chevron-down Created with Sketch Beta.

GPSolo eReport

GPSolo eReport July 2023

Ask Techie: How Do I Send a Password Securely Via Email?

Ashley Hallene and Wells Howard Anderson

Summary

  • This month’s tech Q&A column answers your questions about how to send a password securely via email and how to make images on your website accessible for users with a visual disability.
  • It is a bad idea to send passwords and other confidential information via normal email, but free services such as Password Pusher can send passwords safely.
  • One way to increase your website’s accessibility and at the same time increase its search engine optimization (SEO) is by adding alt text (also known as alternative text) to the images.
Ask Techie: How Do I Send a Password Securely Via Email?
Image Source via Getty Images

Jump to:

Welcome to the latest installment of our monthly Q&A column, where a panel of experts answers your questions about using technology in your law practice.

This month we answer readers’ questions about how to send a password securely via email and how to make images on your website accessible for users with a visual disability.

Q: How Do I Send a Password Securely Via Email?

A: You can email a secret link for a single-use webpage that will display a password.

It is a bad idea to send passwords and other confidential information via normal email.

It is highly unlikely, but possible, for a sensitive email to be intercepted by a bad actor in its journey across the Internet. Another risk is that an attacker could break into your email account or the recipient’s email account. If a bad actor were to open your email, they could misuse its contents.

Secure email services can be excellent, but they can also be complicated and require setup in advance. If you just need to send a password, you have other options.

There are simple, safe solutions for sending passwords.

(Note: Back in September 2020, this question came up in “Ask Techie” and was answered here. That approach still works, but I found a better one!)

My favorite free service is Password Pusher.

You don’t need to sign up for an account. Using it is easy:

  1. Go to https://pwpush.com.
  2. Enter a password you want to send.
  3. Slide the “Views” slider down from 5 views to 1.
  4. Click “Push It!”
  5. Copy the secret link.
  6. Paste the secret link into an email and send it.

When the recipient receives the email, he or she can click the secret link, copy the password, and keep it in a safe place.

The reason you set the views to one is so no one else can get the password using the link. It expires immediately after the recipient opens it.

What if someone intercepts the email before the recipient sees it and gets your password using the secret link?

That could be a problem if the bad actor knows how to use the password. You have a couple of options for avoiding that risk.

  1. Send the password before you use it to lock up something, such as an encrypted Word document, PDF file, or Zip file. Ask the recipient to confirm that he or she has clicked the secret link and has the password. If a bad actor got to the password first, your recipient won’t be able to open the secret link. You’ll know that you need to create a new password and secret link. After the recipient confirms receipt of the new password, use it to lock the file and then send it.
  2. To send an existing password, you can first send a temporary password via a secret link. Once the recipient confirms receipt of the temporary password, you can send a new secret link for the real password, locking the link with the temporary password. You do this by placing the temporary password in the Passphrase Lockdown field. (I have posted a graphic showing how to use Passphrase Lockdown.)

This whole process is secure because you set the secret link to allow only one view. If the recipient cannot view a password you sent via Password Pusher, you know that someone else got it first.

An alternative to Password Pusher is One Time Secret. It works very much like Password Pusher except that you cannot copy and paste the password shown by the secret link. You need to type it or write it down.

Both services are free. You need to trust that these services are telling the truth when they assert that they have no access to the passwords you send. Password Pusher publishes its source code allowing experts to confirm that it is secure; however, as Password Pusher notes, you cannot be certain that the server-side code of any website is or does what the website claims.

Neither service collects personal information or asks for an email address. You simply make an entry in a form, click a button, and get an expiring secret link.

Techie: Wells H. Anderson, JD, GPSolo eReport Contributing Technology Editor and CEO of SecureMyFirm, 952/922-1120, www.securemyfirm.com—we protect small firms from cyber threats with affordable, multiple layers of defense.

Q:  How Do I Make the Images on My Law Firm’s Website Accessible for Users with a Visual Disability?

A: One way to increase your website’s accessibility (and at the same time increase its SEO) is by adding alt text to the images. Alt text, also known as alternative text, describes the appearance or function of an image on the page. The alt text can be read aloud by screen readers, a system used by visually impaired users. It can also display in place of an image if the image fails to load and is indexed by search engine bots to better understand the content of your page. It is an important tool for web accessibility. It helps people with visual impairments understand what is in an image. It also helps search engines understand what is on a page. By following these tips, you can make your website more accessible and improve your SEO.

Here are some tips for adding alt text to images:

  • Describe the image and be specific without editorializing. The more specific you are with your alt text, the better because it will naturally rank higher in image search engines thanks to detailed image context.
  • Add context that relates to the topic of the page or article.
  • Keep your alt text fewer than 125 characters.
  • Don’t start alt text with “picture of . . .” or “image of . . .” because it is already apparent that it is describing an image.
  • Include any text that is part of the image.
  • Do not repeat yourself or the surrounding text.
  • Do not add alt text to decorative images that have no meaning or function.

When screen readers such as Microsoft Narrator, Job Access with Speech (JAWS), and NonVisual Desktop Access (NVDA) reach digital content with alt text, they will read the alt text aloud, allowing people to better understand what is on the screen.

To check if the images on your website already include alt text, scroll to the image on a page and right-click it. From the menu that appears, choose “inspect,” and a panel displaying HTML code will appear. Look for an HTML tag that starts with “alt=”. The words that follow will be the alt text description.

If you need to add alt text to your images, open your web editor. I will use WordPress as an example, but most editors have similar functions. Navigate to the post or the page that you want to edit, and click the image to which you want to add alt text. In WordPress, you will see a menu bar that comes up with a pencil icon that you can click for editing. At the top of the Image details screen, you will find a line for Alternative Text, which is where you can add or edit the text. Type it in there, save or hit update, and then publish your web page or article to make it live.

You also can add alt text to images in Microsoft Word by right-clicking the image. Toward the bottom of the list of options, you will find “View Alt Text.” Click that, and Microsoft will launch a prompt recommending one or two detailed sentences. You can accept that recommendation or replace it with your own text. Then just close the prompt box, and you are all set. If these documents are uploaded to Google Docs and shared with someone in Google Drive, the alt text is preserved and accessible with a screen reader.

Techie: Ashley Hallene, JD, GPSolo eReport Editor-in-Chief ([email protected]).

What’s YOUR question?

If you have a technology question, please forward it to Managing Editor Rob Salkin ([email protected]) at your earliest convenience. Our response team selects the questions for response and publication. Our regular response team includes Jeffrey Allen, Wells H. Anderson, Jordan L. Couch, Ashley Hallene, Al Harrison, and Patrick Palace. We publish submitted questions anonymously, just in case you do not want someone else to know you asked the question.

Please send in your questions today!

    Author