Add warnings in logout dialog about implications on e2ee #26795
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Your use case
What would you like to do?
I would like to avoid occasional confusion and frustration with Element Web/Desktop due to users not being aware of the implications of a logout. In particular, I have encountered complaints about these aspects in GitHub issues:
The dialog communicates the potential loss when there is no server-side backup. When there is, however, users might still lose their keys or forget their passphrases. Especially when they had set up the backup some time ago, users who do not use a password manager for these things are at risk of losing their messages. A warning might save them.
This has been mentioned in Rethink the decision to enable e2ee by default in 1-1 chats element-meta#310 (comment) but I have not seen it discussed further, hence this issue.
How would you like to achieve it?
While not resolving the underlying UX / Security conflict, I believe a warning in the logout dialog is appropriate if this is the last logged-in device of a user, or the only one being used in some time, like a day / week / month.
This could be something along the lines of:
Have you considered any alternatives?
For our use case, users will be forced to log into our organization's HS by immediate SSO redirect and our workstations are trusted. In this setting, we also consider hiding the logout button completely with a new UIFeature config, but changing the logout dialog might be beneficial for a larger user base.
Additional context
No response
The text was updated successfully, but these errors were encountered: