Resetting cross-signing/SSSS doesn't reset SSSS password #13212
Assignees
Comments
|
Flagging as blocker, we definitely want a reset button that works. |
|
More importantly, the old recovery passphrase and key are still valid after the resetting procedure! |
dbkr
changed the title
|
Updated the title & description to reflect this |
14 tasks
|
Looks like this regressed in matrix-org/matrix-js-sdk#1311 |
dbkr
added a commit
to matrix-org/matrix-js-sdk
that referenced
this issue
Apr 16, 2020
We re-used the old SSSS key even when resetting, meaning we prompted the user to create a new passphrase but then ignored it and kept using the old one. Fixes element-hq/element-web#13212
dbkr
added a commit
to matrix-org/matrix-js-sdk
that referenced
this issue
Apr 16, 2020
We re-used the old SSSS key even when resetting, meaning we prompted the user to create a new passphrase but then ignored it and kept using the old one. Fixes element-hq/element-web#13212
|
Is key reset expected to work on Riot Android 0.9.10 and RiotX 0.18.1? After resetting it's showing a different set of devices as verified on Riot Android and RiotX than riot-web. Can file bug/send rageshake if necessary. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It asks for the SSSS password after prompting you for a new one, but then appears to store the new cross-signing secrets with the old SSSS key, so your password stays the same.
The text was updated successfully, but these errors were encountered: