How can clients easily and securely send me passwords? [closed]

"Your idea of a web-based messaging system could be implemented in a few dozen lines of HTML and PHP (mostly html) on any system that had an SSL web server and GPG installed. It’s really just a very simple but specialised formmail type program. You could even hack an existing formmail CGI script to insert a call to GPG (assuming one doesn’t already exist, try Googling for formmail + GPG)

If you haven’t already done so, install gpg on your workstation and create your public & private keys
Create a php page that displays a form to accept a message (text field), encrypts it with gpg using your public key, and emails it to you. Hard-code your email address in the script (i.E don’t allow the sender to specify who to send to)
Install the php page on an existing ssl server or create one just for the task. A self-signed cert is good enough for this job.
Tell your client the url when you need them to send you a login and password.

Btw, thunderbird has the Enigmail plugin which makes using GPG encryption very easy. But it’s still probably too much trouble for casual users."

"This is a combination between a text file and a phone call:

Have your client put password in a plain text file, and then drop the text file into a password-protected zip file. (7zip is free and open-source). Have them email the encrypted .zip/.rar/.7z file to you and then call with their username and the password for the zip file.

This prevents anyone from opening the zip file, and even if they did, it's only a password, which doesn't give you anything without any other information, like username and where to use it.

Additionally, this is a way to email a ""forbidden"" file type, like a .exe, to an email client that scans attachments and inside zips. In those cases, I usually just include the password for the zipped file in the email, and it's usually ""password"". It's enough to stop email software from checking the contents, though."

"set up a Password Safe file in a shard Dropbox, so clients can add passwords as needed.

Joel describes the technique here"

"You might want to try NoteShred. It's a tool made pretty much for your exact need. You can create a secure note, send someone the link and password and have it ""shred"" it self after they read it. The note is gone and you get emailed a notification to let you know your info is destroyed.

Its free, and doesn't require any sign up.

www.noteshred.com"

"Skype's Instant Messaging is encrypted.

Now, here comes the necessary caveats: Skype is not open source so you don't know whether or not they did a terrible job or installed a government backdoor or copy all messages to Bob in IT, but the best available evidence suggests that it is secure."