With Pidgin and OTR, your online conversations can be easy, secure and private

Pidgin

PidginPidgin is a convenient, free and easy to use solution to stay in touch with your friends and family. This open source chat client allows you to connect to all your IM accounts simultaneously.One of the advantages of Pidgin is that it offers a strong level of security, as well as support for a wide range of third-party applications.

Pidgin works with Windows and Linux. Their sister messaging client Adium, is the alternative for OS X users. You can use Pidgin with chat networks such as MSN Messenger, Google Hangouts, AIM, ICQ, Yahoo!, IRC and more. While it’s not possible to chat across different platforms, you can access your accounts in multiple services at the same time.

Many of the features that you enjoy with these chat services are available with Pidgin such as file transfers, emoticons and typing notifications. There are also plugins that expand Pidgin’s functionality. It’s pretty great.

OTR

OTROTR, which stands for Off the Record, is a plugin that was originally designed for Pidgin and enhances the security of your conversations thanks to encryption and authentication.

In terms of encryption, it uses AES and SHA-1 function to make your communications safe and inaccessible to third parties. Authentication ensures that your conversation is not intercepted by confirming that the person you are talking to is actually who they are supposed to be. OTR also ensures that your messages cannot be checked by a third party, even after the conversation is finished.

Another feature is called Perfect Forward Secrecy, which ensures that each conversation is secured individually. This means that even if a particular conversation is compromised, there won’t be risk for any previous chats. Here are the steps to setup Pidgin and OTR and ensure that you can enjoy convenience and security while you chat.

How to Setup Pidgin with OTR

Part 1: Pidgin

  1. Download Pidgin from pidgin.im. Make sure that you get the latest version as they are constantly updating their client and enhancing its security. Install it, without running it until you install the OTR plugin.
  2. Download OTR from https://otr.cypherpunks.ca and install it.
  3. Run Pidgin. You will be asked to configure an initial IM account so you will need to click on Add and select one of the services you usually use.
  4. Enter the details required, which would vary depending on the service, but may include username and password. Once you have filled in all the information, click Add. Your list of IM contacts will appear in the Buddies list. You can add new contacts by clicking on Add Buddy and following the instructions. The “Remember Password” option should never be marked if you are using a shared computer.
 Once the Pidgin app is setup as your chat client, you will need to configure the OTR plugin. Keep in mind that you and your contacts should have the plugin installed and enabled. If one of the parties in the conversation is not using OTR, they will receive a notification to make them aware and requests them to get it from the OTR website.

Part 2: OTR

  1. To enable the plugin, go to Tools and select Plugins. Scroll down to Off-the-Record Messaging, tick the check box, click on the plugin name and choose “Configure Plugin”.
  2. Click the “Generate” button to create a unique private key. Make sure that “Automatically initiate private messaging” and “Don’t log OTR conversations” are ticked. These options will maintain the security of your chats.
  3. When the unique key has been generated, select OK. Below the unique private key you will see a combination of letters and numbers, which is your fingerprint. The private key for your account will be used to encrypt all your conversations.  The steps to generate this key should also be followed by your contacts.
  4. Click twice on the Buddy you want to talk to. The “Not Private” button will appear highlighted in red. Click this button and choose “Start private conversation”. This will ensure that the conversation is secure and private.
  5. In order to verify the identity of the person you are talking to, you need to use an authentication method. There are different options such as Shared Secret, Question and Answer and Manual Fingerprint verification. You will need to communicate with your buddy before hand to  arrange the authentication method. This should be done in person, otherwise it is recommended that you use an encrypted email service for enhanced security.
  6. Once the authentication method has been pickws, click on the OTR menu and then “Authenticate Buddy”. Select the preferred method, making sure that the answers match exactly. Once you do that, authentication will be completed and you can start the conversation privately and with confidence.

Conclusion

Pidgin is not easy to set up and use but offers a convenient way to manage all your IM accounts. With OTR, it also becomes a secure and private way to chat. Visit our complete guide for more tips on improving your online privacy.