Security Key mismatch: cross-signing guarded by previous key

[Modish-Morbid]

I've just had to wipe my entire computer due to some OS corruption. I got Element back, and tried verifying my application-launched session (the Windows app). I open another session in browser. Matched the emojis. It then asks for my security key, on both sessions. I had previously reset my security key and downloaded a new one [Security and Privacy -> Encryption -> Secure Backup -> reset]. I click "upload" and click on the Security Key that I downloaded. Wrong Security Key.

...What? What do you mean "Wrong security key"? This is the ONLY Security Key I have! I literally just reset it!

I tried everything else I could think of, including my Security Passphrase and even the Session Key. Nothing.

I don't know if I'm just doing something wrong or if this is a bug. I'm putting this down as a bug just in case. Sorry if its not.

If I AM doing something wrong, Element absolutely sucks at communicating it!

I am getting very frustrated by this. Please help.

(Logs being sent: yes)

Element version: 1.7.24
olm version: 3.2.1

For the web app:

• Browser: Brave
• OS: Windows 10
• URL: https://app.element.io

For the desktop app:

• OS: Windows 10

[jryans]

My suspicion is you've fallen into a trap of sorts which Element doesn't explain very well at the moment: if you reset the security key, your cross-signing keys are still guarded by previous security key unless you also reset them as well. So, it's trying to ask you for the previous key that you don't have (presumably that's why you reset it).

Anyway, here's the procedure I normally recommend:

0. Consider exporting room keys to a file as a backup in an existing session via top left menu -> Settings -> Security -> Export E2E room keys (but you've said you don't have encrypted rooms at the moment)
1. If you don't have an existing develop session, it should be fine to login and skip any verification prompts
2. Reset secure backup first (this should now succeed without confusingly asking for previous keys)
3. Reset cross-signing keys (this may prompt for security key / phrase, it's expecting the new one you just made in step 2)
4. On other sessions, you should be able to either verify the new session and receive new keys or go to Settings and "setup" Secure Backup (green button instead of the red "reset"), which maybe prompt for the new security key / phrase as part of downloading your keys

It sounds like you've already done step 2, so perhaps can continue onto step 3. Assuming that works, we "just" need to make this way less confusing.

[aaronraimist]

I hope this will get some more attention soon. This is a chronic issue. Heres some of the filed issues I could find:
#16118
#16073
#16263
#16243
#16455
#16849
#16879
#16755
which doesn't include the dozen or so times I've helped people deal with this in chat.

[turt2live]

matrix-org/matrix-react-sdk#5819 might help with this by making it one button

[aaronraimist]

@turt2live that adds a new one button reset but it doesn't seem to fix these two Reset buttons

[turt2live]

Indeed but the most common time someone runs into this issue is during login

[Modish-Morbid]

Okay! I got it! I reset my cross-signing keys and tried verifying again and it all worked. Thanks to jryans for his advise, I was really stumped for answers!