services:matrix:encryption
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
services:matrix:encryption [2021/08/10 11:53] – [I've lost all my keys! What now?] update to the option to reset all keys behrmj87 | services:matrix:encryption [2021/08/10 14:39] – [The somewhat short story] behrmj87 | ||
---|---|---|---|
Line 11: | Line 11: | ||
==== The somewhat short story ==== | ==== The somewhat short story ==== | ||
- | When using encryption in a room (or direct chat) all messages in that chat will be encrypted. | + | Some chats you encounter will be encrypted. Direct conversations are encrypted by default and encryption for rooms for multiple people can be switched on. When using encryption in a room (or direct chat) all messages in that chat will be encrypted. |
* Have one running session (in a browser on your computer, on your phone, wherever), so that new sessions can authenticate against the running session (cross-signing, | * Have one running session (in a browser on your computer, on your phone, wherever), so that new sessions can authenticate against the running session (cross-signing, | ||
* have access to your recovery passphrase (that you should create when you first log in) to recover your encryption keys when you log into a new session and have no other running sessions to authenticate against. | * have access to your recovery passphrase (that you should create when you first log in) to recover your encryption keys when you log into a new session and have no other running sessions to authenticate against. | ||
- | If either of this is the case, you will keep access to your old encrypted messages, | + | This means, that if you do have encrypted messages, |
- | ==== Upgrading encryption ==== | + | This may sound difficult, but it' |
- | + | ||
- | This step is necessary if you have used encryption in the past on your matrix.physik.fu-berlin.de account. If you have not used encryption previously, you can jump to the section [[services: | + | |
- | + | ||
- | If you have used encryption before you will notice a small popup on the left side of the screen, asking you to upgrade. Click on the " | + | |
- | + | ||
- | This concludes the upgrade. You can now on read how to verify users in //*Verify a user//, or use encrypted chats without verification. | + | |
==== Setting up encryption for the first time ==== | ==== Setting up encryption for the first time ==== | ||
Line 41: | Line 35: | ||
==== Verifying a session ==== | ==== Verifying a session ==== | ||
- | To access your encryption history and for other users to verify you it is necessary to verify a new session. To verify a session you can either confirm a new session from an existing session or enter your recovery passphrase. | + | To access your messages from encrypted chats, e.g. direct conversations, |
When logging in with a new device you will get prompted to verify it. | When logging in with a new device you will get prompted to verify it. | ||
- | {{ : | + | {{ : |
+ | |||
+ | The three options: | ||
+ | - **Use another login**, which will authenticate against a running session, e.g. on a phone or another computer. | ||
+ | - **Use Security Key or Phrase**, which works without another session, i.e. without another device, but you will need the Security Phrase or Key that you set up earlier. | ||
+ | - **Skip**, which skips authentication, | ||
+ | |||
+ | === Verifying a Sessin using a Security Phrase === | ||
+ | |||
+ | This is conceptually the easiest so, we'll discuss it first. Click **Use Security Key or Phrase** and in the screen that opens enter either your *Security Phrase* or your *Security Key*. | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | If you enter either correctly, you will be greeted by this happy screen | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | === Verifying a Sessin using a Security Phrase === | ||
+ | |||
+ | If you are logged into another session, e.g. on your phone, it's easiest to click **Use another login**. There are multiple ways how this is handled, which depends on where the other session is running, e.g. Element on phones will allow you to do this via scanning a QR code. All methods do require, though, that you have the device where the other session is running on *at hand* otherwise the whole process will block waiting for you to do something on the other device, which is hard to do, if it's far away. | ||
- | If you are logged into another session there will be a popup asking you to verify | + | One method that is always available is comparing emoji shown on both devices. First you will be asked on the device with an already authenticated session whether |
{{ : | {{ : | ||
Line 55: | Line 68: | ||
{{ : | {{ : | ||
- | Select to continue and you will be asked for a verification method. Currently the only option is to compare a sting of emojis. | + | Select to continue and you will be asked for a verification method. |
{{ : | {{ : | ||
Line 65: | Line 78: | ||
{{ : | {{ : | ||
- | Confirm the emojis match on both devices to complete verifying the session. | + | Confirm the emojis match on both devices to complete verifying the session and you get the happy result of a verified |
- | Alternatively you can select to verify a session by using your recovery passphrase: | + | {{ :services: |
- | {{ : | ||
==== Deleting a session ==== | ==== Deleting a session ==== |
services/matrix/encryption.txt · Last modified: 2021/11/29 16:24 by behrmj87