There was a slight confusion. The password can indeed be changed. Just that we have not shipped the feature yet.
Circling back to your original question about how the keys are transmitted, we generate a masterKey when you sign up. This masterKey is encrypted with a keyEncryptionKey, derived from your password. This encryptedMasterKey is then stored on the server. When you sign in on a new device, this encryptedMasterKey is retrieved from the server. As the last step, once you re-enter your password the new device will derive the keyEncryptionKey, and compute the original masterKey.
Please let me know if you have any follow up questions!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hey Vincent, founder of ente.io here.
There was a slight confusion. The password can indeed be changed. Just that we have not shipped the feature yet.
Circling back to your original question about how the keys are transmitted, we generate a
masterKeywhen you sign up. ThismasterKeyis encrypted with akeyEncryptionKey, derived from yourpassword. ThisencryptedMasterKeyis then stored on the server. When you sign in on a new device, thisencryptedMasterKeyis retrieved from the server. As the last step, once you re-enter yourpasswordthe new device will derive thekeyEncryptionKey, and compute the originalmasterKey.Please let me know if you have any follow up questions!