<li>On the screen titled "Encryption," select "Encrypt all of my messages by default, because privacy is critical to me."</li>
<li>On the screen titled "Signing," select "Don't sign my messages by default."</li>
<li>On the screen titled "Key Selection," select "I want to create a new key pair for signing and encrypting my email."</li>
- <li>On the screen titled "Create Key," pick a strong password! We recommend the Diceware method, which creates passwords which are both strong and memorable. To use the Diceware method, you will need the dice and <a href="http://world.std.com/~reinhold/diceware.wordlist.asc">this</a> list of words. Do not substitute computer dice for physical dice. Notice that each word on the word list corresponds to a unique five-digit number. Roll one die five times, or five dice once to select the first word. Don't rearrange or discard the words, because doing so makes the process much less secure. Repeat this process until you have at least six words, and there's your password! Diceware passwords are hard to remember until you've typed them in a handful of times. Write down your password and keep it with you at all times until you've got it memorized. Then, destroy the piece of paper. If you lose the piece of paper, you will still be able to revoke your key with your revocation certificate (which we'll talk about in just a minute).</li>
- <li>If you don't have dice, pick a password which is at least twelve characters long, and includes at least one lower case and upper case letter and at least one number or punctuation symbol. Don't forget your password, or all of this work will be wasted!
+ <li>On the screen titled "Create Key," pick a strong password! We recommend the Diceware method, which creates passwords which are both strong and memorable. To use the Diceware method, you will need dice and this <a href="http://world.std.com/~reinhold/diceware.wordlist.asc">list of words</a>. Do not substitute computer dice for physical dice. Notice that each word on the word list corresponds to a unique five-digit number. Roll one die five times, or five dice once, then string the numbers on the dice dice together to create a five-digit number, and then look up the corresponding word.</li>
+ <li>Repeat this process until you have at least six words, separating each with a space and keeping them all lowercase. You'll end up with a password like "dog help people drive match ice." Don't rearrange or discard the words, because doing so makes the process much less secure.</li>
+ <li>Diceware passwords are hard to remember until you've typed them in a handful of times. Write down your password and keep it with you at all times until you've got it memorized. Then, destroy the piece of paper.</li>
+ <li>If you don't have dice, pick a password which is at least twelve characters long, and includes at least one lower case and upper case letter and at least one number or punctuation symbol. Don't forget your password, or all of this work will be wasted!</li>
</ul>
<p class="notes">The program will take a little while to finish the next step, the "Key Creation" screen. While you wait, do something else with your computer, like watching a movie or browsing the Web. The more you use the computer at this point, the faster the key creation will go.</p>
<p><span style="font-weight: bold;">When the "Key Generation Completed" screen pops up, select Generate Certificate and choose to save it in a safe place on your computer (we recommend making a folder called "Revocation Certificate" in your home folder and keeping it there). This step is essential for your email self-defense, as you'll learn more about in <a href="#section5">Section 5</a>.</span></p>
<div id="step-lost_key" class="step">
<div class="main">
<h3><em>Important:</em> act swiftly if someone gets your private key</h3>
- <p>If you lose your private key or someone else gets ahold of it (say, by stealing or cracking your computer), it's important to revoke it immediately before someone else uses it to read your encrypted email. This guide doesn't cover how to revoke a key, but you can follow the <a href="https://www.gnupg.org/gph/en/manual.html#AEN305">instructions on the GnuPG site</a>. After you're done revoking, send an email to everyone with whom you usually use your key to make sure they know.</p>
+ <p>If you lose your private key or someone else gets ahold of it (say, by stealing or cracking your computer), it's important to revoke it immediately before someone else uses it to read your encrypted email or forge your signature. This guide doesn't cover how to revoke a key, but you can follow the <a href="https://www.gnupg.org/gph/en/manual.html#AEN305">instructions on the GnuPG site</a>. After you're done revoking, send an email to everyone with whom you usually use your key to make sure they know.</p>
</div><!-- End .main -->
</div><!-- End #step-lost_key .step-->