**PLEASE** Let us set up e2e encrypted channels without key verification

[maciejhirsz]

At Parity we have channels with 50, 60 or even 70 people, all of them are e2e encrypted. The current topic on the Parity General channel is:

Verify Riot users: https://gist.github.com/cmichi/b1122ace827c243fa872315f6f99b605

This occasionally changes as the UI changes. We understand this is not how this is intended to work. We understand the risk of just blanket verifying all devices in a channel. We get it. But here is a problem: the current model is COMPLETELY UNUSABLE for channels that have 5 or more people on them. Period. When a new person joins the company they are NOT GOING TO VERIFY 200 DEVICES BY HAND in order to be able to speak on a channel. There is no amount of user education that is going to make this a tolerable experience to a human.

We love Riot, we're using it very consciously so we can own our data and have it fly encrypted over the internet, but can we PLEASE have some middle-ground encrypted invite-only channels where key verification is automatic?

---

Edit (much later): I know this reads rather dramatic, and I usually scorn at emotionally charged github issues, but I think the frustration here is really impossible to capture with a leveled "this is frustrating". I love what you guys are doing, so I apologize if this is disheartening ❤️.

[uhoreg]

We are going to adress this via cross-signing and trust-on-first-use, which we are working on right now.

[uhoreg]

Also, rather than pretending to verify all the devices, users can click the "Send anyway" button in order to send message to the room without having to verify everyone.

[maciejhirsz]

Also, rather than pretending to verify all the devices, users can click the "Send anyway" button in order to send message to the room without having to verify everyone.

Doesn't that not send it to people who you haven't verified?

[t3chguy]

Depends on your settings, whether you have "Send only to verified devices" ticked (by default it will not be ticked)

[subversion23]

Yes, PLEASE!
Let's be honest. At this moment encryption in Riot is unusable for normal users.
Just now got loggend out of the webclient and have to verify around 50 Devices AGAIN. I had to do this 2 Times already last week.
Key backup is only working partial. (#8905 and others)

Many users i know are leaving matrix because beacuse of this and i can understand them.
I love Matrix, so i'm gonna stay (and chat mostly with myself), but i can't recommend it to anyone until this issue is solved. Users who are used to Signal and such stuff are asking me if i'm crazy.
So, PLEASE PLEASE PLEASE fix this ASAP. Your users are running away!

Best way would be an option to verify all devices in a room with one click, as suggested by many other users many times.

[ghost]

I must concur. This is also an issue if Matrix is your sole channel of realtime communication; for example, if one were to simply leave one's Matrix ID and e-mail on a website. This would make verification either impossible or incredibly impractical. I would very much like to be able to exchange encrypted messages with others without needing them or myself to be hauled through a verification process that is especially intimidating to non-technical people.

[menturion]

Totally agree!

Currently, usuability of encryption is the worst user experience nightmare!
I suggested a feature that handles encryption server-side without user interaction (see matrix-org/synapse#5401). This would meet most use cases.

User passphrases, device verification etc. is way too complicated for common users and thus error prone.

[uhoreg]

This is now done since the release of cross-signing.