Exporting encryption keys

Exporting your encryption key out of the system, ensures full end-to-end encryption, meaning that Whistleblower Software cannot read your data.

When encryption keys are exported, they will have to be entered upon each sign-in, meaning that the encryption key will have to be shared between case handlers. Preferably through a password etc.

1. step: Go to "Settings" -> "Security" -> and click "Full end-to-end encryption"

2. Click "Export encryption key"

3. Note down the encryption key, and export it as a PDF. Make sure to save it. If the encryption key is lost, then your data will be lost, without the possibility to restore it. Click "Confirm export"

4. The saved PDF, should look like the following:

5. Confirm the key export, by entering the encryption key once again, and click "Confirm export".

(During the process a new RSA encryption key is generated clientside, furthermore, all encryption keys are fetched to the client, decrypted using the old key, and encrypted using the new key. - Effectively rotating all keys in the system.)

6. Going forward case handlers and other users will now need the encryption key when signing in. When logging in, a prompt is shown. Enter the encryption key and press "Ok".