Rupert Gallagher wrote:
I would not want to re-encrypt huge mail folders. There should be two passwords: one for the user login, that you can change often, and one for the encryption, that you can leave alone. This is how protonmail does it.
I took the opportunity to check on the server if this is an issue and/or if I'm mistaken. My last post seems to be correct. I performed a password change with my application and can confirm that the public keys (user-key as well as folder-keys) stay the same. It is the private key's password protection only that changes. Thank you for pointing it out! I will clarify what's happening in the project readme and in code comments.
Another note on passwords. I do actually use two passwords. One for user login, the other one for protecting the encryption keys. The last one is being derived from the user login password, like explained in the original message. This is necessary because otherwise admins would have knowledge of the password.