I've run into this workflow problem before, but it happened again so I'm sharing.
We have a standard.
No passwords in plain-text. If passwords need to be emailed, the email will be encrypted with S/MIME.
Awesome. I have certificates, and so do my coworkers. Should be awesome!
To: coworker
From: me
Subject: Anti-spam appliance password
[The content can't be displayed because the S/MIME control isn't available]
Standard folowed, mischief managed.
To: me
From: coworker
Subject: RE: Anti-spam appliance passwordThanks! Worked great.
To: coworker
From: meuid: admin1792
pw: 92*$&diq38yljq3
https://172.2.245.11/login.cgi
Sigh.
Encryption is hard. It would be awesome if a certain mail-client defaulted to replying-in-kind to encrypted emails. But it doesn't, and users have to remember to click the button. Which they never do.
I'm guessing you're talking about Outlook, because *every other* mail client I can think of does the right thing. Encryption is hard, but for end user software it's mostly a solved problem, until something terrible comes along and breaks it. So, really, this post should be titled "Outlook is terrible". And I think no one will disagree with you there.