Your passphrase
Your passphrase in Private.Ki is essentially the password that encrypts your private keys (and therefore your mailbox and all your messages). It’s a crucial piece of your security:
What is it: It’s a secondary password you set to protect your encryption keys. The passphrase is needed to decrypt your mail each session. It ensures that even if someone got your account login, they couldn’t read your messages without the passphrase.
Using it: On login, after entering the account password, you are prompted for the passphrase to unlock your mailbox. You enter it and then the mailbox content loads. In detail: The client (your device) uses it to decrypt your private key, which then decrypts your messages. If you opted to skip the passphrase (for convenience), then you only need to log in with your account password. In this case, we set up an "internal passphrase" for you, which is derived from your password. But if you did set one, you must remember it.
Changing Passphrase: XXX
Protecting it: We emphasize do not share it to anyone, do not reuse it as your account login or elsewhere. Make it strong (since it is protecting all your data).
Forgotten Passphrase scenario: If you forget your passphrase, you lose the ability to decrypt your emails. For security reasons, there is no way to access your encrypted content if you forget your passphrase. It's technically impossible.
No Passphrase mode: You can skip the passphrase or use the questions challenge instead of a passphrase. In both cases, technically, we generate an "internal passphrase" for you (which you don't need to enter or save), derived from your account password (in case of skipping) or your answers to the questions (in case of questions challenge). That’s easier - but slightly less secure. But it’s an option for convenience.
Mobile App handling: Usually mobile apps ask you once and may store it in secure enclave so you don’t type it every time after initial, maybe protected by device PIN/biometrics. Some let you set an app-specific PIN to unlock stored key so you don’t type a long passphrase each time on phone.
Updating Device Password vs Passphrase: You might confuse account password (used to log in to Private.Ki) with passphrase (used to decrypt your messages). We clarify difference: The account password is for login and basic account security; the passphrase is for data encryption. Both are not known by Private.Ki. We can reset a forgotten password for you, but we can't reset a forgotten passphrase. That’s an important concept. So keep them both safe. It’s possible they are the same string if you chose (not recommended), but they should be different.