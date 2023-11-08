I would like to better understand the function of the encryption password. I've read that others in the forum found it confusing as well, and they've had problems with it as a result.

From Vivaldi's help:

Your encryption password is used locally on your computer for encrypting the data you’re about to send to our servers and to decrypt the received data. Your encryption password is never sent to us or any other third party, which ensures that we cannot decrypt your data.

Essentially, this means that Vivaldi gives you control over the key to decrypt the data sent via end-to-end encryption. Most services that are end-to-end encrypted (for example, WhatsApp) don't provide an option for you to set a separate password for it.

Does this suggest that services not offering the option to choose an encryption password potentially have more access to your data compared to what Vivaldi has?

This could be seen as a two-step login process – one for the account and another for encrypted user data. I find this confusing because it's not a standard approach, and I've never seen such a method elsewhere.

Would a more common scenario be to have both the account password and the encryption password combined into a single login step, and on top of that, you could use 2FA, like SMS or a hardware key?

Or in other words:

If I were to use the same password for both the login and the encryption and set up 2FA on top of that, would this approach be more common and similar to other services?

(Edit: I realized that the user data is stored locally which means that 2FA of the login does not apply to it directly)

If I'm mistaken, and this isn't how it works, it's another example of how unclear this feature is.