Online key backup breaks after changing password?

[ara4n]

I changed my password; after refreshing, the app claimed to be doing online key backup but empirically none of my history was visible.

This is going to break things massively for people after being told to reset passwords after security incident.....

[lampholder]

Perhaps related to #9425

I've just run some tests with a new test account, so far I have been able to:

• create encrypted rooms
• create a backup
• log out
• log in
• change password
• restore from backup
• create new encrypted rooms
• log out
• log in
• restore backup
• log out
• log in
• change password
• restore backup

Which I think demonstrates that both reading from and writing to the backup is succeeding for small key sets on matrix.org.

[lampholder]

I'll try the password-reset-by-email flow to see if that makes any difference.

@shirishag75 are you able to provide a more detailed description of what you attempted and what failure modes you experienced?

[lampholder]

From Matthew:

what i roughly did last night was:

login and enable keybackup (existing backup) on new desktop account
login and enable keybackup on iOS
change password on web
see that everything is undecryptable on web, but the dialog says it's participating in key backup with a valid sig from mobile but an invalid sig from desktop
log out of web and log in again, enter passphrase; everything worked.

[jryans]

@shirishag75 @akontsevich Thanks for the feedback, and I am sorry you are having trouble with Riot. It sounds like your issues are not related to key backup specifically, so please file new issues so we can track them separately.

[akontsevich]

@jryans, thanks, created element-hq/element-meta#1420.

[lampholder]

Deprioritising this some because we've had no other reports of it - if people do experience this please add to this issue/upvote

[aaronraimist]

@ara4n can you still reproduce this? @turt2live, @Biep and I can't reproduce this.