From the FAQ
"When key backup is enabled, your device will maintain a secure copy of its keys on our server."
Why, just why? Even if the keys are encrypted, some users have great passwords like 'password123'. By doing this you are just reducing security to that pathetic password. Why would you even enable this ? This will break, it's just a question of time.
Please stop implementing vulnerabilities and calling them features

@frox The goal is to allow recovering encypted messages even if your client looses all data. By default the key backup is encrypted using a code the client generates (not the user), it's called the recovery passphrase. There's an option to manually set the passphrase, but the default is the one the client generates

Sign in to participate in the conversation

Generic Mastodon instance hosted by the FairSocialNet association.