Enforced end to end encryption is scary and too complicated for normal users

[mlaily]

End to end encryption is hard to explain and justify to normal users.

It currently complicates things a lot, and adds the risk to lose data, which IMO is far more real and occurs far more often than the risk of the server spying on you...

Self-hosting Riot and Matrix already provides more security than other commercial chats.

If/Until end to end encryption can be more transparent to end users, home server admins and/or end users should have the ability to opt-out of it.

I think making this hassle mandatory is a sure way to slow down Matrix and Riot adoption for everybody, and I think it's a pity!

(I filed this under UX/UI bug because the problem is not e2ee, it's the way it currently impair usability)

(Since this issue impacts all the Riot applications, I'm only creating one for the web app, but I have the same concerns for the Android, iOS, and Desktop apps...)

Also see https://github.com/vector-im/riot-web/issues/8067, https://github.com/vector-im/riot-web/issues/9256, https://github.com/matrix-org/synapse/issues/4401, https://github.com/matrix-org/synapse/issues/4367, and others...

[Bun-Bun]

I agree completely.

E2E encryption is overly complex and is not needed for most situations. Having users permanently locked out of their data on my server is unacceptable.

[squidink7]

Exactly, although I think the issue is not to turn it back off, but to make it indistinguishable from non e2e, and that means getting rid of the SSSS password, because many users have trouble remembering one password, and 2 is just overkill. Honestly from an end users point of view messengers like whatsapp and telegram are more secure, because e2e makes Riot feel like the kind of thing used by drug-dealers over the dark web (which was an actual quote from one of my friends who I convinced to move to Riot.)

[fti7]

Yesterday we also enabled Cross Signing on all our Team Accounts/Devices. Allthought i really like the generall Cross Signing Feature (Thanks for that!) - The UI Flow is a pain. Even my technical People didnt directly(intuitive) understand it and asked me several times what the UI now wants them to do....

E2EE is complex, why not invest time and money in a proper Migration/Setup Wizard? (Like Showing in which State you are (Wizard Steps), Description for non-tech People

Or for "Verify this Login" Dialog - For several ones it wasnt clear that "Opening RiotX on Android" or using the Recovery Key approach are two different Options. Why not have two Big Buttons with Description in front of it (Wizard) with the Options they can choose. With direct Instruction what they should do now (e.g. Open the App on the Phone - yes sounds silly, but there are non-tech people arround)

[benqrn]

The UI experience has come a long way, but not far enough for E2EE to be enabled by default and requiring all users to hang on to two separate passwords.

Non-savvy users will at some point need their password reset because they forgot it, and they're certainly not going to remember a second password that cannot be reset (or if they did save the recovery key, they lost it a long time ago).

Yes, making things easier comes at the expense of security, but if the goal is mass adoption, it needs to be simpler. Matrix still requires the typical user to have a technical understanding beyond what a typical messaging app requires.

Some suggestions;

• Enforcing E2EE by default is an option the homeserver admin can toggle
• Ability to disable E2EE encryption on a per-room basis
• E2EE key backup is enabled by default and accessed by the account login by default, the user can then set a separate unique password for key backup if desired

[ptman]

e2ee can be disabled when creating a room, but not disabled after it has been enabled for a room

[benqrn]

e2ee can be disabled when creating a room, but not disabled after it has been enabled for a room

In riot-web, yes, but in the phone app, no.

The point though is that a user who does not understand the repercussions of having E2EE enabled, is somewhat likely to lose their message history if they do not set up key backup, or if they do set it up but then lose their key password. Those messages will be lost, and there is currently no option for server admin to help.

[MurzNN]

In https://github.com/matrix-org/matrix-doc/issues/2544 I describe the problem, that can leak SSS passwords on server side for most regular users on homeserver, that use same password for both places. So current implementation with two passwords is not good for users. We can enforce fill different passwords, but this will be even worse for UX :(

[pv]

How do apps such as Signal manage with a single password? Is it just that because their apps basically never log out except on device changes, they rely on side channel assisted key exchange (as Riot cross-signing??) when activating new devices? And otherwise, they use an autogenerated backup "passphrase" so there's no room for user mistake?

[andrewhotlab]

@mlaily I'm absolutely with you about this. It's a shame to admit that for such a stupid "entry barrier" for newcomers, Matrix is losing a lot of potential users out there. I think that at least element-web should leave the ability to disable these confusing messages after the user dismiss them for the first time (a sort of "do not ask me again" checkbox).

[dbkr]

If/Until end to end encryption can be more transparent to end users, home server admins and/or end users should have the ability to opt-out of it.

https://github.com/vector-im/element-meta/issues/1442 seems like it would alleviate these concerns, so I'm closing this in favour of that issue. Delayed SSSS setup should help too, removing the passphrase/key creation from the account setup flow.

[mlaily]

vector-im/element-meta#1442 seems like it would alleviate these concerns, so I'm closing this in favour of that issue.

This is disappointing. vector-im/element-meta#1442 is about preventing users from opting into e2ee, which is way stricter than simply allowing server admins to disable enforced e2ee by default (including e2ee setup) on their instance, which is what my issue is about...

I understand the eagerness to close issues about e2ee, but I feel like the root of the problem has still not been addressed yet.

EDIT: I hope you are right about delayed SSSS, and vector-im/element-web#13895 will be sufficient.

[tim-seoss]

@mlaily I would be interested to know your thoughts on vector-im/element-web#15416 and whether or not you think this would be sufficient to partly or wholly mitigate the problems?

[mlaily]

@tim-seoss Honestly, I'd rather have the ability to disable E2EE for users for who this feature is actually an anti-feature (and will be for as long as it isn't transparent, which I'm not even sure is possible), but any improvement on the UX is a step in the right direction.

In my opinion, the challenge is convincing people the trade offs of E2EE are actually worth it, when they don't think they need it, and they see simpler apps from the competition...

[mlaily]

I know this issue is closed, but as a quick follow-up:

I hope you are right about delayed SSSS, and vector-im/element-web#13895 will be sufficient.

I no longer get verification prompts during a session! yay!

But I still get prompted to verify my session when signing in, though I have no use for this (maybe vector-im/element-web#15672):

I still get prompted to backup keys when signing out, though I don't use E2EE anywhere (#11684):

So it's better now, but unfortunately not sufficient, and I'm still stuck with Riot 1.5.15 for a little while longer...