Are you facing issues with Element's security phrase and key? Here's an easy guide, step by step, everyone can practice to setup them. You are required to have Element on two devices, web and phone pair is better, to do that. Hopefully this helps you and now let's go!

Subscribe to UbuntuBuzz Telegram Channel to get article updates.

Basics

• Phone is better to never logout.
• Desktop is better to always login after phone.
• Security phrase is different to password and different to key.
  
• Security phrase and key are better created on desktop.
• You need a password manager app like KeePassXC.

Final goals should look like below that means everything is okay and verified.

 (Results wished from practicing this tutorial)

1. Do not have Element?

Register freely at Element.io and download the Android app on F-Droid. This is already explained in Element Basic Guide.

2. Do not have a password manager?

Get KeePassXC. Follow this tutorial to setup one. Run it and save your pair of Element username password as an entry on it. This is also explained already in KeePassXC Basic Guide. For Android, install KeePassDX from F-Droid as it can reads XC's database.

3. First Login

Do your first login on desktop. Go to app.element.io and login. If you do not know how, learn it at Element Basic Guide. Once logged in, you see the first welcome message.

4. Setup Security Phrase and Key

Go to menu > Security & Privacy > Secure Backup > Setup > Set up secure backup dialog appears > Choose Enter a security phrase > generate a pass phrase with your KeePassXC password manager > copy and paste that pass phrase to Element > Continue > copy paste it once again to confirm > Save Your Security Key appears after your Security Key has been generated automatically > download it, save the file named recovery-key.txt in KeePassXC app > Continue > finished. Now, you have an Element password, a Security Phrase, and a Security Key, and finally once you have these guys everything will be easy. Important: make sure you saved them all in KeePassXC and never lost them.

When Element asks you Security Phrase, open KeePassXC, and copy-paste it.

5. Verify Other Sessions

While Element Desktop is still active, now we will login from the second device that is a Element Mobile (Android or iOS). Open Element Mobile > login with your username and password > a notification appears on desktop "New login. Was this you? Later | Verify" > same notification also appears on phone > click Verify on both devices > desktop will show two verification options, either it is QR Code or Emojis > select QR Code > a QR Code appears on desktop > scan it with your phone > click verify on both devices > done. 

Alternatively, if you cannot scan QR (perhaps your camera won't work), you still can verify by Emoji. When the verification choices appear, select Emoji, a set of cute Emojis will appear on both devices > click They match on both devices > verified > done.

Conversely, you can do Desktop Login after Phone Login above, and the methods are just the same.

Important: for your convenience, it is better if your Element Mobile (Android or iOS) to be always logged in and never logged out.

6. Trust a Device

Once you logged in with multiple devices, you may be asked to verify the other device. Element can be used just fine without this but you can do it if you want. This is a security that is good for us. When you encounter this, as long as you had Security Phrase on your hands, everything is easy as follows:

On desktop:

Click your profile photo / avatar > Security & Privacy > click Verify Them > your profile appears > under Security section, you should find green devices marked TRUSTED > if not, click it > Verify > a notification appears on Element Mobile > verify it either with QR or Emoji > done. 

On phone:

Click your profile photo > Settings > Security & Privacy > Active Sessions > Show All Sessions > you should see all devices marked green and trusted > if not, verify it like above either with QR or Emoji > done.

 When Element asks for Security Phrase, open your KeePassXC, and copy-paste it.

7. Verify This Login

Desktop Login, that is a login done when phone is already logging in, will ask to Verify This Login. Steps to do so: make sure phone is logged in first > go to desktop > login > Verify This Login appears asking for another device verification > a notification appears on phone > tap it > now on the desktop the two choices, QR and Emoji, appear > verify it like explained above > done.

8. When to skip verification?

Element can be used just fine with skipping verification. When you need to skip? When both devices are logged out, then either one (much easier if it is desktop) wants to login, select SKIP and continue to Element. Once a device logged in successfully, now you can verify both like explained above. 

When Element asks you Security Phrase, open KeePassXC, and just copy-paste it.

That's all. Hopefully this will be useful to you!

---

This article is licensed under CC BY-SA 3.0.