Recently today I reset the password of a user in my homeserver through the admin API but I later learned it had expired all her sessions and she didn't back up her keys, therefore losing all her encrypted messages.
It'd be nice to have a warning under the /resetPassword endpoint about this. If I had known about this, I could've avoided the situation by telling her to make sure to back up encryption keys before I proceeded with the password reset process.
Description:
Hi,
Recently today I reset the password of a user in my homeserver through the admin API but I later learned it had expired all her sessions and she didn't back up her keys, therefore losing all her encrypted messages.
It'd be nice to have a warning under the
/resetPassword
endpoint about this. If I had known about this, I could've avoided the situation by telling her to make sure to back up encryption keys before I proceeded with the password reset process.Thanks.