E2E backup: Get rid of the confusing need to remember two passwords by using Secure Remote Password protocol, like ProtonMail did.

[bmisiak]

Description

I think Matrix's mission to make end to end encryption as easy to use and transparent to the user as possible is the right path and a commendable goal. ProtonMail made E2EE available to the masses in e-mail and we can learn from their experience:

https://protonmail.com/blog/encrypted_email_authentication/

Would it be possible for Matrix to use Secure Remote Password 6a, so that the user's password is never revealed to the server and could thus be used instead of a separate passphrase?

[ara4n]

We have a similar thing landing currently in the form of: https://github.com/matrix-org/matrix-doc/blob/dbkr/encrypted-recovery-keys/proposals/1687-encrypted-recovery-keys.md.

However, we deliberately use a separate key for backups to password for accessing the account (on the assumption that the backup key will typically be transferred via verification rather than being manually entered).

We'll need to compare protonmail's approach with what we're doing.

[richvdh]

Seems to be the same thing as element-hq/element-meta#1947