Why Scan to Login?

In end-to-end encrypted chat software, scan login is a secure method for user authentication and encryption key exchange.

Here's why scan login is necessary:

Limitations of Phone/Email One-Time Passwords (OTP)

Phone/email OTP can only verify ownership of the phone number or email. While this proves your account ownership, our product is end-to-end encrypted. Your identity data is initialized on your first device and stored only on your devices. The scanning process transfers decryption keys to your new device. If you log out of all devices, you cannot recover these encrypted chat data.

Ensuring User Identity

Scan login ensures user identity is genuine, not from bots or malicious attackers. By scanning QR codes, users prove device and account ownership, preventing unauthorized access. Most importantly, scanning is an encrypted identity information transfer process, securely moving encryption data from your old device to the new one to ensure chat content security.

Simplifying Login Process

Scan login simplifies the user login process, requiring no complex passwords or usernames. Users can quickly and securely log in by just scanning a QR code.

Tip

End-to-end encryption works by keeping keys only on your devices, ensuring only you can access your encrypted data.

Therefore, we only recommend OTP verification login to reset your account when all devices are lost. However, without keys, this means losing all encrypted data since decryption keys exist only on your devices or stored PaperKey.