Members have suddenly encountered the following banner:
It’s part of the Discourse Encrypt plugin, installed as a test among the @staff (but there was no way to limit the test to its members). So those who searched for “paper key” found little because appears in the topic “Admins can read private messages” in the “staff” category, which the search filters out unless you belong to that group.
Now it has been tested and it works very well and is very easy to use, so it’s time to explain it.
The plugin prevents the ability that the designers of Discourse gave to Administrators to read even the private messages between users. Their purpose was to prevent inappropriate and unsupervised conversations in forums using their software (with or between minors, about terrorism, drugs, etc.).
As in this forum several staff members asked to keep the possibility of totally private messages, this plugin allows a personal message to be read only by the sender and the receiver as long as they have both enabled encryption.
Encryption is enabled by generating for one time only a so called paper key going to Preferences, Security and pressing “Generate Paper Key”:
Close the window displaying the key and that’'s it. Writing a personal message (after pressing on a user’s name) the usual message window will appear, BUT with a closed green padlock:
Instead, an open grey padlock indicate that sender or receiver did not activate encryption yet. The sender will be able to send the message anyway, but unencrypted and therefore readable by administrators.
As always, you can leave your feedback or questions here.