Use recovery keys rather than recovery pass phrases

[neilisfragile]

Place holder issue - more context to follow but in short we want to reduce sign up friction caused by asking a user to provide two passwords.

Current preference is for option B
https://www.figma.com/file/wwqBo5oAFfk8XKmtd2YaIs/Cross-signing?node-id=5050%3A31796

[t3chguy]

Covers #13766 too

[dbkr]

Questions on the design:

• What state is the client in before a recovery key is created? Is this the same as if you click 'skip' currently (ie. you can't verify and get prompted to set up if you try to)? (Actually looks like the comment about contextual titles clarifies that it is)
• The copy for web focuses on 'losing this device', although on web it's probably more likely that you'll be logged out - this could be misleading? (It also says 'may' which is not really true - if you lose your device, your data is gone for sure).

[dbkr]

Why did you close this, github?

[dbkr]

Also, the option to back up message keys is gone: do we always back up now?

[dbkr]

Another one: we currently have the "keep it safe" and "you're done!" screens after setting up: are these going away?

[ara4n]

My questions:

• Why do we need the "Complete security" page at all? It just seems to add more steps. Shouldn't we jump straight into "We've set up encryption - hey, here's your recovery key"?
• In Proposal B, I wonder if we can avoid having the "complete security" toast - after all, if this is a casual user joining a public chatroom as a guest, why do they care about DM security?
  • On the flip side, users currently don't appear as verifiable until they've set up security. Should we change this so we can try to verify anyone (even if they have no cross-signing keys), in the hope that it triggers them to set up cross-signing?

Some answers:

Also, the option to back up message keys is gone: do we always back up now?

We still need to give the option. We are not forcing people to back up message keys.

Another one: we currently have the "keep it safe" and "you're done!" screens after setting up: are these going away?

These feel redundant to me? We are trying to simplify rather than have redundant dialogs, imo.

Some thoughts:

• Tracking the questions & answers in this bug rather than in a google doc is going to be painful.

[dbkr]

We reverted the PR, so re-opening

[fbruetting]

I watched the demo from friday – very nice! However, I’d like to add that when I think about my friends, I’m pretty sure that a lot of non-technical users would be confused by getting displayed a recovery key after they have set a recovery passphrase. Would it maybe be a good idea to

a) either replace that recovery key field by a button like “Generate an additional (alternative) recovery key” which then would not show that key before being pressed,
b) or add some informational text above, that the displayed recovery key acts as an alternative to the recovery passphrase, which the user has set in the step before?

Then users would better understand of what that key is about – because currently there is absolutely no context to that key (see below). And the case that the “continue” button is green directly, does not make anybody realize that the recovery key is optional.

I’d like to mention this, because I’m sure pretty much none of my non-technical friends understands this (and even the technical ones are partly confused), because they may not have dealt with such things ever before, or just rarely occasionally. It’s very important to make everything as clear as possible in an easy language – especially right at the time of registration. I’m also sure that most friends of mine skipped this dialog back in the time, and then later got/get surprised by not being able to recover encrypted content. And the ones who are able to recover, will have set the recovery passphrase equal to the user password.

You really have to take care about people, which don’t care at all – because these people will definitively block others of using Matrix or at least get annoyed. (Believe me, that’s my current problem in our organization.)

[jryans]

It’s very important to make everything as clear as possible in an easy language – especially right at the time of registration.

We plan to soonish move this setup later in the process after registration: #13895