Securing a Matrix Account
Once you have an account, it's important to understand the mechanisms it uses to keep your messages secure. Matrix uses encryption to protect your communication. The keys for this encryption should be kept secure, this is done using Secure Backup.
After sending your first encrypted message, you'll receive a prompt to
Set up Secure Backup, to safeguard against losing access to encrypted messages & data. If you choose not to, any new sessions you start by logging into different clients, will not be able to see you messages.
If you do not receive a prompt, or chose to action later, you can initiate its setup by clicking on your avatar in the top left, then selecting
Security & Privacy. Under the
Secure Backup section, select
Follow the prompt to set up your Secure Backup, you can opt to use a phrase or always use a Security Key. If you opt for a Security Phrase, you will be able to provide a phrase of your choosing which you will need to provide to any client when you login with your account. Alternatively, if you forget your phrase, or did not provide one - you will need to provide the generated key.
A verified session is a device (any client logged into your account) that has been verified as legitimate. On your accounts' first login, the session will be marked as verified, make sure to set up a Secure Backup, you will need it if you ever lose access to all verified sessions.
When you login to a new session, you will be presented with the option to either provide your Security Key / Phrase, or to request verification from another already verified session. Successfully completing either option will mark your new session as verified.
Forgotten or lost all recovery methods?
If you have forgotten or lost all methods of verifying your account, you will need to
Reset you account. Doing so will result in losing access to all your encrypted messages, and mark all sessions as unverified (treating this new session like your first).
Add Email to your account
Adding an email to your account will allow you to be able to reset your password should you lose it. Simply follow these steps:
Go to Element
Enter your email address and click
When you get this message, check your email
Click the link in the email. Make sure it opens in another tab/window, leaving your Element client where it is
When you get this message, you can close the verification tab/window and return to Element
Go back to Element and click
Enter your account password or confirm using SSO, then click
If all worked correctly, your new email should now show up under the
Email addressessection in Element settings. If not, something went wrong and you need to try again
Securing a Matrix Account on your Homeserver
Alternatively you can make use of the Synapse Admin API to create a Matrix Account on a homeserver you hold an Admin account on. To do so, you will need to use Create or Modify Account from the User Admin API.