Phocas has a new user documentation site. This site will be retired soon.

Encrypt (share secrets)

During your Implementation process, we need you to share several secrets (such as sign-in credentials) with us and we might share secrets with you. Use our Phocas Encrypt site to securely share those secrets. We strongly discourage the sharing of secrets via email or any other third-party application, as it isn’t safe.

Phocas Encrypt is hosted within our cloud environment. It uses end-to-end encryption to create one-time links to the secrets you want to share with a single person, such as your Phocas Adoptions or Activations consultant. The secret is encrypted in the browser and stored in a database until retrieved. The secret can’t be decrypted without knowing the secret key.

Send a secret

  1. Open the Phocas Encrpt URL https://encrypt.phocassoftware.com. It’s likely you'll receive this link during the Implementation process.

  2. Select the shortest deletion time that matches your current interaction with Phocas. For example:

    • If you are on the phone with a consultant, use One Hour.

    • If you are working over email and it’s not Friday, use One Day

    • Otherwise, use One Week.

  3. Leave the One-time download and Generate decryption key checkboxes selected.

  4. Add your secret using your preferred method:

    • Use the form: In the Secret message box, type or paste in your secret information, then click Encrypt Message.

      image-20231018-032128.png
    • Upload a file: In the top-right corner, click UPLOAD then locate the file on your computer and drag and drop it into the upload area.

  5. Think about which type of link you want to use:

    • The one-click link contains both a secret ID and an encryption key. This is the easiest way to share the secret, but it does run a very small risk of exposing the secret, if someone else other than the intended recipient clicks the link first. Use this method if you think the link isn’t likely to be intercepted. If the link is intercepted, you’ll be asked to reset the password and resent the secret.

    • The short link contains only the secret ID. You then send the encryption key using another form of communication. This is the most secure way to share the secret, as you send the secret in two parts using different forms of communication. Use this method for safely sharing secrets through untrusted communication, as it only sends part of the secret, and the recipient still needs the decryption key to decrypt the message.

  1. Select how you want to share the link:

    • Copy: The link is copied to your clipboard. Paste it into your preferred communication channel and send it to the recipient.

    • Email: Your default email application opens with a draft email containing the link. Complete and send the email to the recipient.

  2. If you share a short link, copy the Decryption key and send it to the recipient using a different form of communication.

  3. Close the browser window.

Receive a secret

If you are sent a secret, you’ll receive an email or message containing the link.

Click the link to see the decrypted message or download the file, depending on the method used. If it’s a message, click Show to view the details or click Copy to copy the details to your clipboard. Use these details before closing the page, as the link only works once.

Troubleshooting: When a link doesn’t work

There are several reasons why a link doesn't work, such as if it’s already been clicked or has expired. The following image shows the information you see when there’s a problem with a link. If you are the sender, you must repeat the steps above to resend the secret. If you are the receiver, contact the sender and ask them to resend the link.