fsebugoutzone.org:9999

       Post AzOpe3QaPiVVTV8PHk by andybalaam@mastodon.social
 (DIR) More posts by andybalaam@mastodon.social
 (DIR) Post #AzOpe3QaPiVVTV8PHk by andybalaam@mastodon.social
       2025-10-18T15:12:56Z
       
       0 likes, 0 repeats
       
       Why do I have 2 passwords? How to talk about encryption in Matrix https://media.ccc.de/v/matrix-conf-2025-72671-why-do-i-have-2-passwords-how-to-talk-about-encryption-in-matrixMy talk on the concepts and words we should use to talk about encrypted messaging on Matrix.#MatrixConf2025 #matrix #video
       
 (DIR) Post #AzOpe4OqneiGUPKXDc by lyyn@mastodon.ml
       2025-10-20T11:52:39Z
       
       0 likes, 0 repeats
       
       @andybalaam Thanks for the talk! I&#39;ve got a question while watching it. So I remember that I think Mozilla browser sync had one password for logging in and it was actually used for encryption too. Same thing with Bitwarden. It probably has the downside that if you log in using a web page a malicious web page can just grab the plaintext password and send it somewhere, but otherwise the log in process can be made secure in the sense that the server never actually learns the original password value and so can&#39;t break the E2EE private keys. Have you considered something like that?
       
 (DIR) Post #AzOqTzqoxQlBRKApE0 by andybalaam@mastodon.social
       2025-10-20T12:02:02Z
       
       0 likes, 0 repeats
       
       @lyyn Thanks! We had a number of conversations similar to this at the conference, and we need to evaluate the security of solutions like this. We have always been super-cautious about the recovery key, refusing to store anything that can get access to recovery _anywhere_, ever. We have it in our plan to look at simplifying the recovery key, so we are going to get to this!
       
 (DIR) Post #AzPG9Rty4HGTAGVZxY by hubert@social.uhoreg.ca
       2025-10-20T15:45:31Z
       
       0 likes, 0 repeats
       
       @lyyn @andybalaam We&#39;ve considered that, and there were some proposals put forward.  But it has some issues, such as not being compatible with single-sign-on, or the new OAuth-based authentication system that was being developed.  Also, it would mean that if you logged into something like Cactus Comments, which has no reason to do encryption, you would be giving it full access to your encrypted data.  In the end, it was decided that we&#39;d get better mileage out of moving forward with the new authentication system and simplifying the sign-in process (with things such as QR-code-based logins, which logs you in, verifies the new device, and provides it with all the necessary secrets in one go), rather than trying to combine the login and secret storage passwords.
       
 (DIR) Post #AzPG9SswPa2ODN2Gzw by lyyn@mastodon.ml
       2025-10-20T16:49:16Z
       
       0 likes, 0 repeats
       
       @hubert @andybalaam Thanks. I would imagine that it does not really work with OIDC.About Cactus Comments I think that giving full access to the account (even without identity keys) is not desirable either, because that includes ability to reset the key backup/identity keys and control all other rooms etc, and more granular control would be needed anyway.