E2E: key backup should not accept empty password #8814
Comments
|
If I understand you correctly this is a supported operation - if you set a passphrase you are essentially encrypting that recovery key and storing it on our server, but if you just download it they key lives only on your hard drive (and never touches our servers, encrypted or otherwise). If this is what happened (and everything worked as it should) then we should review the UX to see if we can make this clearer. |
|
I also ran into this. I:
After this, IIRC the key backup interface was closed. Looking at my settings, key backup is setup, but I have no clue about the passphrase. It could be that it's empty, as @niki-sp suggests, but when I click "Restore from backup" (or "Use key backup" in another browser), I get asked for the recovery key (though I expected to be asked for a passphrase, so it took me a few times to notice that it asked for the recovery key instead). In any case, the recovery key is advertised to be use "when you forget your passphrase", so I had expected to be able to set a passphrase as well as download the recovery key, but I suspect I should have set a passphrase and only afterwards download the recovery key (which I later noticed is offered). Perhaps the recovery key thing before setting a passphrase should be advertised as allowing to use a recovery key instead of a passphrase? |
|
A slightly related remark is that currently the Riot UI uses the terms "Recovery passphrase" and "Recovery key". In normal usage, you would probably set and use a passphrase (e.g. whenever you log in) and only use the recovery key to recover if you forgot the passphrase. It seems weird to call the passphrase "recovery passphrase", since I'm using it under normal circumstances. Also, it's called just "passphrase" when you set it, and "recovery passphrase" when you need to enter it later I believe. Perhaps this should be a separate issue? |
Yeah it certainly doesn't seem like good UX at the moment. Steps to reproduce:
|
|
The UI has changed significantly and I cannot reproduce the issue any more. I'm going to close it for now. Please comment with @kittykat if you are still experiencing the problem and I can reopen the issue for you. |
su-ex
added a commit
to SchildiChat/element-web
that referenced
this issue
Jul 7, 2022
* Remove Piwik support ([\element-hq#8835](matrix-org/matrix-react-sdk#8835)). * Document how to configure a custom `home.html`. ([\element-hq#21066](element-hq#21066)). Contributed by @johannes-krude. * Move New Search Experience out of beta ([\element-hq#8859](matrix-org/matrix-react-sdk#8859)). Contributed by @justjanne. * Switch video rooms to spotlight layout when in PiP mode ([\element-hq#8912](matrix-org/matrix-react-sdk#8912)). Fixes element-hq#22574. * Live location sharing - render message deleted tile for redacted beacons ([\element-hq#8905](matrix-org/matrix-react-sdk#8905)). Contributed by @kerryarchibald. * Improve view source dialog style ([\#8883](matrix-org/matrix-react-sdk#8883)). Fixes element-hq#22636. Contributed by @luixxiul. * Improve integration manager dialog style ([\element-hq#8888](matrix-org/matrix-react-sdk#8888)). Fixes element-hq#22642. Contributed by @luixxiul. * Implement MSC3827: Filtering of `/publicRooms` by room type ([\element-hq#8866](matrix-org/matrix-react-sdk#8866)). Fixes element-hq#22578. * Show chat panel when opening a video room with unread messages ([\element-hq#8812](matrix-org/matrix-react-sdk#8812)). Fixes element-hq#22527. * Live location share - forward latest location ([\element-hq#8860](matrix-org/matrix-react-sdk#8860)). Contributed by @kerryarchibald. * Allow integration managers to validate user identity after opening ([\element-hq#8782](matrix-org/matrix-react-sdk#8782)). Contributed by @Half-Shot. * Create a common header on right panel cards on BaseCard ([\element-hq#8808](matrix-org/matrix-react-sdk#8808)). Contributed by @luixxiul. * Integrate searching public rooms and people into the new search experience ([\element-hq#8707](matrix-org/matrix-react-sdk#8707)). Fixes element-hq#21354 and element-hq#19349. Contributed by @justjanne. * Bring back waveform for voice messages and retain seeking ([\element-hq#8843](matrix-org/matrix-react-sdk#8843)). Fixes element-hq#21904. * Improve colors in settings ([\element-hq#7283](matrix-org/matrix-react-sdk#7283)). * Keep draft in composer when a slash command syntax errors ([\element-hq#8811](matrix-org/matrix-react-sdk#8811)). Fixes element-hq#22384. * Release video rooms as a beta feature ([\element-hq#8431](matrix-org/matrix-react-sdk#8431)). * Clarify logout key backup warning dialog. Contributed by @notramo. ([\element-hq#8741](matrix-org/matrix-react-sdk#8741)). Fixes element-hq#15565. Contributed by @MadLittleMods. * Slightly improve the look of the `Message edits` dialog ([\element-hq#8763](matrix-org/matrix-react-sdk#8763)). Fixes element-hq#22410. * Add support for MD / HTML in room topics ([\element-hq#8215](matrix-org/matrix-react-sdk#8215)). Fixes element-hq#5180. Contributed by @Johennes. * Live location share - link to timeline tile from share warning ([\element-hq#8752](matrix-org/matrix-react-sdk#8752)). Contributed by @kerryarchibald. * Improve composer visiblity ([\element-hq#8578](matrix-org/matrix-react-sdk#8578)). Fixes #22072 and element-hq#17362. * Makes the avatar of the user menu non-draggable ([\element-hq#8765](matrix-org/matrix-react-sdk#8765)). Contributed by @luixxiul. * Improve widget buttons behaviour and layout ([\element-hq#8734](matrix-org/matrix-react-sdk#8734)). * Use AccessibleButton for 'Reset All' link button on SetupEncryptionBody ([\element-hq#8730](matrix-org/matrix-react-sdk#8730)). Contributed by @luixxiul. * Adjust message timestamp position on TimelineCard in non-bubble layouts ([\element-hq#8745](matrix-org/matrix-react-sdk#8745)). Fixes element-hq#22426. Contributed by @luixxiul. * Use AccessibleButton for 'In reply to' link button on ReplyChain ([\element-hq#8726](matrix-org/matrix-react-sdk#8726)). Fixes element-hq#22407. Contributed by @luixxiul. * Live location share - enable reply and react to tiles ([\element-hq#8721](matrix-org/matrix-react-sdk#8721)). Contributed by @kerryarchibald. * Change dash to em dash issues fixed ([\element-hq#8455](matrix-org/matrix-react-sdk#8455)). Fixes element-hq#21895. Contributed by @goelesha. * Reduce video rooms log spam ([\element-hq#22665](element-hq#22665)). * Connect to Jitsi unmuted by default ([\element-hq#22660](element-hq#22660)). Fixes element-hq#22637. * Work around a Jitsi bug with display name encoding ([\element-hq#22525](element-hq#22525)). Fixes element-hq#22521. * Make invite dialogue fixed height ([\element-hq#8945](matrix-org/matrix-react-sdk#8945)). * Correct issue with tab order in new search experience ([\element-hq#8919](matrix-org/matrix-react-sdk#8919)). Fixes element-hq#22670. Contributed by @justjanne. * Clicking location replies now redirects to the replied event instead of opening the map ([\element-hq#8918](matrix-org/matrix-react-sdk#8918)). Fixes element-hq#22667. * Keep clicks on pills within the app ([\element-hq#8917](matrix-org/matrix-react-sdk#8917)). Fixes element-hq#22653. * Don't overlap tile bubbles with timestamps in modern layout ([\element-hq#8908](matrix-org/matrix-react-sdk#8908)). Fixes element-hq#22425. * Connect to Jitsi unmuted by default ([\element-hq#8909](matrix-org/matrix-react-sdk#8909)). * Maximize width value of display name on TimelineCard with IRC/modern layout ([\element-hq#8904](matrix-org/matrix-react-sdk#8904)). Fixes element-hq#22651. Contributed by @luixxiul. * Align the avatar and the display name on TimelineCard ([\element-hq#8900](matrix-org/matrix-react-sdk#8900)). Contributed by @luixxiul. * Remove inline margin from reactions row on IRC layout ([\element-hq#8891](matrix-org/matrix-react-sdk#8891)). Fixes element-hq#22644. Contributed by @luixxiul. * Align "From a thread" on search result panel on IRC layout ([\element-hq#8892](matrix-org/matrix-react-sdk#8892)). Fixes element-hq#22645. Contributed by @luixxiul. * Display description of E2E advanced panel as subsection text ([\element-hq#8889](matrix-org/matrix-react-sdk#8889)). Contributed by @luixxiul. * Remove inline end margin from images on file panel ([\element-hq#8886](matrix-org/matrix-react-sdk#8886)). Fixes element-hq#22640. Contributed by @luixxiul. * Disable option to `Quote` when we don't have sufficient permissions ([\element-hq#8893](matrix-org/matrix-react-sdk#8893)). Fixes element-hq#22643. * Add padding to font scaling loader for message bubble layout ([\element-hq#8875](matrix-org/matrix-react-sdk#8875)). Fixes element-hq#22626. Contributed by @luixxiul. * Set 100% max-width to display name on reply tiles ([\element-hq#8867](matrix-org/matrix-react-sdk#8867)). Fixes element-hq#22615. Contributed by @luixxiul. * Fix alignment of pill letter ([\element-hq#8874](matrix-org/matrix-react-sdk#8874)). Fixes element-hq#22622. Contributed by @luixxiul. * Move the beta pill to the right side and display the pill on video room only ([\element-hq#8873](matrix-org/matrix-react-sdk#8873)). Fixes element-hq#22619 and element-hq#22620. Contributed by @luixxiul. * Stop using absolute property to place beta pill on RoomPreviewCard ([\element-hq#8872](matrix-org/matrix-react-sdk#8872)). Fixes element-hq#22617. Contributed by @luixxiul. * Make the pill text single line ([\element-hq#8744](matrix-org/matrix-react-sdk#8744)). Fixes element-hq#22427. Contributed by @luixxiul. * Hide overflow of public room description on spotlight dialog result ([\element-hq#8870](matrix-org/matrix-react-sdk#8870)). Contributed by @luixxiul. * Fix position of message action bar on the info tile on TimelineCard in message bubble layout ([\#8865](matrix-org/matrix-react-sdk#8865)). Fixes element-hq#22614. Contributed by @luixxiul. * Remove inline start margin from display name on reply tiles on TimelineCard ([\element-hq#8864](matrix-org/matrix-react-sdk#8864)). Fixes element-hq#22613. Contributed by @luixxiul. * Improve homeserver dropdown dialog styling ([\element-hq#8850](matrix-org/matrix-react-sdk#8850)). Fixes element-hq#22552. Contributed by @justjanne. * Fix crash when drawing blurHash for portrait videos PSB-139 ([\element-hq#8855](matrix-org/matrix-react-sdk#8855)). Fixes element-hq#22597. Contributed by @andybalaam. * Fix grid blowout on pinned event tiles ([\element-hq#8816](matrix-org/matrix-react-sdk#8816)). Fixes element-hq#22543. Contributed by @luixxiul. * Fix temporary sync errors if there's weird settings stored in account data ([\element-hq#8857](matrix-org/matrix-react-sdk#8857)). * Fix reactions row overflow and gap between reactions ([\#8813](matrix-org/matrix-react-sdk#8813)). Fixes element-hq#22093. Contributed by @luixxiul. * Fix issues with the Create new room button in Spotlight ([\element-hq#8851](matrix-org/matrix-react-sdk#8851)). Contributed by @justjanne. * Remove margin from E2E icon between avatar and hidden event ([\element-hq#8584](matrix-org/matrix-react-sdk#8584)). Fixes element-hq#22186. Contributed by @luixxiul. * Fix waveform on a message bubble ([\#8852](matrix-org/matrix-react-sdk#8852)). Contributed by @luixxiul. * Location sharing maps are now loaded after reconnection ([\element-hq#8848](matrix-org/matrix-react-sdk#8848)). Fixes element-hq#20993. * Update the avatar mask so it doesn’t cut off spaces’ avatars anymore ([\element-hq#8849](matrix-org/matrix-react-sdk#8849)). Contributed by @justjanne. * Add a bit of safety around timestamp handling for threads ([\element-hq#8845](matrix-org/matrix-react-sdk#8845)). * Remove top margin from event tile on a narrow viewport ([\element-hq#8814](matrix-org/matrix-react-sdk#8814)). Contributed by @luixxiul. * Fix keyboard shortcuts on settings tab being wrapped ([\element-hq#8825](matrix-org/matrix-react-sdk#8825)). Fixes element-hq#22547. Contributed by @luixxiul. * Add try-catch around blurhash loading ([\element-hq#8830](matrix-org/matrix-react-sdk#8830)). * Prevent new composer from overflowing from non-breakable text ([\element-hq#8829](matrix-org/matrix-react-sdk#8829)). Fixes element-hq#22507. Contributed by @justjanne. * Use common subheading on sidebar user settings tab ([\element-hq#8823](matrix-org/matrix-react-sdk#8823)). Contributed by @luixxiul. * Fix clickable area of advanced toggle on appearance user settings tab ([\element-hq#8820](matrix-org/matrix-react-sdk#8820)). Fixes element-hq#22546. Contributed by @luixxiul. * Disable redacting reactions if we don't have sufficient permissions ([\element-hq#8767](matrix-org/matrix-react-sdk#8767)). Fixes element-hq#22262. * Update the live timeline when the JS SDK resets it ([\element-hq#8806](matrix-org/matrix-react-sdk#8806)). Fixes element-hq#22421. * Fix flex blowout on image reply ([\element-hq#8809](matrix-org/matrix-react-sdk#8809)). Fixes element-hq#22509 and element-hq#22510. Contributed by @luixxiul. * Enable background color on hover for chat panel and thread panel ([\element-hq#8644](matrix-org/matrix-react-sdk#8644)). Fixes element-hq#22273. Contributed by @luixxiul. * Fix element-hq#20026: send read marker as soon as we change it ([\element-hq#8802](matrix-org/matrix-react-sdk#8802)). Fixes element-hq#20026. Contributed by @andybalaam. * Allow AppTiles to shrink as much as necessary ([\element-hq#8805](matrix-org/matrix-react-sdk#8805)). Fixes element-hq#22499. * Make widgets in video rooms immutable again ([\element-hq#8803](matrix-org/matrix-react-sdk#8803)). Fixes element-hq#22497. * Use MessageActionBar style declarations on pinned message card ([\element-hq#8757](matrix-org/matrix-react-sdk#8757)). Fixes element-hq#22444. Contributed by @luixxiul. * Expire video member events after 1 hour ([\element-hq#8776](matrix-org/matrix-react-sdk#8776)). * Name lists on invite dialog ([\element-hq#8046](matrix-org/matrix-react-sdk#8046)). Fixes element-hq#21400 and element-hq#19463. Contributed by @luixxiul. * Live location share - show loading UI for beacons with start timestamp in the future ([\element-hq#8775](matrix-org/matrix-react-sdk#8775)). Fixes element-hq#22437. Contributed by @kerryarchibald. * Fix scroll jump issue with the composer ([\element-hq#8788](matrix-org/matrix-react-sdk#8788)). Fixes element-hq#22464. * Fix the incorrect nesting of download button on MessageActionBar ([\element-hq#8785](matrix-org/matrix-react-sdk#8785)). Contributed by @luixxiul. * Revert link color change in composer ([\element-hq#8784](matrix-org/matrix-react-sdk#8784)). Fixes element-hq#22468. * Fix 'Logout' inline link on the splash screen ([\element-hq#8770](matrix-org/matrix-react-sdk#8770)). Fixes element-hq#22449. Contributed by @luixxiul. * Fix disappearing widget poput button when changing the widget layout ([\element-hq#8754](matrix-org/matrix-react-sdk#8754)). * Reduce gutter with the new read receipt UI ([\element-hq#8736](matrix-org/matrix-react-sdk#8736)). Fixes element-hq#21890. * Add ellipsis effect to hidden beacon status ([\element-hq#8755](matrix-org/matrix-react-sdk#8755)). Fixes element-hq#22441. Contributed by @luixxiul. * Make the pill on the basic message composer compatible with display name in RTL languages ([\element-hq#8758](matrix-org/matrix-react-sdk#8758)). Fixes element-hq#22445. Contributed by @luixxiul. * Prevent the banner text from being selected, replacing the spacing values with the variable ([\element-hq#8756](matrix-org/matrix-react-sdk#8756)). Fixes element-hq#22442. Contributed by @luixxiul. * Ensure the first device on a newly-registered account gets cross-signed properly ([\element-hq#8750](matrix-org/matrix-react-sdk#8750)). Fixes element-hq#21977. Contributed by @duxovni. * Hide live location option in threads composer ([\#8746](matrix-org/matrix-react-sdk#8746)). Fixes element-hq#22424. Contributed by @kerryarchibald. * Make sure MessageTimestamp is not hidden by EventTile_line on TimelineCard ([\#8748](matrix-org/matrix-react-sdk#8748)). Contributed by @luixxiul. * Make PiP motion smoother and react to window resizes correctly ([\element-hq#8747](matrix-org/matrix-react-sdk#8747)). Fixes element-hq#22292. * Prevent Invite and DevTools dialogs from being cut off ([\#8646](matrix-org/matrix-react-sdk#8646)). Fixes element-hq#20911 and undefined/matrix-react-sdk#8165. Contributed by @justjanne. * Squish event bubble tiles less ([\element-hq#8740](matrix-org/matrix-react-sdk#8740)). * Use random widget IDs for video rooms ([\element-hq#8739](matrix-org/matrix-react-sdk#8739)). Fixes element-hq#22417. * Fix read avatars overflow from the right chat panel with a maximized widget on bubble message layout ([\element-hq#8470](matrix-org/matrix-react-sdk#8470)). Contributed by @luixxiul. * Fix `CallView` crash ([\element-hq#8735](matrix-org/matrix-react-sdk#8735)). Fixes element-hq#22394.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Completing key backup setup with empty password should be impossible.
Steps to reproduce
I started key backup setup process and looked at possibilities. After downloading recovery-key.txt the key backup setup process finished without password.
Version information
riot-web: 1.0.1
olm: 3.0.0
The text was updated successfully, but these errors were encountered: