Skip to content

Rotate group keys after password change #3062

Open
Open
Rotate group keys after password change#3062
Assignees
corrideat
Labels
App:FrontendKind:EnhancementImprovements, new features, performance upgrades, etc.Note:SecurityPriority:High
@taoeffect

Description

@taoeffect
taoeffect
opened on Mar 23, 2026

Problem

If a user changes their password, their old keys can still be used to decrypt future group and chat events (if those haven't been rotated).

Solution

Rotate the group and chatroom keys for the groups and chats that the user is part of when they change their password.

Make sure the logic in 'gi.actions/group/shareNewKeys' (and the chat version) isn't affected (and update if so).

Also verify the other devices are logged out upon password change, and perhaps it might be a good idea to also delete old state on those devices too so that private keys to the old CEK etc can't be grabbed.

Metadata

Metadata

Assignees

Labels

App:FrontendKind:EnhancementImprovements, new features, performance upgrades, etc.Note:SecurityPriority:High

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions