Reset E2EE Passphrase?! Android App 3.0

Hello,

i encrypted a Folder with my Android 3.0 e2e Nextcloud App … but i clicked instantly on next because i though i need to add a password myself … how can i reset the passphrase …?! Even a reinstall not allowed me to do that…?

regards

1 Like

cc @tobiasKaminsky

Hey,

sorry but i dont know what to do to reset my passphrase on my android…?

Hi,

is there a more userfriendly way to do this?

Kind regards,
Andreas

I’d like to know this too. I found that e2ee is not yet working as good as I want so I removed the app and deleted accounts which tryed it. Then I created “new” accounts with old usernames.
Is this ok? Next time when I enable e2ee app, will the users get new passphrase?
It was still easy to do this, but later it will need more work because more files… That’s why I’d like to solve this now.

This passage on github seems not to be valid:

Any help here?

@tobiasKaminsky / @Andy any advice for these folks please? Andy could you give Tobias a nudge to pop onto the forum if needs be?

Recovering e2e will be supported sometime in the future.

For resetting passprases, please see: https://github.com/nextcloud/end_to_end_encryption/issues/32

In short: it is not allowed by design, as we us “trust on first use”, so on the first connection (e.g. sharing) between two users, the key will be trusted. If one side can now change / reset the passphrase (and therefore also the key), all other users cannot share with this user (and they would get an error about changing key).
Also this is our way to prevent/detect malicious/hacked users, which then additionally would make users insecure, as they would expect the other user to be hacked.
-> no changing of e2e key is possible.

If you do not want to use e2e anymore, just remember the passphrase and do not use it anymore.

So even deleting the account keeps the old keys in the memory?
Did I get the last line from your @tobiasKaminsky message right?

With other words if a user lost his password you have to set up a new nextcloud instance if is important enough?

While I understand your reasoning that seems a bit absurd to me, too. The reason why one uses trust on first use is because most users are no technicians and need simple solutions, not because it’s the most secure solution. But if I have non-technical users it’s just a matter of time that one of them looses his password eventually. Shall we tell them, that they never can use E2EE again?

1 Like

was there any development?

data loss of the encrypted content is ok, so it should be possible to remove the keys from the database, right???
EDIT: I got root on my android AND on the server, so I could manipulate the configs, but I don’t know where to start / edit…

Have a look at that thread :slight_smile: .

1 Like

that solved it for me, thanks