They verify their device. Usually means opening Matrix on a other device, clicking the pop-up, and scanning a QR code or matching emoji. One device signs proof of verification of the other and exchanges encryption keys so the new device can read encrypted conversations.
Unverified devices are indistinguishable from a hacker logging in through credential stuffing/password leaks until verification is done.
It's a process similar to adding devices to Signal or WhatsApp, except with Matrix you can still log in without having physical access to another device. Useful if you only ever visit unencrypted rooms perhaps.
Unverified devices are indistinguishable from a hacker logging in through credential stuffing/password leaks until verification is done.
It's a process similar to adding devices to Signal or WhatsApp, except with Matrix you can still log in without having physical access to another device. Useful if you only ever visit unencrypted rooms perhaps.