"Security Key" wording is confusing when it really wants the recovery key

[Perelandra0x309]

Description

After logging into a new session in Element, I was attempting to verify my session with another Element user when the window in the screenshot above appeared. I was not sure what a "Security Key" was so I closed the window without attempting to enter anything into the prompt.

After poking around for a while I discovered this same window pops up when I start a "Restore from Backup" in the "Security & Privacy" section of my settings. Within this context (manually starting a restore) I had the idea it might be the recovery key. Indeed just typing any text in the prompt revealed the error message shown in red confirming that it is actually the "Recovery Key" it is looking for.

In the context of doing a session validation, this pop up window is confusing because it is not clear what the window is trying to accomplish. I do not expect to need to be using my recovery key to complete just a session verification, they seem to be two completely different things, and the use of the phrase "Security Key" does not help to make it clear that the "Recovery Key" is what is actually needed (or why it is needed).

Steps to reproduce

• Be in an encrypted room with another Element user and have your and their sessions verified
• In "Security & Privacy" settings have Secure Backup enabled.
• Have only one session for this user (shown under "Cryptography).
• Use the "Export E2E rooms keys" in the same settings section and save with a password.
• Log out of Element.
• Log back in
• Use the "Import E2E room keys" in the settings.
• Start a session verification with the Element user in the encrypted room from the first step (because the log out/log in made this a new unverified session).
• Complete the verification process
• After completing the verification the above window pops up asking for a "Security Key".

Describe how what happens differs from what you expected.

This window is not expected at all, and it is unclear what it is trying to do in the context of a session verification.

Logs being sent: no

Version information

• Platform: desktop
• OS: macOS
• Version: 1.7.9

[jryans]

Hmm, sorry for the confusion. I think the root cause here is that we've changed terminology several times. For new users, they should be seeing terms "Security Phrase" and "Security Key", so for those people the dialog makes sense as-is, but it's more confusing for existing users, since the naming change was never highlighted or explained.

[jryans]

Also, there's lingering uses of "Recovery Key" still, as you have found in the validation message, so those should likely be replaced.

[Perelandra0x309]

Thank you for the explanation. I had not been aware of this change. I did look on the Element.io help page and the blog and was not able to find any mention of a Security Key, so I was at a loss as to what it was. It is still referenced as a recovery key in the "Security & Privacy" settings as well:

Also I am unsure what is the difference between the online "Secure Backup" which backs up my "encryption keys" and the buttons further down in the settings under "Cryptography" which enables the exporting and importing of room keys? I thought that by doing an export of the E2E room keys, then logging out and back on, then importing the E2E room keys I was getting all the keys I needed back into the new session. Why does a session verification trigger the restoration of keys from online backup if I already have imported the keys? Or is the E2E room key export and the Secure Backup saving different keys?

Is there a reason for the name change? Is the nature of this key different than before? When I think of a recovery key I imagine I never need to use it unless as a last resort to recover my account in the event of a lost password and losing all open sessions. If this is being used now as a way to restore keys from online backup even while successfully logged in to a session then this name change makes more sense but this change does need to be highlighted so that such a fundamental change is understood by long time users of the platform. A blog post would be a great thing to have on this subject.

[jryans]

Thank you for the explanation. I had not been aware of this change. I did look on the Element.io help page and the blog and was not able to find any mention of a Security Key, so I was at a loss as to what it was.

Right, the help page is quite outdated at this point. Hopefully it can be updated in the near future.

It is still referenced as a recovery key in the "Security & Privacy" settings as well:

Thanks, another one to clean up.

Also I am unsure what is the difference between the online "Secure Backup" which backs up my "encryption keys" and the buttons further down in the settings under "Cryptography" which enables the exporting and importing of room keys? I thought that by doing an export of the E2E room keys, then logging out and back on, then importing the E2E room keys I was getting all the keys I needed back into the new session. Why does a session verification trigger the restoration of keys from online backup if I already have imported the keys? Or is the E2E room key export and the Secure Backup saving different keys?

They both involve handling the same set of message keys; they are just different tools. The manual import / export buttons were all we had for several years before the newer Secure Backup feature of encrypted server-side backups was added. If Secure Backup is enabled, there should be no need to use the manual import / export, and logging in on a new session automatically restores from the server-side backup (after you verify with an existing device).

Is there a reason for the name change? Is the nature of this key different than before? When I think of a recovery key I imagine I never need to use it unless as a last resort to recover my account in the event of a lost password and losing all open sessions.

Changing the name is not connected to any particular technical change. It was believed that "Security Phrase" / "Security Key" would be slightly easier to understand. We also wanted to move away from the term "Passphrase", which is too similar to "Password" and had led some people to assume prompts were asking for their account password.

If this is being used now as a way to restore keys from online backup even while successfully logged in to a session then this name change makes more sense but this change does need to be highlighted so that such a fundamental change is understood by long time users of the platform.

The "Security Phrase" / "Security Key" remains as only a "disaster recovery" option effectively: if you still have an existing session can access, the intended "happy path" is verify with that other session, and then there should be no need to enter the "Security Phrase" / "Security Key". The "Security Phrase" / "Security Key" is only needed for the special case where you are unable to access other sessions.

A blog post would be a great thing to have on this subject.

Agreed. We did write one in May 2020, though several parts have evolved since, so a fresh post would be even better.

[jadonk]

As a new user, can you give in very simple terms WTF this is? I tried uploading the keys that I downloaded when making the account and those don't work, so what does?

I'm just saying, if there was a reference here, it might help some users and help the wording that needs to go into the box.

[ixzh]

I'm totally lost now... I notice there are at least 5 terms I need to make sense of in the privacy section:

• security key
• recovery key
• security phrase
• E2E room keys
• passphrase when export E2E room keys

can anyone give a simple definition and usage of each or is there a manual I can refer to🤔 thanks!

see if my understanding is correct:

• security key is an alphanumeric string of 48 char-length, generated by the machine (and can be regenerated using the app) for account session verification.
• recovery key is a deprecated name of security key.
• security phase is a password created by the user which is mapped to a security key underneath.(so no need to remember the 48 chars)
• E2E room keys are a set of private keys generated by the machine, for content decryption/encryption in chats.
• passphrase, is a password created by the user, required when import and export the E2E room keys set.

does the above make sense

[rohieb]

I'm equally confused. Which keys do I need to back up in case I lose access to all devices and can no longer verify a new session via another login?

[bbacle]

This is the most convoluted program in trying to secure & restore I have ever seen. I have the same program installed on multiple devices, so I need to be able to login to each one of them when I am on that device, but this security key thing has me mystified, because I don't know what the authors of this program are talking about. Where is it & how do I access it? Please simplify, simplify, simplify. Your techno nerdy way of doing things is so confusing as to make me want to uninstall this program & find another better one.

[kevingzhang]

This is the best way to scare new users away, good job Element.

[johnr365]

I'm still seeing this box pop up when trying to verify sessions that are most definitely my own.

The PR referenced above (5533) doesn't appear to have resolved this.

Does anyone have a guide for how I extract the keys I need to verify my sessions and avoid the repeated nagging? Thanks

[ixzh]

how I extract the keys

Hi, it will be easier if you have Element installed on your mobile.

1. to generate the private key, go to Settings Security & Privacy Reset Secure Backup. you have 2 choices here: Use a Security Key or Use a Security Phrase. Choose either one to generate.
2. Other than security key, you can also use cross-signing between sessions. It involves using mobile to scan a desktop session's QR code and a few clicks (to confirm the emoji combination are the same) in both sessions. No key entry required.

[ggogel]

When I click on Reset Secure Backup in Element Android (latest Play Store version) the app crashes. Though, the one I got backed up seems to be valid still. I also backed E2E room keys, because the client Cinny was requesting them.

If I understand it correctly, the security key or security phrase from Secure Backup is just a password for the E2E room keys stored in your Element profile. Backing up the E2E room keys makes sense if you want to be client independent.

[BrainBlasted]

Other than security key, you can also use cross-signing between sessions. It involves using mobile to scan a desktop session's QR code and a few clicks (to confirm the emoji combination are the same) in both sessions. No key entry required.

This does not work in my experience. After scanning the code and confirming everything, the session I'm trying to verify asks for my "Security Key".

[xvenge00]

Same thing here. When signing into desktop app, the app asks for "Security Key" which I don't have.

What I expect is some pop-up in the already signed in devices to confirm the new sign-in or a way to manualy scan QR code. Or at least a way to show the "Security code" in the mobile app.

[tinfever]

I just had to search for this because I thought when it asked for security key, it meant my Yubikey, which obviously didn't work. Perhaps adding a little wording like "Security key (generated for you when you first created your account) might help? Also, if the "happy path" is to verify with an existing session, it is unintuitive current in having it default to asking for a security key with a button to switch to verifying using an existing session. It should default to the "happy path".

What if it presented the user with a window like this with two buttons:

Now we need to load the encryption key for your data, you can:

1. Verify using an existing session (Recommended)
2. Enter the security key generated when you first created your account

Also, some of the Emoji verification symbols are different depending on the device/platform. Headphone emoji in the web browser and headphone emoji in the installed app were different pictures. This tripped me up for a second.

Edit: I realized after I posted this that the interface is already similar to what I described regarding a page with two options. Sorry.

[mrx23dot]

Well I won't try to explain this to my mum, just tell her to use Wire/Signal that works out of the box.

I get warnings shouting at me at exit that I loose everything if I don't do this and that, sounds more like a ransomware than a convenient messaging app.

[RokeJulianLockhart]

For the approximately 30 users who are confused by all of this (@mrx23dot, @xvenge00, @BrainBlasted, @johnr365, @bbacle and @rohieb at least) I implore you to direct your questions at https://matrix.to/#/!YTvKGNlinIzlkMTVRl:matrix.org?via=matrix.org&via=privacytools.io&via=envs.net rather than here.

However, to concisely explain this for you, solely 3 types of hidden credentials must be managed by the user:

• The password, which grants access to the account;
• The security key, which grants access to encrypted chats. This is automatically generated; and
• The security passphrase, which is an alternative to the security key, because it is able to be chosen manually, like the password. Enabling it is optional, but storage of it if enabled is not.

If you enable Cross-signing and subsequently configure the consequently-available Secure Backup feature, your keys should also be duplicated to the server. Note that this shall grant you a new recovery key that replaces your old one. You need not retain the previous key when complete.

If you've any questions, https://dub.sh/jga directs to where to contact me ([email protected]). I'll be glad to assist.

[mrx23dot]

Thank you for the summary, it would be great to link this in on sign up page, or at some point during onboarding. Just for better user experience/retention.

[emitche]

I also found this confusing for adding a new device. Once I got to the security key step, I didn't know what to do.

For anyone encountering this, in plain language:
When you sign up, you are asked to save a security key. Find your security key. Enter this security key when asked.

"Security key (generated for you when you first created your account) might help?

I agree.

[bbacle]

I gave up on the program & uninstalled it.

[alexander-potemkin]

@RokeJulianLockhart , thank you! I understand your intention is probably to keep things in the chat, but it really feels like some issue with the system, indexable by search engines and something that is easy to find and work with for other clients ongoing forward.

With this said let me ask you here, for the sake of arguments above and to give some notifications and help to anyone who requested the help here earlier.

If I get it right, the feature that we are discussing here is an encryption key for the messages and files, so that the client app could decrypt them and show as a proper human readable text.
That is called security key.

Historically users had to create, import and export that key between the devices manually. But not anymore.
Matrix clients now can store that security key on the server in some encrypted enclave/storage. To make this secure, there is security passphrase which is used to encrypt and extract security key and then extract all of the messages and files with it to display a human readable content to the humans.

Could you please, confirm if that's right or correct me if it's not?

And if that's correct, how can I manually extract the security key to provide it to other Matrix element, as the client-to-client key exchange doesn't seem to work - at least not for the messages in the past.

Thanks in advance!!

[RokeJulianLockhart]

#15500 (comment)

@bbacle, I understand. This problem caused a friend of mine to do the same. However, I implore you, if encrypted communication is unimportant, to try it again. Considering that Discord is probably the most similar competitor to Matrix/Element and does not support encryption whatsoever, perhaps reconsider?

[RokeJulianLockhart]

#15500 (comment)

@alexander-potemkin,

1. Transferral

   Since you appear to want to transfer chats to [an]other Matrix element, does https://ems.element.io/tools/matrix-migration provide what you desire?

2. Room Key Management

   If not, I'll need a bit more information to confidently answer, since I've already configured my E2E to be identical across my accounts. For instance, have you enabled Secure Backup, like I have? It might make this difficult.

   Via Element from the Play Store and Element from F-Droid (as of now) or https://element.io, room key management options are provided:

   1.	Cryptography (Keys Management)/
   	1.	Export room keys
   	2.	Import Room keys

   A room key might provide a manual alternative to the Security Key in a room-specific manner.

   However, unfortunately, I'm unable to evaluate its usefulness (providing continuous authentication to 3rd-party clients) so I don't know whether it adequately replaces it.

3. User Key Management

   Consequently, do

   1.	Cross-Signing/
   	1.	Master Key
   	2.	User Key
   	3.	Self Signed Key

   work? The description of the option states that my Private Keys have been stored, but due to the aforementioned conflicting and problematically similar terminology, I can't be confident that that refers to my security key. They don't look similar to the mx_securityKey that I saved, so they're probably not for standard usage either.

   Performing

   1.	Cryptography (Keys Management)/
   	1.	Encrypted Messages Recovery/
   		1.	Restore from Backup

   apparently added a key to my session, but I doubt that this feature is of much use when transferring accounts or even clients.

[alexander-potemkin]

@RokeJulianLockhart , thank you and apologies for such an enormous delay in getting back to you.

My intention was just to change the chat client. I can't tell what went wrong exactly earlier, but now it seems like working... However, the things are still quite confusing!

[RokeJulianLockhart]

#15500 (comment)

@alexander-potemkin, you could all try doing what I've done in Bitwarden if you have access to a desktop PC (in order to use element inspection) or are willing to manually parse view-source: URIs:

Specifically:

1. Password

   csv=mx_LoginForm_password,mx_Field_9
   

   1. mx_LoginForm_password
   2. mx_Field_9

2. Security Key

   mx_securityKey
   

3. I've forgotten which one this is

   csv=mx_Field_7,mx_Field_8,mx_Field_15,mx_Field_16,mx_passPhraseInput
   

   1. mx_Field_7
   2. mx_Field_8
   3. mx_Field_15
   4. mx_Field_16
   5. mx_passPhraseInput

Since this ensures they're autofilled in the correct place (you can just copy the HTML IDs I use) it'll make authentication at https://develop.element.io/ easier, hopefully.

[K4sum1]

What is a security key? I have a recovery key, but Element doesn't seem to accept it. I'm not sure if I have any other device that can pass the prompt. Why is this so complicated? Why can't it just be my password? This is why nobody fucking wants to use Matrix. This shit is needlessly convoluted for no reason.

[RokeJulianLockhart]

#15500 (comment)

@K4sum1, does #15500 (comment) explain what you want to know?

[K4sum1]

Maybe it was because I was mixing a recovery key from one client with another. I was trying to log into Element because nheko was broken, but I was able to do it. I guess I should see if Element would give me a security keep to keep as well in case I need it.

[RokeJulianLockhart]

#15500 (comment)

@K4sum1, if you're authenticating the same account (same username and @domain.TLD) you'll only need one security key to access that account regardless of where you're authenticating, be it Element or another client. Does that resolve your confusion?

[Penguin-Guru]

I'm sorry to say this but this U.X. is still horribly confusing.

I just logged into the web app, which required me to go get my phone for verification... That by itself is very annoying, since I entered the correct password to log in. After verifying the web session from my phone, I still can't read any of my encrypted conversations using the web session. I could use a whatever the backup/restore code is called but my understanding is that I shouldn't have to, because I verified the session from my phone. This is different from what I expected and what has been stated here, but I'm not going to open a new issue for it because I don't even know if it's actually expected. This U.X. needs to be a lot more clear. It shouldn't be hard to do.

[port19x]

Why do I have a recovery key that I use to authenticate my device that then does not automatically have the power to decrypt all previous messages?
Why is that ominous back up of some illusory second (third if we count the password) key opt-in?

I'm glad I stubbed my toe on this mere days after "reactivating" my matrix account.
Now I'm not sure if I'm still inclined to entrust my data to this application

[richvdh]

I see lots of discussion about failures to recover key backups; I'm sorry that happened but it's not relevant to this issue. I recommend opening new issues and sending a logs from within the application (it is very hard to understand what went wrong without such logs).

Generally: I encourage people to open new issues clearly documenting their pain points.

I'm going to lock this issue now as it has been resolved.

[richvdh]

Related: element-hq/element-meta#2394