Clarifying e2e encryption mnemonic description and usage on clients devices #205
Labels
0. Needs triage
Pending approval or rejection. This issue is pending approval.
enhancement
New feature or request
feature: activation
Setting the mnemonic mostly
Comments
sunjam
added
0. Needs triage
|
We have no interaction with the mnemonic in this repository. All of the other matters noted have their own Issues elsewhere. Closing here as a duplicate of nextcloud/desktop#2442 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Originally posted to Desktop client repo, but should more likely be reported to this main repository. edit: It seems people can recover the mnemonic directly from any authenticated client device. I hope this changes via #2443. ❤️
Related to nextcloud/documentation#11274 for e2e documentation on Nextcloud desktop client. Revoke Keys discussion and issue for better overall documentation.
Please considering designing mnemonics so that will only be shown that singular time, and will disappear forever once you select Enable encryption.
I appreciate the wording you have on 3.0.1, but it is not secure enough. Thanks for considering.
To protect your Cryptographic Identity, we encrypt it with a mnemonic of 12 dictionary words. You must record and never lose these 12 words. These will never be shown again once enabled and are required in case you ever lose access to your data or wish to add other devices to your account (like your mobile phone or laptop). Have you recorded these words? Record them carefully then Enable encryption.
The text was updated successfully, but these errors were encountered: