Element (formerly Riot): A Beginner’s Guide to Secure MessagingElement (formerly Riot) is a decentralized, open-source messaging app built on the Matrix protocol. It focuses on privacy, security, and interoperability — allowing individuals, teams, and organizations to communicate securely across different networks. This beginner’s guide explains what Element is, how it works, key features, how to get started, security considerations, and common use cases.
What is Element?
Element is a client application for Matrix, a federated open standard for real-time communication. Matrix defines how messages, presence, and metadata are transmitted between servers. Element is one of the most popular Matrix clients and serves as an accessible interface for end users to join chat rooms, make voice and video calls, share files, and connect with other platforms.
Key facts
- Element is an open-source client for the Matrix protocol.
- Riot was rebranded to Element in 2020.
- Element supports federation: you can interact with users on other Matrix servers.
How Matrix and Element work (simple overview)
Matrix uses a federation model similar to email: anyone can run a Matrix server (called a homeserver), and homeservers exchange messages using the Matrix protocol. Element connects to a homeserver — either a public one like matrix.org or a privately hosted server — and provides the user interface.
Messages are stored on the homeserver and replicated to other servers in a room so participants can retrieve message history. Element also supports end-to-end encryption (E2EE) using the Olm and Megolm cryptographic ratchets for one-to-one and group conversations, respectively.
Core features of Element
- Secure and private messaging with optional end-to-end encryption (E2EE).
- Decentralized federation — join rooms across servers or run your own homeserver.
- Cross-platform apps: web, desktop (Windows/macOS/Linux), and mobile (iOS/Android).
- Voice and video calls (1:1 and group via WebRTC).
- File sharing, images, reactions, threads, and rich text formatting.
- Bridge support to connect to other networks (Slack, IRC, Matrix <> XMPP, Telegram, etc.).
- Guest access and invite links for easier onboarding.
Getting started — steps for new users
- Choose how you’ll use Element:
- Use the hosted Element web app or desktop/mobile app and connect to a public homeserver (e.g., matrix.org).
- Create an account on a hosted provider or run your own homeserver (Synapse is the most common server implementation).
- Install Element:
- Web: open app.element.io
- Desktop: download the app for Windows/macOS/Linux
- Mobile: install from the iOS App Store or Google Play
- Create an account or sign in:
- Register a username on a homeserver or sign in with an existing Matrix ID.
- Join or create rooms:
- Use the Explore Rooms feature, an invite link, or create a new room.
- Enable end-to-end encryption where needed:
- Create an encrypted room or enable E2EE in room settings. Verify other users’ devices to avoid man-in-the-middle attacks.
- Learn basic operations:
- Send messages, upload files, start voice/video calls, and manage notifications and room permissions.
Encryption and security details
Element supports two cryptographic systems:
- Olm — for secure one-to-one messaging (Double Ratchet).
- Megolm — optimized for group chats, balancing performance and forward secrecy.
To maximize security:
- Always verify device keys of the people you chat with (Element provides QR codes and cross-signing to simplify trust).
- Use E2EE for rooms that exchange sensitive information.
- Run your own homeserver if you need stronger control over data retention and server-side policies.
- Keep clients and servers up to date to receive security patches.
Limitations and caveats:
- Megolm’s design introduces trade-offs in perfect forward secrecy for large groups; for extremely sensitive group discussions, consider additional operational security.
- Bridges to other networks may reduce end-to-end encryption guarantees if messages traverse systems that don’t support E2EE.
- If you use a public hosted homeserver, trust its operator with metadata and server-stored (unencrypted) content unless E2EE is enabled.
Admin and organizational setup
For teams and organizations:
- Deploy a Synapse homeserver (or lightweight alternatives like Dendrite/Conduit) to host accounts and rooms.
- Integrate Single Sign-On (SSO) via SAML or OIDC for corporate identity management.
- Configure retention policies and moderation tools to comply with policies and regulations.
- Use space rooms to organize channels and define access controls.
- Consider hosting media and application services (turn servers for calls, file proxies) to improve reliability.
Integrations and bridging
Element’s bridge ecosystem lets you connect Matrix rooms to other chat networks:
- Slack, Teams, IRC, Telegram, WhatsApp (third-party), and XMPP.
- Bridges can be run by server admins or third parties; they may require configuration for user mapping and permissions.
- Bridges enable interoperability but may expose messages to the target network’s policies and security model.
Common use cases
- Privacy-conscious personal messaging with friends and family.
- Secure team collaboration for small-to-medium organizations.
- Community chat rooms for open-source projects, interest groups, and federated communities.
- Replacing proprietary chat systems where data ownership and federation are priorities.
- Bridging legacy systems into a unified communication layer.
Tips and best practices
- Turn on E2EE for private conversations and verify device keys regularly.
- Use a trusted homeserver; self-host if you require full control.
- Organize rooms using Spaces and set clear access/permission rules.
- Use app locks and strong passwords; enable passphrase-based recovery carefully.
- Keep clients and servers updated and monitor for security advisories.
- For admins: back up encryption keys and configure cross-signing and recovery options to avoid data loss.
Resources for learning more
- Element documentation and help center for user guides.
- Matrix.org for protocol specs and server implementations.
- Community forums and GitHub repositories for troubleshooting and developer discussions.
Element combines modern chat features with decentralization and strong security options. It’s a solid choice for anyone who needs an open, interoperable messaging platform that prioritizes user control and privacy.
Leave a Reply