cross-posted from: https://lemmy.ml/post/1230440
Been having issues with folks logging out…then unable to decrypt after signing in again. Even tho they use their passkey, prior messages will not decrypt as they were not logged in anywhere.
So trying to understand some use-cases:
- If someone is only logged-in on their phone, go somewhere without a signal (e.g., plane, hiking), and then get signal again…will they be able to decrypt messages sent while they were offline (but never chose to sign-out)?
- If NO…will they be able to decrypt prior messages they had been able to decrypt (i.e., just not the ones sent while offline)?
- If they lose their phone (again, only source of logging in)…will they be able to backfill messages when setting up a new device with their passkey?
Sorry for the perhaps basic E2EE questions…getting traction with my family using Matrix, but worried about some spouse-acceptance concerns.
These are all good questions.
The lose of signal won’t matter. It happens to me all the time as I move from wifi to wifi.
For your third question, it depends on if you a have a key backup with a key security code. That’s something you should set up asap after your initial client login. If you do, then you can recover. You might want to look at https://github.com/vector-im/element-web/issues/16202 for more explanation. The question comes up a lot.
Regardless, I’d make sure you’re always logged in twice if you can. Do you have Element Web running alongside Matrix? If you do, keep logged in on a desktop, or laptop. Just in case you lose the phone.
Definitely have backup passphrase/passkey. But is it true that (again assuming just one device) if I log out…then later log back in with the Passkey…that messages received while signed out won’t decrypt? That will be hard to explain to family.
I had the exact same issues when I ran matrix with my friends and family. I see this as a major bug with the encryption.
AKA it’s not just you. I’ll probably encounter it again soon when I setup the server again soon and open a bug report.
I don’t care if I setup an encryption key backup at sign up. If my session should still be valid I’m not entering that long thing, I’m just quitting the use of the app. The encryption had to work and not just randomly bug out.