SendSafely now prompts all Workspace owners to enable link validation on their existing Workspaces. Once enabled, link validation confirms the decryption #keycode at the end of the secure link is correct before allowing collaborators to access the Workspace. The #keycode is generated in the Workspace owner's browser and is unknown to SendSafely, which enables our end-to-end encryption methodology. The #keycode is the string of characters shown in yellow below. The most frequent cause of an incorrect #keycode is a copy and paste error, either by the collaborator copying the link from their email, or the owner sharing the link initially.
Newly created workspaces include link validation automatically, manually enabling is only required on existing Workspaces.
To enable link validation for an existing workspace owners should take the following steps:
- Log into the workspace
- Download a single file and confirm successful decryption (and therefore confirming the #keycode is correct )
- Click the "Enable now" button
Enabling link validation ensures all collaborators have the correct #keycode for successful decryption and download of shared files, as well as successful encryption and upload. Once enabled, collaborators attempting to access a Workspace with an incorrect #keycode will receive the following error:
Collaborators can still access unvalidated Workspaces, however unvalidated Workspaces do not provide automated notification of incorrect #keycode, and both file encryption and decryption will fail for collaborators using incorrect #keycodes.