path: root/src/content/docs/overview/faq.mdx

---
title: Frequently Asked Questions (FAQ)
sidebar:
  label: FAQ
  order: 4
---

import { Aside } from "@astrojs/starlight/components";

## How can I obtain and start using GpgFrontend?

You can download the latest version of GpgFrontend from [GpgFrontend's Downloads
Page](/overview/downloads) and choose the installation method for your platform.

## Which operating systems does GpgFrontend support?

GpgFrontend is a cross-platform application that supports Windows, macOS, and
Linux, making it accessible to nearly all users for their privacy and data
protection needs.

## How do I update GpgFrontend to the latest version?

You can always get the latest stable or nightly release from the Downloads Page.
On Windows, simply run the new installer. On macOS and Linux, replace the old
app or AppImage with the new version. Your settings and keys will be preserved
unless noted otherwise in the release notes.

## Why isn't GpgFrontend available on the Apple Store?

GpgFrontend is not available on the Apple Store because GnuPG (which GpgFrontend
depends on) cannot function properly inside the App Sandbox required by macOS
App Store policies. The App Sandbox restricts system-level access needed for
secure key management and encryption operations. For full functionality and
security, GpgFrontend must be installed outside of the App Store environment.

## How do OpenPGP, PGP, and GnuPG (GPG) relate?

- **OpenPGP** is the open standard ([RFC
  4880](https://www.rfc-editor.org/rfc/rfc4880)) for encrypted email, files, and
  digital signatures.
- **PGP** was the original proprietary software created in the 1990s; it is now
  rarely used, but its name is sometimes used informally to mean the OpenPGP
  standard.
- **GnuPG (GPG)** is the most widely used free, open-source implementation of
  the OpenPGP standard.

Today, when people talk about "PGP encryption," they almost always mean the
OpenPGP standard, and the tool they actually use is GnuPG (GPG) or another
compatible app. GpgFrontend is a user-friendly front-end for GnuPG, making
OpenPGP encryption easy for everyone.

## Why does GpgFrontend require GnuPG?

GpgFrontend is a user-friendly interface that relies on GnuPG (GPG) to handle all cryptographic operations.
This approach provides:

- Security: GnuPG is a widely audited and trusted open-source encryption tool. By using it directly, GpgFrontend avoids the risks of re-implementing cryptographic algorithms.
- Trust & Control: Users can install and verify their own trusted GnuPG, ensuring transparency and independence.
- Compatibility: Delegating crypto operations to GnuPG ensures GpgFrontend works seamlessly with the entire OpenPGP ecosystem (including standard keys, files, and signatures).

In short: GpgFrontend is your control panel; GnuPG is the secure engine.

## Why choose GPG/OpenPGP over other encryption solutions?

- Open Source and Audited: GPG is open-source, free, and maintained by a broad
  community. Its code has been reviewed for decades, ensuring security and
  trust.
- No Vendor Lock-In: Fully standards-based. Works across major platforms, email
  clients, and tools. Your keys and data stay portable.
- Comprehensive Features: Supports symmetric/asymmetric encryption, digital
  signatures, key management, key revocation, and a robust web-of-trust model.
- Transparency and Control: All encryption processes are visible and
  configurable. You decide how your data is secured—no hidden algorithms or
  automation.
- Interoperability: Compatible with any OpenPGP-compliant software, ensuring
  your data is accessible and exchangeable.

Proprietary or closed-source tools may restrict platform compatibility, hide how
data is encrypted, or lock you into their ecosystem.

<Aside>
  GPG/OpenPGP lets you choose your own balance of privacy and convenience. It’s
  like a “manual transmission” for digital security—maximum control, no forced
  automation, and nothing is hidden unless you want it to be.
</Aside>

## How secure is GPG?

When used correctly, GPG provides strong cryptographic protection:

- Strong algorithms and key sizes are available, in line with modern standards.
- Open source: Its code is continually reviewed by global experts.
- No central data leaks: No major vulnerability has ever led to a mass
  compromise of GPG private keys.
- Common risks arise from user error—weak passphrases, mishandled keys, device
  malware—not GPG itself.

Bottom line: Your keys and passphrase security are just as important as the
software you use.

## Has GnuPG ever been successfully attacked?

According to the official [GnuPG FAQ 11.8](https://gnupg.org/faq/gnupg-faq.html#successful_attacks):

> “If you mean, ‘has GnuPG traffic ever been successfully cryptanalyzed?’, the
> answer is a flat ‘no’. We are unaware of any credible reports of any of the
> ciphers used in GnuPG having ever been successfully cryptanalyzed.”

## What makes GPG/OpenPGP unique compared to instant messengers or built-in encryption?

- No accounts or servers: You don’t need to register or rely on any
  service—maximum privacy, even with strangers.
- Long-term trust: Keys can be used for years, supporting file/email/software
  signing and “web of trust.”
- Works offline: Encrypt/sign files for transfer over any medium, no internet
  required.
- Manual & transparent: Everything is under your control, with no forced
  automation or cloud syncing.

Instant messengers (Signal, Matrix, etc.) are great for real-time communication
but require accounts, central servers, and frequent key changes—less suitable
for offline or anonymous use.

## When is GPG/OpenPGP the best tool?

- Secure file exchange with strangers: Journalists, whistleblowers, or anyone
  needing anonymous document transfer.
- Publishing signed content: Software releases, scientific results, public
  statements needing long-term verification.
- Air-gapped environments: Moving encrypted data between computers never
  connected to the internet.
- Maximum auditability: Every cryptographic operation is visible and
  inspectable.

## Can I use GPG with keys or data from other programs?

Yes. If your keys and encrypted data are in an OpenPGP-compatible format, GnuPG
and GpgFrontend can work with them. This includes most keys and data from
compliant GPG or legacy PGP programs.

## Why not just use password-based encryption?

Public-key encryption (like GPG) is more flexible and secure:

- No need to share passwords in advance—just publish your public key.
- Anyone can encrypt for you, even if you’ve never met.
- Digital signatures prove authorship and integrity.
- Keys can be revoked or rotated at any time without breaking old data.

## What if I see "GnuPG not installed correctly"?

This issue typically arises when GpgFrontend cannot locate GnuPG on your system.
Here are steps to address this based on your operating system:

- For macOS Users: Install GnuPG using Homebrew with `brew install gnupg`.
- For Linux Users: Install GnuPG via your package manager (apt, yum, etc.).
- For Windows Users: New versions include GnuPG; or get it
  [here](https://www.gnupg.org/ftp/gcrypt/binary/).

## Where can I find more help?

For more detailed guidance, refer to the quick start manual available at
[Getting Started Guide](/overview/getting-started).

## How do I import or export keys in GpgFrontend?

Use the Key Management section to import or export public/private keys. You can
also drag-and-drop key files directly into the application's Key ToolBox.

## Can I encrypt and decrypt files as well as text?

Yes, GpgFrontend supports both text and file encryption/decryption. Use the
dedicated file options in the main interface to protect or unlock files.

## What are Nightly versions?

Automatically generated experimental builds with new features/fixes under
testing. Less stable than official releases, may have breaking changes, and are
not GPG-signed. Not recommended for production. Always verify the SHA256
checksum. Please report feedback/issues on GitHub.

## How does GpgFrontend handle passphrases or PINs?

GpgFrontend never processes or stores your GPG key passphrases or smart card
PINs. All PIN entry is securely handled by GnuPG’s pinentry, independent from
GpgFrontend.

For app-specific encryption (e.g., KeyPackage), passphrases/PINs are used only
in memory and immediately cleared. Advanced users can enable PIN caching and
adjust security levels.

## Can lost passwords or keys be recovered?

No, for your security, neither GpgFrontend nor the developer can recover lost
passwords or private keys. Make sure to back up your private key and remember
your passphrase!

## How does GpgFrontend ensure secure communications?

It uses GnuPG to implement OpenPGP with robust encryption algorithms. Only
intended recipients can decrypt your messages.

## Does GpgFrontend support OpenPGP smart cards or tokens?

Yes, if your GnuPG supports smart cards. Manage your smart cards directly via
the SmartCard Controller.

## Is GpgFrontend available in my language?

GpgFrontend supports multiple languages. You can change the display language
from the `Settings > General` tab. Want to help translate? See the [contribution
guide](/appendix/translate-interface) on GitHub!

## What data does GpgFrontend collect?

GpgFrontend does not collect or transmit any personal or usage data. All
cryptographic operations are performed locally. Update checks can be disabled,
and no tracking or analytics are built in.

## How can I request a new feature?

You can suggest new features by opening an issue on GitHub or contacting the
maintainer directly.

## Found a bug?

If you encounter any issues with GpgFrontend, please report them via the GitHub
repository. You can also contact me directly if you're not on GitHub; see the
[Contact](/overview/contact) section for details.

## Interested in contributing?

Feel free to modify GpgFrontend's code and submit a Pull Request with your
enhancements. You can also send patches via email if you prefer to contribute
anonymously.