A secure encryption key is derived from the user's password using a random salt an Argon2id, though the data is encrypted with a randomly generated key. Keys are generated for each "layer" of the account (so one for the account, one for collections, and etc), so each part can be re-encrypted (or not) separately if needed.
Password change: you can either re-encrypt the data if you want, or more likely, if the password hasn't be compromised, just re-encrypt the main encryption key that's used to encrypt the data.
Password lost: tough luck. We can't help you recover that, because we don't have access to your data. Though we have some ideas on how to maybe enable recovery (using key custodians, shamir secret sharing, or another method, haven't decided).
The salt is kept on the server, so you can just fetch it again when switching devices.
However, on the long term, we plan on considering passwords more of a backup feature, and instead move to a model where you just authorise your devices from running devices (though can always fallback to passwords).
A secure encryption key is derived from the user's password using a random salt an Argon2id, though the data is encrypted with a randomly generated key. Keys are generated for each "layer" of the account (so one for the account, one for collections, and etc), so each part can be re-encrypted (or not) separately if needed.
Password change: you can either re-encrypt the data if you want, or more likely, if the password hasn't be compromised, just re-encrypt the main encryption key that's used to encrypt the data.
Password lost: tough luck. We can't help you recover that, because we don't have access to your data. Though we have some ideas on how to maybe enable recovery (using key custodians, shamir secret sharing, or another method, haven't decided).