DokuWiki

User Tools

Site Tools

Trace:
services:matrix:encryption

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
services:matrix:encryption [2021/01/04 08:50] – Remove note on E2E being enabled for direct chats by default behrmj87services:matrix:encryption [2021/08/10 11:53] – [I've lost all my keys! What now?] update to the option to reset all keys behrmj87
Line 8: Line 8:
  
 <note warning>When logging into a new device (a different browser, a new phone, your fridge), you will only get access to your already encrypted messages //after// verifying the new session. This is explained below (and most easily done if you use Element on your phone).</note> <note warning>When logging into a new device (a different browser, a new phone, your fridge), you will only get access to your already encrypted messages //after// verifying the new session. This is explained below (and most easily done if you use Element on your phone).</note>
 +
 +==== The somewhat short story ====
 +
 +When using encryption in a room (or direct chat) all messages in that chat will be encrypted. Everyone of your clients (e.g. the webclient at meet.physik.fu-berlin.de or Element on your phone) will have a session with its own keys. This is mostly transparent to you as a user, but you must always hold either of the following to be true:
 +
 +    * Have one running session (in a browser on your computer, on your phone, wherever), so that new sessions can authenticate against the running session (cross-signing, described below), or
 +    * have access to your recovery passphrase (that you should create when you first log in) to recover your encryption keys when you log into a new session and have no other running sessions to authenticate against.
 +
 +If either of this is the case, you will keep access to your old encrypted messages, so generate a recovery passphrase and save it in your password safe.
 +
 ==== Upgrading encryption ==== ==== Upgrading encryption ====
  
Line 128: Line 138:
 {{ :services:matrix:riot_e2e_verify_user_08.png |}} {{ :services:matrix:riot_e2e_verify_user_08.png |}}
  
 +==== I've lost all my keys! What now? ====
 +
 +Sometimes it happens. Your computer and phone die at the same time and those were the only clients you were logged in at and you didn't save your passwordmanager database (hopefully you are using one) where you store your recovery keys or recovery passphrase to any other device. What now? 
 +
 +Well, all your encrypted messages, i.e. messages in rooms or private discussions were encryption was enabled, are gone and you won't get them back, but you can make yourself new recovery keys for the future (and hopefully you will safe them redundantly). To this, just click **Use Security Key or Phrase**
 +
 +{{ :services:matrix:verifylogin.png |}}
 +
 +on the verification dialog after login and instead of entering your security phrase or key, which you've lost, click the **Reset all** link on the bottom, next to *Forgotten or lost all recovery methods?*
 +
 +You will then be asked to confirm
 +
 +{{ :services:matrix:reseteverything.png |}}
  
 +And clicking **Reset** will sign out of all your old sessions and delete all keys, followed by guiding you through the procedure to generate new ones described above.
services/matrix/encryption.txt · Last modified: 2021/11/29 16:24 by behrmj87
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki