services:matrix:encryption
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
services:matrix:encryption [2021/04/12 12:09] – fix formatting behrmj87 | services:matrix:encryption [2021/08/10 14:21] – [The somewhat short story] behrmj87 | ||
---|---|---|---|
Line 8: | Line 8: | ||
<note warning> | <note warning> | ||
- | ==== Upgrading encryption ==== | ||
- | This step is necessary if you have used encryption in the past on your matrix.physik.fu-berlin.de account. If you have not used encryption previously, you can jump to the section [[services: | + | ==== The somewhat short story ==== |
- | If you have used encryption before | + | Some chats you encounter |
- | This concludes the upgrade. You can now on read how to verify users in // | + | * Have one running session (in a browser |
+ | * have access | ||
+ | |||
+ | This means, that if you do have encrypted | ||
+ | |||
+ | This sounds difficult, but it's not. Read on for what you need to do. | ||
==== Setting up encryption for the first time ==== | ==== Setting up encryption for the first time ==== | ||
Line 31: | Line 35: | ||
==== Verifying a session ==== | ==== Verifying a session ==== | ||
- | To access your encryption history and for other users to verify you it is necessary to verify a new session. To verify a session you can either confirm a new session from an existing session or enter your recovery passphrase. | + | To access your messages from encrypted chats, e.g. direct conversations, |
When logging in with a new device you will get prompted to verify it. | When logging in with a new device you will get prompted to verify it. | ||
- | {{ : | + | {{ : |
- | If you are logged into another session | + | The three options: |
+ | - **Use another login**, which will authenticate against a running session, e.g. on a phone or another computer. | ||
+ | - **Use Security Key or Phrase**, which works without another session, i.e. without another device, but you will need the Security Phrase or Key that you set up earlier. | ||
+ | - **Skip**, which skips authentication, | ||
+ | |||
+ | === Verifying a Sessin using a Security Phrase === | ||
+ | |||
+ | This is conceptually the easiest so, we'll discuss it first. Click **Use Security Key or Phrase** and in the screen that opens enter either your *Security Phrase* or your *Security Key*. | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | If you enter either correctly, you will be greeted by this happy screen | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | === Verifying a Sessin using a Security Phrase === | ||
+ | |||
+ | If you are logged into another session, e.g. on your phone, it's easiest to click **Use another login**. There are multiple ways how this is handled, which depends on where the other session is running, e.g. Element on phones | ||
+ | |||
+ | One method that is always available is comparing emoji shown on both devices. First you will be asked on the device with an already authenticated session whether | ||
{{ : | {{ : | ||
Line 45: | Line 68: | ||
{{ : | {{ : | ||
- | Select to continue and you will be asked for a verification method. Currently the only option is to compare a sting of emojis. | + | Select to continue and you will be asked for a verification method. |
{{ : | {{ : | ||
Line 55: | Line 78: | ||
{{ : | {{ : | ||
- | Confirm the emojis match on both devices to complete verifying the session. | + | Confirm the emojis match on both devices to complete verifying the session and you get the happy result of a verified |
- | Alternatively you can select to verify a session by using your recovery passphrase: | + | {{ :services: |
- | {{ : | ||
==== Deleting a session ==== | ==== Deleting a session ==== | ||
Line 132: | Line 154: | ||
Sometimes it happens. Your computer and phone die at the same time and those were the only clients you were logged in at and you didn't save your passwordmanager database (hopefully you are using one) where you store your recovery keys or recovery passphrase to any other device. What now? | Sometimes it happens. Your computer and phone die at the same time and those were the only clients you were logged in at and you didn't save your passwordmanager database (hopefully you are using one) where you store your recovery keys or recovery passphrase to any other device. What now? | ||
- | Well, all your encrypted messages, i.e. messages in rooms or private discussions were encryption was enabled, are gone and you won't get them back, but you can make yourself new recovery keys for the future (and hopefully you will safe them redundantly): | + | Well, all your encrypted messages, i.e. messages in rooms or private discussions were encryption was enabled, are gone and you won't get them back, but you can make yourself new recovery keys for the future (and hopefully you will safe them redundantly). To this, just click **Use Security Key or Phrase** |
+ | |||
+ | {{ :services: | ||
+ | |||
+ | on the verification dialog after login and instead of entering your security phrase or key, which you've lost, click the **Reset all** link on the bottom, next to *Forgotten or lost all recovery methods?* | ||
+ | |||
+ | You will then be asked to confirm | ||
+ | |||
+ | {{ : | ||
- | - Sign out of all your old sessions | + | And clicking **Reset** will sign out of all your old sessions |
- | - In the " | + | |
- | - Use new secure backup passphrase | + | |
- | - Verify your new sessions so that they start sharing keys. | + | |
- | - Back your new recovery keys up :) | + |
services/matrix/encryption.txt · Last modified: 2021/11/29 16:24 by behrmj87