Sharing Data (instructions)


Sending Data Securely:

Step-by-Step Instructions


It is essential that sharing any large files or sensitive information be done securely.   
Email is not suitable to this task as it is often insecure and attachments are limited to 20 MB or less.  
That is where Firefox Send comes in.   Firefox Send is a highly-secure, easy-to-use file sharing solution.
Here is how to use it:



1. Go to and click on the "Select file to upload" button to upload the file or files you want to see – or simply drag-and-drop them here:



NOTE: If you are sending more than 1 GB, create and/or sign in with your Firefox account.

2. After you select your upload files, you can (1) set them to expire after a specific number of downloads (between 1 and 100) or (2) set them to expire after a certain amount of time (between 5 minutes and 7 days).  For additional security, you can protect your files with a password, like so:


NOTE: To set the number of downloads, you must sign in with your Firefox account.

3. Click on the  "Upload"  button and your files will be combined into a zip file like this: 



NOTE: You can cancel the upload at any time.

4. After the files are uploaded, you will be given a link to send to the person(s) waiting for the files.  It will look like this:

5. Each recipient just clicks on the link, types in the password (if required), and downloads your files.  For example:


IMPORTANT: For extra security, the password should be shared over the telephone, via text or sent to a different email account.

6. After the number of downloads or the amount of time you set has been reached, the link will expire and can no longer be used.  Anyone trying will see this:


Additional Resources






Q: What kind of encryption does Firefox Send use?

A: Firefox Send utilizes the Encrypted Content Encoding defined in RFC8188 to encrypt files.  It generates a random 256-bit key that is included in the hash portion of the share URL so that it can be shared without Mozilla knowing what it is.   A 128-bit AES-GCM key is used for the file and file metadata.  Finally, HMAC SHA-256 signing key is used for request authentication.


Q: How do the downloads & time expiration settings work? 

A: Whichever comes first.   For example, if you select 100 downloads and 7 days  for the file download, if there are 100 downloads completed within a week, the link to the download will go inactive after the 100th download.  Or, if the files were downloaded only 3 times in a week, at the end of the 7th day, the download link becomes inactive.


Q: I have a lot files and folders to share.   How do I do that?

A:  Compress them into a single zip file before your upload.  Doing so will preserve the file and folder structure you have.  This is easy to do in both Windows 7 and Windows 10.  For Windows 10 directions, go to   For Windows 7 and 8.1 directions, see


Q: I work for the State of New Mexico and I'm sending files to another State agency.   Do I have to use Firefox Send?

A: No.  Firefox Send is robust, secure and easy-to-use, but it's not the only solution.   You may also use the State's Accellion Secure File Transfer system,  You will first have to register using your State email account, however.   To request access, go to


Q: How does Firefox Send protect my information, data and privacy?

A: We selected Firefox Send because of it's strong record in security and privacy protection.  For details, please read


Q: Must the recipient have or create a Firefox account to download files?

A: No.  The receiver of the download link has just to click on it to begin the downloading process.  The one possible requirement for the recipient may be to enter the password if one was created by the sender.


Q: How many unique file downloads can I schedule at one time?

A: You can have up to 16 unique active downloads scheduled at any one time.  If you require more, create and use a second Firefox Send account.


Q: How should I name the files I am sending?

A: It is important to have every file have your institution's intitials in its name, e.g., CNM_spring2019_student_figures, HED-Statewide-2018-student-stats (see below screenshot for how it appears in your browser).  There are two reasons for this: 

  1.  To easily and quickly discern what is in the file
  2.  To verify this is indeed a valid submission and not a malware attack 

To that end, if you receive a download request and are uncertain who sent it or why, do not download any of the files!  Contact your IT Service Desk for immediate assistance.










(Updated: November 26, 2019)