I tried matrix lately. It created a security passphrase for me. I copied it into my password manager and made sure about surrounding whitespace etc. Then when it asked me for the first time to enter this passphrase I pasted it. It told me it was wrong. I had to go to the web version to reset the passphrase because the desktop variant would ask me for the passphrase to reset the passphrase. I created a new passphrase stored it in my password manager, this time making painstakingly sure it was exactly as displayed.
Guess what. I was asked to enter it immidiately after. It was wrong again.
Even if I am convinced of a decentralized, federated concept, software just needs to work. If I, as a programmer with a ton of patience can't get it to work, asking my non-programmer friends to use it is something I won't do.
I think where it went wrong here is that when it asked you for your "passphrase" (which is called a recovery key) it's very likely it wanted your login password instead. (Because that is indeed needed to reset the recovery key).
The recovery key (whitespace doesn't matter btw, it's just a 48 char string) is only needed when you logout of all devices and subsequently want to restore your encrypted messages.
Even so, the fact that this could cause such confusion is a valid point, and more care need to be taken to differentiate the purpose and situation for each. It's a software problem, not a user problem.
Of course you might agree with this, and i personally find the key and password management quite problematic after using it with a few non technical people.
They should have taken a page out of Bitcoins/Ethereums book and used mnemoic phrases and clearly labelling them as "Recovery key" with big red bold letters everytime you enter it.
yeah, that would definitely help! I find it sad that so many high profile open source projects lack in UI, even though there's a lot of smart people working on them.
Maybe it's a question about prioritizing time for technical features and downgrading the importance of a good UI and onboarding. Since time is limited, but in the case of matrix, I would say UI is just as important as the technical part. If they get more funding, maybe it will change in the future.
Guess what. I was asked to enter it immidiately after. It was wrong again.
Even if I am convinced of a decentralized, federated concept, software just needs to work. If I, as a programmer with a ton of patience can't get it to work, asking my non-programmer friends to use it is something I won't do.