etesync
Recover encryption password from storage location
I installed the Android etesync adapter on a single device and seemingly forgot to note the encryption password. It seems, although I have access to the device, I cannot recover nor reset the enc pw from within the app. I have a couple of collections and want to avoid the to export and import all collections and to reset the account, which would also delete the existing collections sharing with other users.
I'd like to know where exactly the app stores the enc pw in which format. Maybe I can access it somehow using the administrative account on the device?
Secondly, I'd really like to be able to change the secret without entering the old one (because having access by a trusted device is commonly considered to be enough).
Secondly, I'd really like to be able to change the secret without entering the old one (because having access by a trusted device is commonly considered to be enough).
Try changing your password to any service you are logged into, I doubt any would let you change the password without verification. Think about it, it means anyone with access to an open browser tab or an unlocked device can just takeover your account.
I'd like to know where exactly the app stores the enc pw in which format. Maybe I can access it somehow using the administrative account on the device?
It doesn't. It stores a derived key used for encryption, but not the actual password. This is by design. :|
Thanks for your answer.
For the first point, I would say that a trusted device which needs to be unlocked is not comparable to an online service where you are logged in (for which you can usually trigger a reset if you own the registered email address). Compare to Keybase client, Wire or Signal, they all do crypto.
For the second, I suppose that the only way to go is to export the data, reset the account and import again then, if I cannot change the encryption key without providing the old one.
For the first point, I would say that a trusted device which needs to be unlocked is not comparable to an online service where you are logged in (for which you can usually trigger a reset if you own the registered email address). Compare to Keybase client, Wire or Signal, they all do crypto.
Can you just change your Signal password without setting the existing one? I'd be surprised if that's the case.
For the second, I suppose that the only way to go is to export the data, reset the account and import again then, if I cannot change the encryption key without providing the old one.
Yup
For the first point, I would say that a trusted device which needs to be unlocked is not comparable to an online service where you are logged in (for which you can usually trigger a reset if you own the registered email address). Compare to Keybase client, Wire or Signal, they all do crypto.
Can you just change your Signal password without setting the existing one? I'd be surprised if that's the case.
be surprised: "you can change the PIN as long as this deviced is logged in"
Of course, apps like Wire and Signal have per-device encryption keys and are bound to an email or phone number. However, the general principle is: once you are logged in, you have proven to be the owner and you have full data access anyways. What data are you trying to protect in this scenario?