Skip to main content

How to Recover Your Lavabit Emails

Even if you're not one of the 400,000 people who once had a Lavabit account, you may have heard of the recently shuttered encrypted-email service, which had been used by National Security Agency leaker Edward Snowden.

On Aug. 8, Lavabit gained national attention when it abruptly shut down its entire service, leaving only a vague statement on its home page that implied government pressure had something to do with the closure.

Gone with the service were the email accounts and archived email messages of Lavabit's users. But this Friday (Oct. 18), the company will briefly reactivate its servers to let users download their archived messages.

MORE: NSA Leaks 2013: A Timeline of NSA Revelations

Users will first have to go to a new Lavabit page,, to change their Lavabit passwords.

The new page reminds users that, as revealed in recently declassified court documents, the FBI forced Lavabit owner Ladar Levison to turn over the keys to the site's Secure Sockets Layer (SSL) encryption, which is what protected all Web traffic going to and from the site.

Using the SSL keys, the FBI could see the unencrypted metadata of Lavabit email messages, which essentially meant that Lavabit could no longer be a secure email provider.

If you're a Lavabit user and don't want the FBI to see your Lavabit traffic when you download your email archive, you can manually verify the Lavabit website's certificate (as opposed to relying on SSL to do it for you) using the serial number and fingerprint, which identify the website's server, provided on

Lavabit first came under federal scrutiny in May, when the FBI started to investigate Snowden after he stopped showing up to his job as an NSA systems administrator.

In June, after Snowden came forward as the leaker of top-secret NSA documents, he publicized his Lavabit email address, giving the obscure service newfound notoriety.

Email or follow her @JillScharr and Google+.  Follow us @TomsGuide, on Facebook and on Google+