reestablish trust and access to your historic SendSafely items by importing a copy of a previously exported key. The key can be imported from the Trusted Devices section of the Edit Profile page when you are logged into the SendSafely Web Portal (Account Menu > Edit Profile).
- You can only import keys that were previously associated with a trusted device on your own SendSafely account. Sharing device keys across different accounts is not possible.
- If the Trusted Browser has been manually deleted from the Trusted Device Keys listing (by pressing the red Delete button), the associated exported key is invalidated and can no longer be used.
- If the import is successful, the page will reload and you should see a green "This Device is Trusted" badge at the bottom of the device list. Keep in mind that if the key you imported was from a different machine and/or browser, the name associated with the machine that you originally generated the key on will be used to identify the newly re-trusted device.
- If you import a key on a device that is already trusted, the existing device key will be overwritten with the imported key. For these cases, you may want to export the existing device key first in case you need to undo this change.
For questions or issues related to device keys, please contact firstname.lastname@example.org.