Skip to content
This repository has been archived by the owner on Sep 11, 2024. It is now read-only.

Use recovery keys over passphrases #4686

Merged
merged 15 commits into from
Jun 15, 2020
Merged

Conversation

dbkr
Copy link
Member

@dbkr dbkr commented Jun 2, 2020

Give new users (or any newly set-up encryption) recovery keys and only recovery keys, and support passphrases as a secondary option for users whose accounts already have them.

This is the first step in a larger process of splitting up cross-signing and SSSS setup, but this is just the initial work to switch the priority of recovery keys and passphrases at the UI level.

Things not included in this PR:

I've split these out into separate issues, as indicated

How it looks currently:

After registering / logging into an account with no cross-signing:
Screenshot 2020-06-02 at 18 12 43
Screenshot 2020-06-02 at 18 12 52
Screenshot 2020-06-02 at 18 12 59

Logging in to an account with key backup:
Screenshot 2020-06-02 at 18 14 14

Logging in to an account with cross-signing (note added reset link):
Screenshot 2020-06-02 at 18 15 05

On clicking reset link:
Screenshot 2020-06-02 at 18 15 34

On clicking 'use recovery key':
Screenshot 2020-06-02 at 18 16 08

Screenshot 2020-06-02 at 18 17 00

Screenshot 2020-06-02 at 18 17 25

Screenshot 2020-06-02 at 18 18 40

Apologies for the sizeable PR: the alternative was landing it in chunks and having develop be in a weird, half-passphrase, half-recovery key state.

Fixes element-hq/element-web#13825

dbkr added 6 commits May 29, 2020 15:42
Step 1 - change CreateSecretStorageDialog to just give a recovery key
rather than a passphrase.
Only show passphrase options at all if the user has a passphrase on
their SSSS key.
@dbkr dbkr requested review from a team June 2, 2020 17:31
Copy link
Member

@turt2live turt2live left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm with comments. The tests also seem angry, presumably because the signup flow tries to mash buttons until it gets into the app and those buttons are missing.

@nadonomy
Copy link
Contributor

nadonomy commented Jun 3, 2020

@dbkr this screen doesn't make sense to me:

Logging in to an account with key backup:
Screenshot 2020-06-02 at 18 14 14

What's the user context exactly?

If it's logging into an account to input a key, but there are no other sessions, then I think a variation of this screen is probably what we want. If it is, let me know and I can figure out the right path.

Oh I see. Is it a user inputting their previous key backup key, to then upgrade to an SSSS key?

@dbkr
Copy link
Member Author

dbkr commented Jun 3, 2020

Yeah, this is the user either logging in or using a session on an account that has not yet set up SSSS, has a key backup but that key backup is not trusted, so we need to establish trust in the key backup and then convert it into a SSSS store.

Copy link
Contributor

@nadonomy nadonomy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(Apparently I don't know how to use the internet. Ignore this.)

@nadonomy nadonomy self-requested a review June 3, 2020 11:06
Copy link
Contributor

@nadonomy nadonomy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, this is the user either logging in or using a session on an account that has not yet set up SSSS, has a key backup but that key backup is not trusted, so we need to establish trust in the key backup and then convert it into a SSSS store.

Got it. In that case, as the key is converted, can we update the copy on this screen to:

Upgrade your Recovery Key
Upgrade your Recovery Key to store encryption keys & secrets with your account data. If you lose access to this login you'll need it to unlock your data.
[Skip] [Upload]

& then instead of showing the key again, we just show the end/success screen?

@dbkr
Copy link
Member Author

dbkr commented Jun 3, 2020

Done. Now looks like:

Screenshot 2020-06-03 at 12 22 40

Screenshot 2020-06-03 at 12 22 48

...and then once you enter a correct passphrase or recovery key, it takes you straight into the app.

@JOJ0

This comment has been minimized.

@t3chguy

This comment has been minimized.

@JOJ0

This comment has been minimized.

@t3chguy
Copy link
Member

t3chguy commented Jun 5, 2020

Very weird as riot-web-1.5.15 doesn't support cross-signing at all.

@JOJ0

This comment has been minimized.

@JOJ0

This comment has been minimized.

Copy link
Member

@turt2live turt2live left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm code-wise.

Copy link
Contributor

@nadonomy nadonomy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Use recovery keys rather than recovery pass phrases
5 participants