From 5ded730ed7e3d5ef29fcffe83038b44387e11007 Mon Sep 17 00:00:00 2001
From: Maxime GRANDCOLAS <maxime.grandcolas@scille.fr>
Date: Wed, 16 Oct 2024 10:34:48 +0200
Subject: [PATCH 1/6] [MS] Updated recovery device and migrated tests to pw

---
 client/src/locales/en-US.json                 |  34 ++--
 client/src/locales/fr-FR.json                 |  34 ++--
 client/src/parsec/device.ts                   | 172 +++++-------------
 client/src/parsec/types.ts                    |   5 +
 client/src/views/devices/DevicesPage.vue      |  36 ++--
 .../devices/ExportRecoveryDevicePage.vue      |  59 +++---
 .../devices/ImportRecoveryDevicePage.vue      | 140 +++++++-------
 client/src/views/home/HomePage.vue            |  27 ++-
 client/src/views/home/LoginPage.vue           |   1 -
 .../views/home/UserJoinOrganizationModal.vue  |   2 +-
 .../specs/test_export_recovery_device_page.ts |  56 ------
 .../specs/test_import_recovery_device_page.ts |  78 --------
 .../pw/data/recovery/fake_recovery_file.txt   |   1 +
 .../tests/pw/data/recovery/recovery_file.psrk |   1 +
 .../pw/e2e/export_recovery_device.spec.ts     |  47 +++++
 .../pw/e2e/import_recovery_device.spec.ts     | 126 +++++++++++++
 client/tests/pw/e2e/my_profile_page.spec.ts   |  13 +-
 17 files changed, 417 insertions(+), 415 deletions(-)
 delete mode 100644 client/tests/e2e/specs/test_export_recovery_device_page.ts
 delete mode 100644 client/tests/e2e/specs/test_import_recovery_device_page.ts
 create mode 100644 client/tests/pw/data/recovery/fake_recovery_file.txt
 create mode 100644 client/tests/pw/data/recovery/recovery_file.psrk
 create mode 100644 client/tests/pw/e2e/export_recovery_device.spec.ts
 create mode 100644 client/tests/pw/e2e/import_recovery_device.spec.ts

diff --git a/client/src/locales/en-US.json b/client/src/locales/en-US.json
index e0257629b66..51b5116468b 100644
--- a/client/src/locales/en-US.json
+++ b/client/src/locales/en-US.json
@@ -173,7 +173,13 @@
             "archiveFailure": "Failed to archive the device."
         },
         "organizationActionSheet": "Organization",
-        "keyringFailed": "Could not log in",
+        "loginErrors": {
+            "keyringFailed": "Could not log in",
+            "keyringFailedTitle": "Login failed",
+            "keyringFailedQuestion": "Could not login to this device using the system authentication. Would you like to use a recovery device?",
+            "keyringFailedUsedRecovery": "Use a recovery device",
+            "keyringFailedAbort": "No"
+        },
         "bmsOrganizationNotFound": "Could not find the organization {organization} on this device.",
         "noDevices": {
             "titleCreateOrga": "New to Parsec?",
@@ -702,16 +708,16 @@
         "joinedOn": "Joined:",
         "now": "Now",
         "restorePassword": {
-            "title": "Password recovery files",
+            "title": "Authentication recovery files",
             "done": {
-                "subtitle": "Password recovery files have been created and downloaded.",
+                "subtitle": "Authentication recovery files have been created and downloaded.",
                 "label": "Files already downloaded",
                 "button": "Re-download recovery files"
             },
             "notDone": {
                 "label": "Action required",
                 "subtitle": "Parsec does not store your password.",
-                "subtitle2": "These files can be used to reset your password on a device if you forget it.",
+                "subtitle2": "These files can be used to reset your authentication on a device.",
                 "button": "Create recovery files"
             }
         },
@@ -807,20 +813,20 @@
             "forgottenPassword": "Forgotten password",
             "recoveryFile": "Recovery file",
             "recoveryKey": "Secret key",
-            "setNewPassword": "Choose a new password",
-            "passwordChanged": "Password was successfully changed!"
+            "setNewPassword": "Choose a new authentication",
+            "passwordChanged": "Authentication was successfully updated!"
         },
         "subtitles": {
-            "recoveryFilesMustExistWarning": "You must have created recovery files in order to reset your password.",
+            "recoveryFilesMustExistWarning": "You must have created recovery files in order to reset your authentication.",
             "password": "Password",
-            "passwordModified": "You can now login with your new password.",
+            "passwordModified": "You can now login with your new authentication.",
             "noFileSelected": "No file selected"
         },
         "actions": {
             "browse": "Browse",
             "next": "Next",
-            "validatePassword": "Validate password",
-            "goBackToLogin": "Go back to login"
+            "validateAuth": "Confirm",
+            "login": "Login"
         },
         "errors": {
             "fileErrorMessage": "Invalid recovery file.",
@@ -828,7 +834,8 @@
             "passwordErrorMessage": "Passwords do not match or are not strong enough.",
             "saveDeviceErrorMessage": "An error has occurred, the device recovery failed.",
             "internalErrorMessage": "An error has occurred"
-        }
+        },
+        "secretKeyPlaceholder": "FH3H-N3DW-ABED-A6Q7-..."
     },
     "ExportRecoveryDevicePage": {
         "titles": {
@@ -854,8 +861,11 @@
             "keyDownloadOk": "The secret key was successfully downloaded"
         },
         "filenames": {
-            "recoveryFile": "Parsec_Recovery_File_{org}.data",
+            "recoveryFile": "Parsec_Recovery_File_{org}.psrk",
             "recoveryKey": "Parsec_Recovery_Code_{org}.txt"
+        },
+        "errors": {
+            "exportFailed": "Failed to create a recovery device."
         }
     },
     "SasCodeChoice": {
diff --git a/client/src/locales/fr-FR.json b/client/src/locales/fr-FR.json
index ddea86606bf..1b4d7973150 100644
--- a/client/src/locales/fr-FR.json
+++ b/client/src/locales/fr-FR.json
@@ -173,7 +173,13 @@
             "archiveFailure": "Impossible d'archiver l'appareil."
         },
         "organizationActionSheet": "Organisation",
-        "keyringFailed": "Impossible de se connecter",
+        "loginErrors": {
+            "keyringFailed": "Impossible de se connecter",
+            "keyringFailedTitle": "Impossible de se connecter",
+            "keyringFailedQuestion": "La connexion à cet appareil en utilisant l'authentification du système a échoué. Souhaitez-vous utiliser un appareil de récupération ?",
+            "keyringFailedUsedRecovery": "Utiliser un appareil de récupération",
+            "keyringFailedAbort": "Non"
+        },
         "bmsOrganizationNotFound": "Impossible de trouver l'organisation {organization} sur cet appareil.",
         "noDevices": {
             "titleCreateOrga": "Vous débutez sur Parsec ?",
@@ -702,16 +708,16 @@
         "joinedOn": "Rejoint :",
         "now": "À l'instant",
         "restorePassword": {
-            "title": "Fichiers de récupération de mot de passe",
+            "title": "Fichiers de récupération d'authentification'",
             "done": {
-                "subtitle": "Vous avez créé et sauvegardé les fichiers de récupération de mot de passe.",
+                "subtitle": "Vous avez créé et sauvegardé les fichiers de récupération d'authentification'.",
                 "label": "Fichiers déjà téléchargés",
                 "button": "Re-télécharger les fichiers"
             },
             "notDone": {
                 "label": "Action requise",
                 "subtitle": "Parsec ne garde pas votre mot de passe.",
-                "subtitle2": "Ces fichiers vous permettent de réinitialiser votre mot de passe sur un appareil en cas d'oubli.",
+                "subtitle2": "Ces fichiers vous permettent de réinitialiser votre authentification sur un appareil en cas d'oubli.",
                 "button": "Créer des fichiers de récupération"
             }
         },
@@ -807,20 +813,20 @@
             "forgottenPassword": "Mot de passe oublié",
             "recoveryFile": "Fichier de récupération",
             "recoveryKey": "Clé secrète",
-            "setNewPassword": "Définissez un nouveau mot de passe",
-            "passwordChanged": "Le mot de passe a bien été modifié"
+            "setNewPassword": "Choisissez votre méthode d'authentification",
+            "passwordChanged": "L'authentification a bien été modifiée"
         },
         "subtitles": {
-            "recoveryFilesMustExistWarning": "Vous devez avoir créé des fichiers de récupération pour réinitialiser votre mot de passe.",
+            "recoveryFilesMustExistWarning": "Vous devez avoir créé des fichiers de récupération pour réinitialiser votre authentification.",
             "password": "Mot de passe",
-            "passwordModified": "Vous pouvez vous connecter avec votre nouveau mot de passe.",
+            "passwordModified": "Vous pouvez vous connecter avec votre nouvelle authentification.",
             "noFileSelected": "Aucun fichier sélectionné"
         },
         "actions": {
             "browse": "Parcourir",
             "next": "Suivant",
-            "validatePassword": "Valider mon mot de passe",
-            "goBackToLogin": "Revenir à la connexion"
+            "validateAuth": "Confirmer",
+            "login": "Se connecter"
         },
         "errors": {
             "fileErrorMessage": "Le fichier de récupération est invalide.",
@@ -828,7 +834,8 @@
             "passwordErrorMessage": "Les mots de passe ne correspondent pas ou ne sont pas assez forts.",
             "saveDeviceErrorMessage": "Une erreur est survenue, la récupération d'appareil a échoué.",
             "internalErrorMessage": "Une erreur est survenue"
-        }
+        },
+        "secretKeyPlaceholder": "FH3H-N3DW-ABED-A6Q7-.."
     },
     "ExportRecoveryDevicePage": {
         "titles": {
@@ -854,8 +861,11 @@
             "keyDownloadOk": "La clé secrète a bien été téléchargée"
         },
         "filenames": {
-            "recoveryFile": "Parsec_Fichier_Récupération_{org}.data",
+            "recoveryFile": "Parsec_Fichier_Récupération_{org}.psrk",
             "recoveryKey": "Parsec_Code_Récupération_{org}.txt"
+        },
+        "errors": {
+            "exportFailed": "Impossible de créer un appareil de récupération."
         }
     },
     "SasCodeChoice": {
diff --git a/client/src/parsec/device.ts b/client/src/parsec/device.ts
index 3a2b58405f1..8a4daa7ccd6 100644
--- a/client/src/parsec/device.ts
+++ b/client/src/parsec/device.ts
@@ -1,14 +1,19 @@
 // Parsec Cloud (https://parsec.cloud) Copyright (c) BUSL-1.1 2016-present Scille SAS
 
 import { needsMocks } from '@/parsec/environment';
+import { getClientConfig } from '@/parsec/internals';
 import { getClientInfo } from '@/parsec/login';
 import { getParsecHandle } from '@/parsec/routing';
 import {
+  ClientExportRecoveryDeviceError,
   ClientListUserDevicesError,
   ClientListUserDevicesErrorTag,
   DeviceFileType,
   DeviceInfo,
   DevicePurpose,
+  DeviceSaveStrategy,
+  ImportRecoveryDeviceError,
+  ImportRecoveryDeviceErrorTag,
   OwnDeviceInfo,
   Result,
   UserID,
@@ -18,113 +23,52 @@ import { DateTime } from 'luxon';
 
 const RECOVERY_DEVICE_PREFIX = 'recovery';
 
-export type SecretKey = string;
-
-export interface RecoveryDeviceData {
-  code: string;
-  file: string;
-}
-
-export enum RecoveryDeviceErrorTag {
-  Internal = 'internal',
-  Invalid = 'invalid',
-}
-
-export enum RecoveryImportErrorTag {
-  Internal = 'internal',
-  KeyError = 'keyError',
-  RecoveryFileError = 'recoveryFileError',
-}
-
-export interface RecoveryDeviceError {
-  tag: RecoveryDeviceErrorTag.Internal;
-}
-
-export interface WrongAuthenticationError {
-  tag: RecoveryDeviceErrorTag.Invalid;
-}
-
-export interface RecoveryImportInternalError {
-  tag: RecoveryImportErrorTag.Internal;
-}
-
-export interface RecoveryImportFileError {
-  tag: RecoveryImportErrorTag.RecoveryFileError;
-}
-
-export interface RecoveryImportKeyError {
-  tag: RecoveryImportErrorTag.KeyError;
+function generateRecoveryDeviceLabel(): string {
+  return `${RECOVERY_DEVICE_PREFIX}_${DateTime.utc().toMillis()}`;
 }
 
-export type RecoveryImportError = RecoveryImportInternalError | RecoveryImportFileError | RecoveryImportKeyError;
-
-export async function exportRecoveryDevice(_password: string): Promise<Result<RecoveryDeviceData, WrongAuthenticationError>> {
+export async function exportRecoveryDevice(): Promise<Result<[string, Uint8Array], ClientExportRecoveryDeviceError>> {
   const handle = getParsecHandle();
 
-  if (_password !== 'P@ssw0rd.') {
-    return { ok: false, error: { tag: RecoveryDeviceErrorTag.Invalid } };
-  }
-
   if (handle !== null && !needsMocks()) {
-    return {
-      ok: true,
-      value: {
-        code: 'ABCDEF',
-        file: 'Q2lnYXJlQU1vdXN0YWNoZQ==',
-      },
-    };
+    return await libparsec.clientExportRecoveryDevice(handle, generateRecoveryDeviceLabel());
   } else {
     return {
       ok: true,
-      value: {
-        code: 'ABCDEF',
-        file: 'Q2lnYXJlQU1vdXN0YWNoZQ==',
-      },
+      value: ['ABCDEF', new Uint8Array([0x6d, 0x65, 0x6f, 0x77])],
     };
   }
 }
 
+function areArraysEqual(a: Uint8Array, b: Uint8Array): boolean {
+  return a.every((val, index) => {
+    return val === b[index];
+  });
+}
+
 export async function importRecoveryDevice(
   deviceLabel: string,
-  file: File,
-  _passphrase: string,
-): Promise<Result<DeviceInfo, RecoveryImportError>> {
-  const handle = getParsecHandle();
+  recoveryData: Uint8Array,
+  passphrase: string,
+  saveStrategy: DeviceSaveStrategy,
+): Promise<Result<AvailableDevice, ImportRecoveryDeviceError>> {
+  if (!needsMocks()) {
+    const result = await libparsec.importRecoveryDevice(getClientConfig(), recoveryData, passphrase, deviceLabel, saveStrategy);
+    if (result.ok) {
+      result.value.createdOn = DateTime.fromSeconds(result.value.createdOn as any as number);
+      result.value.protectedOn = DateTime.fromSeconds(result.value.protectedOn as any as number);
+    }
+    return result;
+  }
 
   // cspell:disable-next-line
-  if (_passphrase !== 'ABCD-EFGH-IJKL-MNOP-QRST-UVWX-YZ12-3456-7890-ABCD-EFGH-IJKL-MNOP') {
-    return { ok: false, error: { tag: RecoveryImportErrorTag.KeyError } };
+  if (passphrase !== 'ABCD-EFGH-IJKL-MNOP-QRST-UVWX-YZ12-3456-7890-ABCD-EFGH-IJKL-MNOP') {
+    return { ok: false, error: { tag: ImportRecoveryDeviceErrorTag.InvalidPassphrase, error: 'Wrong passphrase' } };
   }
-  if (!file.name.endsWith('.psrk')) {
-    return { ok: false, error: { tag: RecoveryImportErrorTag.RecoveryFileError } };
+  if (areArraysEqual(recoveryData, new Uint8Array([78, 79, 80, 10]))) {
+    return { ok: false, error: { tag: ImportRecoveryDeviceErrorTag.InvalidData, error: 'Wrong data' } };
   }
-  if (handle !== null && !needsMocks()) {
-    return {
-      ok: true,
-      value: {
-        id: 'fake_id',
-        deviceLabel: deviceLabel,
-        purpose: DevicePurpose.Standard,
-        createdOn: DateTime.now(),
-        createdBy: null,
-      },
-    };
-  } else {
-    return {
-      ok: true,
-      value: {
-        id: 'fake_id',
-        deviceLabel: deviceLabel,
-        purpose: DevicePurpose.Standard,
-        createdOn: DateTime.now(),
-        createdBy: null,
-      },
-    };
-  }
-}
 
-export async function saveDevice(deviceInfo: DeviceInfo, _password: string): Promise<Result<AvailableDevice, RecoveryImportError>> {
-  // const _saveStrategy: DeviceSaveStrategyPassword = { tag: DeviceSaveStrategyTag.Password, password: password };
   return {
     ok: true,
     value: {
@@ -134,29 +78,17 @@ export async function saveDevice(deviceInfo: DeviceInfo, _password: string): Pro
       protectedOn: DateTime.utc(),
       organizationId: 'dummy_org',
       userId: 'dummy_user_id',
-      deviceId: deviceInfo.id,
+      deviceId: 'device_id',
       humanHandle: {
         email: 'dummy_email@email.dum',
         label: 'dummy_label',
       },
-      deviceLabel: deviceInfo.deviceLabel,
+      deviceLabel: deviceLabel,
       ty: DeviceFileType.Password,
     },
   };
 }
 
-export async function deleteDevice(_device: AvailableDevice): Promise<Result<boolean>> {
-  return { ok: true, value: true };
-}
-
-export async function hasRecoveryDevice(): Promise<boolean> {
-  const result = await listOwnDevices();
-  if (!result.ok) {
-    return false;
-  }
-  return result.value.some((deviceInfo: OwnDeviceInfo) => deviceInfo.id.startsWith(RECOVERY_DEVICE_PREFIX));
-}
-
 export async function listOwnDevices(): Promise<Result<Array<OwnDeviceInfo>, ClientListUserDevicesError>> {
   const handle = getParsecHandle();
 
@@ -168,6 +100,7 @@ export async function listOwnDevices(): Promise<Result<Array<OwnDeviceInfo>, Cli
       if (result.ok) {
         result.value.map((device) => {
           (device as OwnDeviceInfo).isCurrent = device.id === clientResult.value.deviceId;
+          (device as OwnDeviceInfo).isRecovery = device.deviceLabel.startsWith(RECOVERY_DEVICE_PREFIX);
           return device;
         });
       }
@@ -181,32 +114,17 @@ export async function listOwnDevices(): Promise<Result<Array<OwnDeviceInfo>, Cli
   } else {
     return {
       ok: true,
-      value: [
-        {
-          id: 'device1',
-          deviceLabel: 'Web',
-          purpose: DevicePurpose.Standard,
+      value: [1, 2, 3].map((n) => {
+        return {
+          id: `device${n}`,
+          deviceLabel: n === 3 ? `${RECOVERY_DEVICE_PREFIX}_device${n}` : `device${n}`,
           createdOn: DateTime.now(),
           createdBy: 'some_device',
-          isCurrent: true,
-        },
-        {
-          id: 'device2',
-          deviceLabel: 'Web',
-          purpose: DevicePurpose.Standard,
-          createdOn: DateTime.now(),
-          createdBy: 'device1',
-          isCurrent: false,
-        },
-        {
-          id: `${RECOVERY_DEVICE_PREFIX}_device`,
-          deviceLabel: 'Recovery Device',
-          purpose: DevicePurpose.PassphraseRecovery,
-          createdOn: DateTime.now(),
-          createdBy: 'device1',
-          isCurrent: false,
-        },
-      ],
+          isCurrent: n === 1,
+          isRecovery: n === 3,
+          purpose: n === 3 ? DevicePurpose.PassphraseRecovery : DevicePurpose.Standard,
+        };
+      }),
     };
   }
 }
@@ -222,7 +140,7 @@ export async function listUserDevices(user: UserID): Promise<Result<Array<Device
         return item;
       });
     }
-    return result as any as Promise<Result<Array<DeviceInfo>, ClientListUserDevicesError>>;
+    return result;
   } else {
     return {
       ok: true,
diff --git a/client/src/parsec/types.ts b/client/src/parsec/types.ts
index ddbcbaaed93..8e1c287dc82 100644
--- a/client/src/parsec/types.ts
+++ b/client/src/parsec/types.ts
@@ -9,6 +9,7 @@ export {
   ClientChangeAuthenticationErrorTag,
   ClientCreateWorkspaceErrorTag,
   ClientEventTag,
+  ClientExportRecoveryDeviceErrorTag,
   ClientInfoErrorTag,
   ClientListUserDevicesErrorTag,
   ClientListUsersErrorTag,
@@ -29,6 +30,7 @@ export {
   DeviceSaveStrategyTag,
   EntryStatTag as FileType,
   GreetInProgressErrorTag,
+  ImportRecoveryDeviceErrorTag,
   InvitationEmailSentStatus,
   InvitationStatus,
   ListInvitationsErrorTag,
@@ -74,6 +76,7 @@ export type {
   ClientEvent,
   ClientEventInvitationChanged,
   ClientEventPing,
+  ClientExportRecoveryDeviceError,
   ClientGetTosError,
   ClientInfo,
   ClientInfoError,
@@ -111,6 +114,7 @@ export type {
   FileDescriptor,
   VlobID as FileID,
   GreetInProgressError,
+  ImportRecoveryDeviceError,
   InvitationToken,
   ListInvitationsError,
   MountpointToOsPathError,
@@ -204,6 +208,7 @@ interface UserInfo extends ParsecUserInfo {
 
 interface OwnDeviceInfo extends DeviceInfo {
   isCurrent: boolean;
+  isRecovery: boolean;
 }
 
 interface EntryStatFolder extends ParsecEntryStatFolder {
diff --git a/client/src/views/devices/DevicesPage.vue b/client/src/views/devices/DevicesPage.vue
index 07040160e0b..3831018b971 100644
--- a/client/src/views/devices/DevicesPage.vue
+++ b/client/src/views/devices/DevicesPage.vue
@@ -33,6 +33,7 @@
             v-for="device in devices"
             :key="device.id"
             class="device-list-item ion-no-padding"
+            v-show="!device.isRecovery"
           >
             <device-card
               :label="device.deviceLabel"
@@ -45,11 +46,11 @@
     </div>
 
     <!-- restore password card -->
-    <div v-show="false">
+    <div>
       <!-- files not downloaded -->
       <div
         class="restore-password"
-        v-if="!passwordSaved"
+        v-if="!hasRecoveryDevice"
       >
         <ion-label class="body-sm danger">
           {{ $msTranslate('DevicesPage.restorePassword.notDone.label') }}
@@ -64,10 +65,7 @@
           </h3>
         </div>
         <div class="restore-password-subtitles">
-          <ion-text
-            class="body"
-            :show="passwordSaved"
-          >
+          <ion-text class="body">
             {{ $msTranslate('DevicesPage.restorePassword.notDone.subtitle') }}
           </ion-text>
           <ion-text class="body">
@@ -130,22 +128,35 @@
 <script setup lang="ts">
 import { MsImage, MsModalResult, PasswordLock } from 'megashark-lib';
 import DeviceCard from '@/components/devices/DeviceCard.vue';
-import { OwnDeviceInfo, hasRecoveryDevice, listOwnDevices } from '@/parsec';
-import { Routes, navigateTo } from '@/router';
+import { OwnDeviceInfo, listOwnDevices } from '@/parsec';
+import { Routes, navigateTo, watchRoute, getCurrentRouteName } from '@/router';
 import { Information, InformationLevel, InformationManager, InformationManagerKey, PresentationMode } from '@/services/informationManager';
 import GreetDeviceModal from '@/views/devices/GreetDeviceModal.vue';
 import { IonButton, IonIcon, IonItem, IonLabel, IonList, IonText, modalController } from '@ionic/vue';
 import { add, download, sparkles } from 'ionicons/icons';
-import { Ref, inject, onMounted, ref } from 'vue';
+import { Ref, inject, onMounted, ref, computed, onUnmounted } from 'vue';
 
 const informationManager: InformationManager = inject(InformationManagerKey)!;
 const devices: Ref<OwnDeviceInfo[]> = ref([]);
-const passwordSaved = ref(false);
+const hasRecoveryDevice = computed(() => {
+  return devices.value.find((device) => device.isRecovery) !== undefined;
+});
+
+const routeWatchCancel = watchRoute(async () => {
+  if (getCurrentRouteName() !== Routes.MyProfile) {
+    return;
+  }
+  await refreshDevicesList();
+});
 
 onMounted(async () => {
   await refreshDevicesList();
 });
 
+onUnmounted(async () => {
+  routeWatchCancel();
+});
+
 async function goToExportRecoveryDevice(): Promise<void> {
   await navigateTo(Routes.RecoveryExport);
 }
@@ -154,9 +165,6 @@ async function refreshDevicesList(): Promise<void> {
   const result = await listOwnDevices();
   if (result.ok) {
     devices.value = result.value;
-    if (await hasRecoveryDevice()) {
-      passwordSaved.value = true;
-    }
   } else {
     informationManager.present(
       new Information({
@@ -211,6 +219,8 @@ async function onAddDeviceClick(): Promise<void> {
 
 .devices-content {
   margin-top: 2rem;
+  max-height: 16em;
+  overflow-y: auto;
 
   .devices-list {
     margin: 0;
diff --git a/client/src/views/devices/ExportRecoveryDevicePage.vue b/client/src/views/devices/ExportRecoveryDevicePage.vue
index a1ab5eff0dd..2a11714c7c6 100644
--- a/client/src/views/devices/ExportRecoveryDevicePage.vue
+++ b/client/src/views/devices/ExportRecoveryDevicePage.vue
@@ -98,6 +98,11 @@
                   {{ $msTranslate('ExportRecoveryDevicePage.subtitles.keyExplanation') }}
                 </ion-text>
               </div>
+              <!-- Used to trigger the download -->
+              <a
+                ref="downloadLink"
+                v-show="false"
+              />
               <div
                 class="file-item__downloaded body"
                 v-show="recoveryKeyDownloaded"
@@ -125,15 +130,11 @@
               </div>
             </div>
           </div>
-          <a
-            ref="downloadLink"
-            v-show="false"
-          />
           <div v-show="recoveryKeyDownloaded && recoveryFileDownloaded">
             <ion-button
               class="return-btn button-outline"
               fill="outline"
-              @click="routerGoBack()"
+              @click="goToDevicesPage"
               id="back-to-devices-button"
             >
               <ion-icon
@@ -150,11 +151,11 @@
 </template>
 
 <script setup lang="ts">
-import { RecoveryDeviceErrorTag, exportRecoveryDevice } from '@/parsec';
+import { exportRecoveryDevice } from '@/parsec';
 import { getClientInfo } from '@/parsec/login';
-import { routerGoBack } from '@/router';
+import { navigateTo, Routes } from '@/router';
 import { Information, InformationLevel, InformationManager, InformationManagerKey, PresentationMode } from '@/services/informationManager';
-import { MsInformativeText, Translatable, I18n, getPasswordFromUser } from 'megashark-lib';
+import { MsInformativeText, I18n, Translatable } from 'megashark-lib';
 import { IonButton, IonContent, IonIcon, IonPage, IonText } from '@ionic/vue';
 import { checkmarkCircle, document, download, home, key, reload } from 'ionicons/icons';
 import { inject, onMounted, ref } from 'vue';
@@ -166,7 +167,7 @@ enum ExportDevicePageState {
 
 const state = ref(ExportDevicePageState.Start);
 let code = '';
-let file = '';
+let content = new Uint8Array();
 const downloadLink = ref();
 const recoveryKeyDownloaded = ref(false);
 const recoveryFileDownloaded = ref(false);
@@ -179,19 +180,9 @@ onMounted(async (): Promise<void> => {
 });
 
 async function exportDevice(): Promise<void> {
-  const password = await getPasswordFromUser({
-    title: 'PasswordInputModal.passwordNeeded',
-    subtitle: { key: 'PasswordInputModal.enterPassword', data: { org: orgId.value } },
-    inputLabel: 'PasswordInputModal.password',
-    okButtonText: 'PasswordInputModal.validate',
-  });
-  if (!password) {
-    return;
-  }
-  const result = await exportRecoveryDevice(password);
+  const result = await exportRecoveryDevice();
   if (!result.ok) {
-    const notificationMsg =
-      result.error.tag === RecoveryDeviceErrorTag.Invalid ? 'PasswordInputModal.invalid' : 'PasswordInputModal.otherError';
+    const notificationMsg = 'ExportRecoveryDevicePage.errors.exportFailed';
     // toast atm but to be changed
     informationManager.present(
       new Information({
@@ -202,13 +193,13 @@ async function exportDevice(): Promise<void> {
     );
     return;
   }
-  code = result.value.code;
-  file = result.value.file;
+  code = result.value[0];
+  content = result.value[1];
   state.value = ExportDevicePageState.Download;
 }
 
 async function downloadRecoveryKey(): Promise<void> {
-  fileDownload(code, { key: 'ExportRecoveryDevicePage.filenames.recoveryKey', data: { org: orgId.value } });
+  await downloadFile(code, 'text/plain', { key: 'ExportRecoveryDevicePage.filenames.recoveryKey', data: { org: orgId.value } });
   setTimeout(() => {
     recoveryKeyDownloaded.value = true;
     informationManager.present(
@@ -222,7 +213,10 @@ async function downloadRecoveryKey(): Promise<void> {
 }
 
 async function downloadRecoveryFile(): Promise<void> {
-  fileDownload(file, { key: 'ExportRecoveryDevicePage.filenames.recoveryFile', data: { org: orgId.value } });
+  await downloadFile(content, 'application/octet-stream', {
+    key: 'ExportRecoveryDevicePage.filenames.recoveryFile',
+    data: { org: orgId.value },
+  });
   setTimeout(() => {
     recoveryFileDownloaded.value = true;
     informationManager.present(
@@ -235,11 +229,22 @@ async function downloadRecoveryFile(): Promise<void> {
   }, 500);
 }
 
-async function fileDownload(data: string, fileName: Translatable): Promise<void> {
-  downloadLink.value.setAttribute('href', `data:text/plain;charset=utf-8, ${encodeURIComponent(data)}`);
+async function downloadFile(
+  data: Uint8Array | string,
+  contentType: 'application/octet-stream' | 'text/plain',
+  fileName: Translatable,
+): Promise<void> {
+  const blob = new Blob([data], { type: contentType });
+  const url = window.URL.createObjectURL(blob);
+
+  downloadLink.value.setAttribute('href', url);
   downloadLink.value.setAttribute('download', I18n.translate(fileName));
   downloadLink.value.click();
 }
+
+async function goToDevicesPage(): Promise<void> {
+  await navigateTo(Routes.MyProfile, { replace: true });
+}
 </script>
 
 <style scoped lang="scss">
diff --git a/client/src/views/devices/ImportRecoveryDevicePage.vue b/client/src/views/devices/ImportRecoveryDevicePage.vue
index 7e853050d4c..373bd4f60ca 100644
--- a/client/src/views/devices/ImportRecoveryDevicePage.vue
+++ b/client/src/views/devices/ImportRecoveryDevicePage.vue
@@ -75,7 +75,7 @@
               <ms-input
                 class="recovery-list-item__input"
                 id="secret-key-input"
-                :placeholder="secretKeyPlaceholder"
+                placeholder="ImportRecoveryDevicePage.secretKeyPlaceholder"
                 v-model="secretKey"
                 @change="checkSecretKeyValidity()"
               />
@@ -100,9 +100,9 @@
       </ion-card-content>
     </ion-card>
   </div>
-  <!-- step 2: new password -->
+  <!-- step 2: new authentication -->
   <div
-    v-else-if="state === ImportDevicePageState.Password"
+    v-else-if="state === ImportDevicePageState.Authentication"
     class="recovery-content password-input"
   >
     <div class="recovery-header">
@@ -111,18 +111,14 @@
       </ion-title>
     </div>
     <ion-card class="recovery-card">
-      <ms-choose-password-input
-        :password-label="'ImportRecoveryDevicePage.titles.setNewPassword'"
-        @on-enter-keyup="createNewDevice()"
-        ref="choosePasswordInput"
-      />
+      <choose-authentication ref="chooseAuthRef" />
       <ion-button
         id="validate-password-btn"
         class="validate-button"
         :disabled="!changeButtonIsEnabled"
         @click="createNewDevice()"
       >
-        {{ $msTranslate('ImportRecoveryDevicePage.actions.validatePassword') }}
+        {{ $msTranslate('ImportRecoveryDevicePage.actions.validateAuth') }}
       </ion-button>
     </ion-card>
   </div>
@@ -141,9 +137,9 @@
       </ms-informative-text>
       <ion-button
         class="success-card__button"
-        @click="onLoginClick()"
+        @click="onLoginClick"
       >
-        {{ $msTranslate('ImportRecoveryDevicePage.actions.goBackToLogin') }}
+        {{ $msTranslate('ImportRecoveryDevicePage.actions.login') }}
       </ion-button>
     </ion-card>
   </div>
@@ -151,33 +147,38 @@
 
 <script setup lang="ts">
 import { secretKeyValidator } from '@/common/validators';
-import { MsChoosePasswordInput, MsInformativeText, MsReportText, MsReportTheme, MsInput, asyncComputed, Validity } from 'megashark-lib';
+import { MsInformativeText, MsReportText, MsReportTheme, MsInput, asyncComputed, Validity } from 'megashark-lib';
+import ChooseAuthentication from '@/components/devices/ChooseAuthentication.vue';
 import OrganizationCard from '@/components/organizations/OrganizationCard.vue';
-import { AvailableDevice, DeviceInfo, RecoveryImportErrorTag, SecretKey, deleteDevice, importRecoveryDevice, saveDevice } from '@/parsec';
-import { Information, InformationLevel, InformationManager, InformationManagerKey, PresentationMode } from '@/services/informationManager';
+import { AvailableDevice, importRecoveryDevice, ImportRecoveryDeviceErrorTag } from '@/parsec';
+import { Information, InformationLevel, InformationManager, PresentationMode } from '@/services/informationManager';
 import { IonButton, IonCard, IonCardContent, IonCardTitle, IonIcon, IonTitle } from '@ionic/vue';
 import { checkmarkCircle } from 'ionicons/icons';
-import { Ref, inject, onMounted, ref } from 'vue';
+import { Ref, inject, ref } from 'vue';
+import { InjectionProvider, InjectionProviderKey } from '@/services/injectionProvider';
 
 enum ImportDevicePageState {
   Start = 'start',
-  Password = 'password',
+  Authentication = 'authentication',
   Done = 'done',
 }
 
 const state = ref(ImportDevicePageState.Start);
-const choosePasswordInput: Ref<typeof MsChoosePasswordInput | null> = ref(null);
+const chooseAuthRef = ref();
 const hiddenInput = ref();
-const secretKey: Ref<SecretKey> = ref('');
-// cspell:disable-next-line
-const secretKeyPlaceholder = 'FH3H-N3DW-RUOO-A6Q7-...';
-const changeButtonIsEnabled = asyncComputed(async (): Promise<boolean> => {
-  return choosePasswordInput.value && (await choosePasswordInput.value.areFieldsCorrect());
-});
+const secretKey: Ref<string> = ref('');
 const recoveryFile: Ref<File | null> = ref(null);
-const newDeviceInfo: Ref<DeviceInfo | null> = ref(null);
 const isSecretKeyValid = ref(false);
-const informationManager: InformationManager = inject(InformationManagerKey)!;
+const injectionProvider: InjectionProvider = inject(InjectionProviderKey)!;
+const informationManager: InformationManager = injectionProvider.getDefault().informationManager;
+let newDevice: AvailableDevice;
+
+const changeButtonIsEnabled = asyncComputed(async (): Promise<boolean> => {
+  if (!chooseAuthRef.value) {
+    return false;
+  }
+  return await chooseAuthRef.value.areFieldsCorrect();
+});
 
 const emits = defineEmits<{
   (e: 'organizationSelected', device: AvailableDevice): void;
@@ -187,17 +188,15 @@ const props = defineProps<{
   device: AvailableDevice;
 }>();
 
-onMounted(() => {
-  hiddenInput.value.addEventListener('change', onInputChange);
-});
-
 async function onInputChange(_event: Event): Promise<void> {
   if (hiddenInput.value.files.length === 1) {
     recoveryFile.value = hiddenInput.value.files[0];
   }
+  hiddenInput.value.removeEventListener('change');
 }
 
 async function importButtonClick(): Promise<void> {
+  hiddenInput.value.addEventListener('change', onInputChange);
   hiddenInput.value.click();
 }
 
@@ -206,73 +205,61 @@ async function checkSecretKeyValidity(): Promise<void> {
 }
 
 async function goToPasswordChange(): Promise<void> {
+  state.value = ImportDevicePageState.Authentication;
+}
+
+async function createNewDevice(): Promise<void> {
   if (!recoveryFile.value) {
     return;
   }
-  const result = await importRecoveryDevice(props.device.deviceLabel, recoveryFile.value, secretKey.value);
+  if (!(await chooseAuthRef.value.areFieldsCorrect())) {
+    return;
+  }
+
+  const reader = recoveryFile.value.stream().getReader();
+  const content = new Uint8Array(recoveryFile.value.size);
+  let offset = 0;
+  let buffer = await reader.read();
+  while (!buffer.done) {
+    content.set(buffer.value, offset);
+    offset += buffer.value.length;
+    buffer = await reader.read();
+  }
+  if (buffer.value) {
+    content.set(buffer.value, offset);
+  }
+
+  const result = await importRecoveryDevice(
+    props.device.deviceLabel,
+    content,
+    secretKey.value.trim(),
+    chooseAuthRef.value.getSaveStrategy(),
+  );
   if (result.ok) {
-    newDeviceInfo.value = result.value;
-    state.value = ImportDevicePageState.Password;
+    newDevice = result.value;
+
+    state.value = ImportDevicePageState.Done;
   } else {
     const notificationInfo = { message: '', level: InformationLevel.Error };
 
     switch (result.error.tag) {
-      case RecoveryImportErrorTag.KeyError:
+      case ImportRecoveryDeviceErrorTag.InvalidPassphrase:
         notificationInfo.message = 'ImportRecoveryDevicePage.errors.keyErrorMessage';
         break;
-      case RecoveryImportErrorTag.RecoveryFileError:
+      case ImportRecoveryDeviceErrorTag.InvalidData:
         notificationInfo.message = 'ImportRecoveryDevicePage.errors.fileErrorMessage';
         break;
-      case RecoveryImportErrorTag.Internal:
+      default:
         notificationInfo.message = 'ImportRecoveryDevicePage.errors.internalErrorMessage';
         break;
     }
     informationManager.present(new Information(notificationInfo), PresentationMode.Toast);
+    state.value = ImportDevicePageState.Start;
   }
 }
 
-async function createNewDevice(): Promise<void> {
-  // Check matching and valid passwords
-  if (!choosePasswordInput.value || !(await choosePasswordInput.value.areFieldsCorrect())) {
-    informationManager.present(
-      new Information({
-        message: 'ImportRecoveryDevicePage.errors.passwordErrorMessage',
-        level: InformationLevel.Error,
-      }),
-      PresentationMode.Toast,
-    );
-    return;
-  }
-  // Check new device info exists
-  if (!newDeviceInfo.value) {
-    informationManager.present(
-      new Information({
-        message: 'ImportRecoveryDevicePage.errors.internalErrorMessage',
-        level: InformationLevel.Error,
-      }),
-      PresentationMode.Toast,
-    );
-    return;
-  }
-  // Save new device with password
-  if (!(await saveDevice(newDeviceInfo.value, 'newPassword')).ok) {
-    informationManager.present(
-      new Information({
-        message: 'ImportRecoveryDevicePage.errors.saveDeviceErrorMessage',
-        level: InformationLevel.Error,
-      }),
-      PresentationMode.Toast,
-    );
-    return;
-  }
-  // Delete previous device
-  await deleteDevice(props.device);
-
-  state.value = ImportDevicePageState.Done;
-}
-
 async function onLoginClick(): Promise<void> {
-  emits('organizationSelected', props.device);
+  emits('organizationSelected', newDevice);
 }
 </script>
 
@@ -286,6 +273,7 @@ async function onLoginClick(): Promise<void> {
   flex-direction: column;
   align-items: center;
   gap: 2rem;
+  box-shadow: none;
 }
 
 .recovery-header {
diff --git a/client/src/views/home/HomePage.vue b/client/src/views/home/HomePage.vue
index e1aeaa374ac..9f8684f7ee0 100644
--- a/client/src/views/home/HomePage.vue
+++ b/client/src/views/home/HomePage.vue
@@ -74,6 +74,7 @@ import {
   archiveDevice,
   AvailableDevice,
   ClientStartError,
+  ClientStartErrorTag,
   DeviceAccessStrategy,
   DeviceFileType,
   getDeviceHandle,
@@ -318,13 +319,25 @@ async function handleLoginError(device: AvailableDevice, error: ClientStartError
     await nextTick();
     loginPageRef.value.setLoginError(error);
   } else if (device.ty === DeviceFileType.Keyring) {
-    informationManager.present(
-      new Information({
-        message: 'HomePage.keyringFailed',
-        level: InformationLevel.Error,
-      }),
-      PresentationMode.Toast,
-    );
+    if (error.tag === ClientStartErrorTag.LoadDeviceDecryptionFailed) {
+      const answer = await askQuestion('HomePage.loginErrors.keyringFailedTitle', 'HomePage.loginErrors.keyringFailedQuestion', {
+        yesIsDangerous: false,
+        yesText: 'HomePage.loginErrors.keyringFailedUsedRecovery',
+        noText: 'HomePage.loginErrors.keyringFailedAbort',
+      });
+      if (answer === Answer.Yes) {
+        selectedDevice.value = device;
+        state.value = HomePageState.ForgottenPassword;
+      }
+    } else {
+      informationManager.present(
+        new Information({
+          message: 'HomePage.loginErrors.keyringFailed',
+          level: InformationLevel.Error,
+        }),
+        PresentationMode.Toast,
+      );
+    }
   } else {
     window.electronAPI.log('error', `Unhandled device authentication type ${device.ty}`);
   }
diff --git a/client/src/views/home/LoginPage.vue b/client/src/views/home/LoginPage.vue
index 93c5d011335..8720e815269 100644
--- a/client/src/views/home/LoginPage.vue
+++ b/client/src/views/home/LoginPage.vue
@@ -34,7 +34,6 @@
             :password-is-invalid="passwordIsInvalid"
           />
           <ion-button
-            v-show="false"
             fill="clear"
             @click="$emit('forgottenPasswordClick', device)"
             id="forgotten-password-button"
diff --git a/client/src/views/home/UserJoinOrganizationModal.vue b/client/src/views/home/UserJoinOrganizationModal.vue
index d26210f774f..455ecd6d297 100644
--- a/client/src/views/home/UserJoinOrganizationModal.vue
+++ b/client/src/views/home/UserJoinOrganizationModal.vue
@@ -389,7 +389,7 @@ async function nextStep(): Promise<void> {
     }
   } else if (pageStep.value === UserJoinOrganizationStep.GetUserInfo) {
     waitingForHost.value = true;
-    const deviceName = await getDefaultDeviceName();
+    const deviceName = getDefaultDeviceName();
     const result = await claimer.value.doClaim(deviceName, userInfoPage.value.fullName, userInfoPage.value.email);
     if (!result.ok) {
       await showErrorAndRestart('JoinOrganization.errors.sendUserInfoFailed');
diff --git a/client/tests/e2e/specs/test_export_recovery_device_page.ts b/client/tests/e2e/specs/test_export_recovery_device_page.ts
deleted file mode 100644
index 3e36fb1c090..00000000000
--- a/client/tests/e2e/specs/test_export_recovery_device_page.ts
+++ /dev/null
@@ -1,56 +0,0 @@
-// Parsec Cloud (https://parsec.cloud) Copyright (c) BUSL-1.1 2016-present Scille SAS
-
-describe('Display export recovery device page', () => {
-  beforeEach(() => {
-    cy.visitApp();
-    cy.login('Boby', 'P@ssw0rd.');
-    cy.get('#profile-button').click();
-    cy.get('.popover-viewport').find('ion-item').eq(2).click();
-    cy.get('.restore-password-button').click();
-  });
-
-  afterEach(() => {
-    cy.dropTestbed();
-  });
-
-  // it('Check export recovery device', () => {
-  //   cy.get('.topbar-left__title').find('.title-h2').contains('Recovery files');
-  //   cy.get('.recovery-container').find('.file-item').as('file-item').should('have.length', 2);
-  //   cy.get('@file-item').eq(0).contains('Recovery File');
-  //   cy.get('@file-item').eq(1).contains('Secret Key');
-  //   cy.get('.password-input-modal').should('not.exist');
-  //   cy.get('.recovery-container').find('#exportDevice').contains('I understand').click();
-  //   cy.get('.password-input-modal').should('exist');
-  //   cy.get('.password-input-modal').find('.ms-modal-header__title').contains('Password needed');
-  //   cy.get('.password-input-modal').find('.footer-md').find('#next-button').as('okButton').contains('Validate');
-  //   cy.get('@okButton').should('have.class', 'button-disabled');
-  //   cy.get('.password-input-modal').find('#ms-password-input').find('input').type('wr0ng.');
-  //   cy.get('@okButton').should('not.have.class', 'button-disabled').click();
-  //   cy.checkToastMessage('error', 'Invalid password.');
-  //   cy.get('.recovery-container').find('#exportDevice').contains('I understand').click();
-  //   cy.get('.password-input-modal').find('#ms-password-input').find('input').type('P@ssw0rd.');
-  //   cy.get('@okButton').should('not.have.class', 'button-disabled').click();
-  //   cy.get('.download').find('#back-to-devices-button').should('not.be.visible');
-  //   cy.get('.download').find('.file-item').as('file-item').should('have.length', 2);
-  //   cy.get('@file-item').eq(0).as('thirdItem').contains('Recovery File');
-  //   cy.get('@file-item').eq(1).as('fourthItem').contains('Secret Key');
-  //   cy.get('@thirdItem').find('#downloadButton').as('fileDownloadButton').should('not.have.class', 'button-disabled');
-  //   cy.get('@fourthItem').find('#downloadButton').as('keyDownloadButton').should('not.have.class', 'button-disabled');
-  //   cy.get('@thirdItem').contains('File downloaded').should('not.be.visible');
-  //   cy.get('@fourthItem').contains('File downloaded').should('not.be.visible');
-  //   cy.get('@fileDownloadButton').click();
-  //   cy.wait(500);
-  //   cy.checkToastMessage('success', 'The recovery file was successfully downloaded');
-  //   cy.get('@thirdItem').find('#downloadButton').should('be.visible');
-  //   cy.get('@thirdItem').find('#downloadButton').contains('Download again');
-  //   cy.get('@thirdItem').contains('File downloaded').should('be.visible');
-  //   cy.get('@keyDownloadButton').click();
-  //   cy.wait(500);
-  //   cy.checkToastMessage('success', 'The secret key was successfully downloaded');
-  //   cy.get('@fourthItem').find('#downloadButton').should('be.visible');
-  //   cy.get('@fourthItem').find('#downloadButton').contains('Download again');
-  //   cy.get('.recovery-container').find('#back-to-devices-button').as('returnButton').should('be.visible');
-  //   cy.get('@fourthItem').contains('File downloaded').should('be.visible');
-  //   cy.get('@returnButton').should('not.have.class', 'button-disabled').click();
-  // });
-});
diff --git a/client/tests/e2e/specs/test_import_recovery_device_page.ts b/client/tests/e2e/specs/test_import_recovery_device_page.ts
deleted file mode 100644
index ec14d78dd73..00000000000
--- a/client/tests/e2e/specs/test_import_recovery_device_page.ts
+++ /dev/null
@@ -1,78 +0,0 @@
-// Parsec Cloud (https://parsec.cloud) Copyright (c) BUSL-1.1 2016-present Scille SAS
-
-describe('Display import recovery device page', () => {
-  beforeEach(() => {
-    cy.visitApp();
-    cy.contains('Alicey McAliceFace').click();
-    cy.get('#forgotten-password-button').click();
-  });
-
-  afterEach(() => {
-    cy.dropTestbed();
-  });
-
-  //   it('Check import recovery device', () => {
-  //     // First state: file upload and secret key input
-  //     cy.get('.recovery-content').as('r-content').find('.recovery-header__title').contains('Forgotten password');
-  //     cy.get('@r-content').find('#warning-text').contains('You must have created recovery files in order to reset your password.');
-  //     cy.get('@r-content').find('#to-password-change-btn').should('have.class', 'button-disabled');
-  //     cy.get('@r-content').find('.recovery-list-item').as('file-item').should('have.length', 2);
-  //     cy.get('@file-item').eq(0).as('file').contains('Recovery file');
-  //     cy.get('@file').contains('No file selected');
-  //     // Upload invalid file
-  //     cy.wait(200);
-  //     cy.get('@file').find('#browse-button').click();
-  //     cy.get('input[type="file"]').attachFile('splash.png');
-  //     cy.get('@file').contains('splash.png');
-  //     // Input incomplete secret key
-  //     cy.get('@file-item').eq(1).as('key').contains('Secret key');
-  //     cy.get('@key').find('#secret-key-input').as('key-input').type('ABCD', { delay: 0 });
-  //     cy.get('@key').find('#checkmark-icon').should('not.be.visible');
-  //     cy.get('@r-content').find('#to-password-change-btn').should('have.class', 'button-disabled');
-  //     // Input 64-char secret key with one invalid character
-  //     // cspell:disable-next-line
-  //     cy.get('@key-input').type('-EFGH-IJKL-MNOP-QRST-UVWX-YZ12-3456-7890-ABCD-EFGH-IJKL-MNOp', { delay: 0 });
-  //     cy.get('@key').find('#checkmark-icon').should('not.be.visible');
-  //     // Input valid key but not the expected one
-  //     cy.get('@key-input').type('{backspace}O');
-  //     cy.get('@key').find('#checkmark-icon').should('be.visible');
-  //     cy.get('@r-content').find('#to-password-change-btn').as('toPassword').should('not.have.class', 'button-disabled').click();
-  //     cy.checkToastMessage('error', 'The secret key does not match the recovery file.');
-  //     // Input valid and expected secret key
-  //     cy.get('@key-input').type('{backspace}P');
-  //     cy.get('@toPassword').click();
-  //     cy.checkToastMessage('error', 'Invalid recovery file.');
-  //     // Replace uploaded file with valid one
-  //     cy.get('@file').find('#browse-button').click();
-  //     cy.get('input[type="file"]').attachFile('recoveryfile.psrk');
-  //     cy.get('@file').contains('recoveryfile.psrk');
-  //     cy.get('@toPassword').click();
-  //     // Second state: password input
-  //     cy.get('.info__text').contains(
-  //       'Your password must be secure and you must remember it. \
-  // We advise you to create several devices if possible and to share workspaces.',
-  //     );
-  //     cy.get('.password-criteria').contains(
-  //       'Make sure it corresponds to a strong level: avoid repetitions, overly common words and sequences.',
-  //     );
-  //     cy.get('.choose-password').find('.inputs-container-item').as('password-containers').should('have.length', 2);
-  //     cy.get('@password-containers').eq(0).should('contain', 'Choose a new password').find('ion-input').as('first-password-input');
-  //     // Input password first characters to test weak password recognition
-  //     cy.get('@first-password-input').find('input').type('A583n.');
-  //     cy.get('@password-containers').eq(1).should('contain', 'Confirm password').find('ion-input').find('input').type('A583n.x@f3.');
-  //     cy.get('@password-containers').eq(1).contains('Do not match');
-  //     cy.get('.password-level').find('.password-level-container').should('have.class', 'password-level-low');
-  //     cy.get('#validate-password-btn').should('have.class', 'button-disabled');
-  //     // Have same strong password in both input fields
-  //     cy.get('@first-password-input').find('input').type('x@f3.');
-  //     cy.get('@password-containers').eq(1).should('not.contain', 'Do not match');
-  //     cy.get('.password-level').find('.password-level-container').should('have.class', 'password-level-high');
-  //     cy.get('#validate-password-btn').should('not.have.class', 'button-disabled').click();
-  //     // Third state: validation
-  //     cy.get('#success-step')
-  //       .should('contain', 'Password was successfully changed!')
-  //       .and('contain', 'You can now login with your new password.');
-  //     cy.get('#success-step').find('ion-button').contains('Go back to login').click();
-  //     cy.get('#forgotten-password-button').should('exist');
-  //   });
-});
diff --git a/client/tests/pw/data/recovery/fake_recovery_file.txt b/client/tests/pw/data/recovery/fake_recovery_file.txt
new file mode 100644
index 00000000000..c67819b8d2a
--- /dev/null
+++ b/client/tests/pw/data/recovery/fake_recovery_file.txt
@@ -0,0 +1 @@
+NOP
diff --git a/client/tests/pw/data/recovery/recovery_file.psrk b/client/tests/pw/data/recovery/recovery_file.psrk
new file mode 100644
index 00000000000..562e72e1266
--- /dev/null
+++ b/client/tests/pw/data/recovery/recovery_file.psrk
@@ -0,0 +1 @@
+YEP
diff --git a/client/tests/pw/e2e/export_recovery_device.spec.ts b/client/tests/pw/e2e/export_recovery_device.spec.ts
new file mode 100644
index 00000000000..036d0241037
--- /dev/null
+++ b/client/tests/pw/e2e/export_recovery_device.spec.ts
@@ -0,0 +1,47 @@
+// Parsec Cloud (https://parsec.cloud) Copyright (c) BUSL-1.1 2016-present Scille SAS
+
+import { expect } from '@tests/pw/helpers/assertions';
+import { msTest } from '@tests/pw/helpers/fixtures';
+
+msTest('Export recovery device', async ({ myProfilePage }) => {
+  const container = myProfilePage.locator('.restore-password');
+  await container.locator('.restore-password-button').click();
+  await expect(myProfilePage.locator('.topbar-left').locator('.topbar-left__title')).toHaveText('Recovery files');
+  const recoveryContainer = myProfilePage.locator('.recovery-container');
+  await expect(recoveryContainer.locator('ion-button')).toHaveText('I understand');
+  await recoveryContainer.locator('ion-button').click();
+  const fileContainer = recoveryContainer.locator('.file-item').nth(0);
+  const passphraseContainer = recoveryContainer.locator('.file-item').nth(1);
+
+  await expect(fileContainer.locator('ion-button')).toHaveText('Download');
+  await expect(passphraseContainer.locator('ion-button')).toHaveText('Download');
+
+  /* Can't get the download to work properly */
+  // const fileDownloadPromise = myProfilePage.waitForEvent('download');
+  // await fileContainer.locator('ion-button').click();
+  // const fileDownload = await fileDownloadPromise;
+  // expect(fileDownload.suggestedFilename()).toBe('Parsec_Recovery_File_MyOrg.psrk');
+  // const fileStream = await fileDownload.createReadStream();
+  // fileStream.on('readable', async () => {
+  //   fileStream.setEncoding('utf-8');
+  //   expect(fileStream.read()).toBe('Q2lnYXJlQU1vdXN0YWNoZQ==');
+  //   await fileDownload.delete();
+  // });
+  await fileContainer.locator('ion-button').click();
+  await expect(myProfilePage).toShowToast('The recovery file was successfully downloaded', 'Success');
+
+  // const passphraseDownloadPromise = myProfilePage.waitForEvent('download');
+  // const passphraseDownload = await passphraseDownloadPromise;
+  // expect(passphraseDownload.suggestedFilename()).toBe('Recovery.psrk');
+  // const passphraseStream = await passphraseDownload.createReadStream();
+  // passphraseStream.on('readable', async () => {
+  //   passphraseStream.setEncoding('utf-8');
+  //   expect(passphraseStream.read()).toBe('ABCDEF');
+  // });
+
+  await passphraseContainer.locator('ion-button').click();
+  await expect(myProfilePage).toShowToast('The secret key was successfully downloaded', 'Success');
+
+  await expect(fileContainer.locator('ion-button')).toHaveText('Download again');
+  await expect(passphraseContainer.locator('ion-button')).toHaveText('Download again');
+});
diff --git a/client/tests/pw/e2e/import_recovery_device.spec.ts b/client/tests/pw/e2e/import_recovery_device.spec.ts
new file mode 100644
index 00000000000..653ce136856
--- /dev/null
+++ b/client/tests/pw/e2e/import_recovery_device.spec.ts
@@ -0,0 +1,126 @@
+// Parsec Cloud (https://parsec.cloud) Copyright (c) BUSL-1.1 2016-present Scille SAS
+
+import { expect, fillIonInput, msTest } from '@tests/pw/helpers';
+import path from 'path';
+import { TestInfo } from 'playwright/test';
+
+msTest('Import recovery device', async ({ home }, testInfo: TestInfo) => {
+  await home.locator('.organization-card').nth(0).click();
+  await home.locator('.login-popup').locator('#forgotten-password-button').click();
+  const container = home.locator('.recovery-content');
+
+  await expect(container.locator('.container-textinfo')).toHaveText(
+    'You must have created recovery files in order to reset your authentication.',
+  );
+
+  const okButton = container.locator('#to-password-change-btn');
+  await expect(okButton).toHaveText('Next');
+  await expect(okButton).toBeTrulyDisabled();
+
+  const items = container.locator('.recovery-list-item');
+  await expect(items.nth(1)).toHaveTheClass('disabled');
+
+  const importButton = items.nth(0).locator('#browse-button');
+  await expect(importButton).toHaveText('Browse');
+
+  await expect(items.nth(0).locator('.body')).toHaveText('No file selected');
+  const fileChooserPromise = home.waitForEvent('filechooser');
+  await importButton.click();
+  const fileChooser = await fileChooserPromise;
+  expect(fileChooser.isMultiple()).toBe(false);
+  await fileChooser.setFiles([path.join(testInfo.config.rootDir, '..', 'data', 'recovery', 'recovery_file.psrk')]);
+  await expect(items.nth(0).locator('.body')).toHaveText('recovery_file.psrk');
+  await expect(items.nth(0).locator('.body')).toHaveTheClass('file-added');
+
+  await expect(items.nth(1)).not.toHaveTheClass('disabled');
+  // cspell:disable-next-line
+  await fillIonInput(items.nth(1).locator('ion-input'), 'ABCD-EFGH-IJKL-MNOP-QRST-UVWX-YZ12-3456-7890-ABCD-EFGH-IJKL-MNOP');
+
+  await expect(okButton).toBeTrulyEnabled();
+  await okButton.click();
+
+  const authChoices = container.locator('.choose-auth-page').locator('ion-radio');
+
+  await expect(authChoices.nth(0).locator('.item-radio__label')).toHaveText('Use System Authentication');
+  await expect(authChoices.nth(0).locator('.item-radio__text:visible')).toHaveText('Unavailable on web');
+  await expect(authChoices.nth(0)).toHaveTheClass('radio-disabled');
+
+  const authButton = container.locator('#validate-password-btn');
+  await expect(authButton).toHaveText('Confirm');
+  const inputs = container.locator('.choose-auth-page').locator('.choose-password').locator('ion-input');
+  await fillIonInput(inputs.nth(0), 'YouGiv3Lov3aBadName');
+  await expect(authButton).toBeTrulyDisabled();
+  await fillIonInput(inputs.nth(1), 'YouGiv3Lov3aBadName');
+  await expect(authButton).toBeTrulyEnabled();
+  await authButton.click();
+
+  await expect(container.locator('.success-card__title')).toHaveText('Authentication was successfully updated!');
+  await container.locator('.success-card__button').click();
+});
+
+msTest('Import recovery device invalid recovery file', async ({ home }, testInfo: TestInfo) => {
+  await home.locator('.organization-card').nth(0).click();
+  await home.locator('.login-popup').locator('#forgotten-password-button').click();
+  const container = home.locator('.recovery-content');
+
+  const okButton = container.locator('#to-password-change-btn');
+  const items = container.locator('.recovery-list-item');
+  await expect(items.nth(0).locator('.recovery-list-item__title')).toHaveText('1 Recovery file');
+  await expect(items.nth(1).locator('.recovery-list-item__title')).toHaveText('2 Secret key');
+
+  await expect(items.nth(0).locator('.body')).toHaveText('No file selected');
+  const fileChooserPromise = home.waitForEvent('filechooser');
+  await items.nth(0).locator('ion-button').click();
+  const fileChooser = await fileChooserPromise;
+  expect(fileChooser.isMultiple()).toBe(false);
+  await fileChooser.setFiles([path.join(testInfo.config.rootDir, '..', 'data', 'recovery', 'fake_recovery_file.txt')]);
+  await expect(items.nth(0).locator('.body')).toHaveText('fake_recovery_file.txt');
+  await expect(items.nth(0).locator('.body')).toHaveTheClass('file-added');
+
+  await expect(items.nth(1).locator('#checkmark-icon')).toBeHidden();
+  // cspell:disable-next-line
+  await fillIonInput(items.nth(1).locator('ion-input'), 'ABCD-EFGH-IJKL-MNOP-QRST-UVWX-YZ12-3456-7890-ABCD-EFGH-IJKL-MNOP');
+  await expect(items.nth(1).locator('#checkmark-icon')).toBeVisible();
+
+  await expect(okButton).toBeTrulyEnabled();
+  await okButton.click();
+
+  const authButton = container.locator('#validate-password-btn');
+  const inputs = container.locator('.choose-auth-page').locator('.choose-password').locator('ion-input');
+  await fillIonInput(inputs.nth(0), 'YouGiv3Lov3aBadName');
+  await fillIonInput(inputs.nth(1), 'YouGiv3Lov3aBadName');
+  await authButton.click();
+
+  await expect(home).toShowToast('Invalid recovery file.', 'Error');
+});
+
+msTest('Import recovery device invalid passphrase', async ({ home }, testInfo: TestInfo) => {
+  await home.locator('.organization-card').nth(0).click();
+  await home.locator('.login-popup').locator('#forgotten-password-button').click();
+  const container = home.locator('.recovery-content');
+
+  const okButton = container.locator('#to-password-change-btn');
+  const items = container.locator('.recovery-list-item');
+
+  await expect(items.nth(0).locator('.body')).toHaveText('No file selected');
+  const fileChooserPromise = home.waitForEvent('filechooser');
+  await items.nth(0).locator('ion-button').click();
+  const fileChooser = await fileChooserPromise;
+  expect(fileChooser.isMultiple()).toBe(false);
+  await fileChooser.setFiles([path.join(testInfo.config.rootDir, '..', 'data', 'recovery', 'recovery_file.psrk')]);
+  await expect(items.nth(0).locator('.body')).toHaveText('recovery_file.psrk');
+  await expect(items.nth(0).locator('.body')).toHaveTheClass('file-added');
+
+  // cspell:disable-next-line
+  await fillIonInput(items.nth(1).locator('ion-input'), 'ABCD-EFGH-IJKL-MNOP-QRST-UVWX-YZ12-3456-7890-ABCD-EFGH-IJKL-MNOX');
+  await expect(okButton).toBeTrulyEnabled();
+  await okButton.click();
+
+  const authButton = container.locator('#validate-password-btn');
+  const inputs = container.locator('.choose-auth-page').locator('.choose-password').locator('ion-input');
+  await fillIonInput(inputs.nth(0), 'YouGiv3Lov3aBadName');
+  await fillIonInput(inputs.nth(1), 'YouGiv3Lov3aBadName');
+  await authButton.click();
+
+  await expect(home).toShowToast('The secret key does not match the recovery file.', 'Error');
+});
diff --git a/client/tests/pw/e2e/my_profile_page.spec.ts b/client/tests/pw/e2e/my_profile_page.spec.ts
index c92e305910c..efb8d9e761a 100644
--- a/client/tests/pw/e2e/my_profile_page.spec.ts
+++ b/client/tests/pw/e2e/my_profile_page.spec.ts
@@ -7,17 +7,20 @@ import { fillIonInput } from '@tests/pw/helpers/utils';
 msTest('Check devices list', async ({ myProfilePage }) => {
   await expect(myProfilePage.locator('#add-device-button')).toHaveText('Add');
   const devices = myProfilePage.locator('#devices-list').getByRole('listitem');
-  await expect(devices.locator('.device-name')).toHaveText(['Web', 'Web', 'Recovery Device']);
-  await expect(devices.locator('.join-date')).toHaveText(['Joined: Today', 'Joined: Today', 'Joined: Today']);
+  await expect(devices.locator('.device-name')).toHaveText([/^device\d$/, /^device\d$/]);
+  await expect(devices.locator('.join-date')).toHaveText(['Joined: Today', 'Joined: Today']);
   await expect(devices.nth(0).locator('.badge')).toBeVisible();
   await expect(devices.nth(1).locator('.badge')).toBeHidden();
-  await expect(devices.nth(2).locator('.badge')).toBeHidden();
 });
 
 msTest('Check if restore-password section is displayed', async ({ myProfilePage }) => {
-  // Currently the restore-password section is hidden
   const restorePassword = myProfilePage.locator('.restore-password');
-  await expect(restorePassword).toBeHidden();
+  await expect(restorePassword).toBeVisible();
+  await expect(restorePassword.locator('.restore-password-header__title')).toHaveText('Authentication recovery files');
+  await expect(restorePassword.locator('.restore-password-subtitles')).toHaveText(
+    'Authentication recovery files have been created and downloaded.',
+  );
+  await expect(restorePassword.locator('.restore-password-button')).toHaveText('Re-download recovery files');
 });
 
 msTest('Open authentication section', async ({ myProfilePage }) => {

From 927f208e006e246b35e4b9618f023427ed1708af Mon Sep 17 00:00:00 2001
From: Maxime GRANDCOLAS <maxime.grandcolas@scille.fr>
Date: Thu, 31 Oct 2024 09:24:17 +0100
Subject: [PATCH 2/6] [MS] Added newsfragment for #8667

---
 newsfragments/8667.feature.rst | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 newsfragments/8667.feature.rst

diff --git a/newsfragments/8667.feature.rst b/newsfragments/8667.feature.rst
new file mode 100644
index 00000000000..cc8f87626af
--- /dev/null
+++ b/newsfragments/8667.feature.rst
@@ -0,0 +1 @@
+Added the export and import of recovery devices to help with password loss

From 1055ddbdfbd1a6cf0fade33c3ac43752b07487e9 Mon Sep 17 00:00:00 2001
From: fabienSvstr <fabien.sevestre@my-digital-school.org>
Date: Thu, 31 Oct 2024 14:35:11 +0100
Subject: [PATCH 3/6] [MS] Fixed vertical issue

---
 client/src/views/devices/ImportRecoveryDevicePage.vue | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/client/src/views/devices/ImportRecoveryDevicePage.vue b/client/src/views/devices/ImportRecoveryDevicePage.vue
index 373bd4f60ca..8bc58d1fb2b 100644
--- a/client/src/views/devices/ImportRecoveryDevicePage.vue
+++ b/client/src/views/devices/ImportRecoveryDevicePage.vue
@@ -265,11 +265,11 @@ async function onLoginClick(): Promise<void> {
 
 <style lang="scss" scoped>
 .recovery-content {
-  height: 100%;
+  height: auto;
   width: 60vw;
   max-width: var(--parsec-max-forgotten-pwd-width);
   display: flex;
-  margin: 0 auto;
+  margin: auto;
   flex-direction: column;
   align-items: center;
   gap: 2rem;

From eb0a930dacac16a84529b66ccbaf9d8fe9f7a0a3 Mon Sep 17 00:00:00 2001
From: Maxime GRANDCOLAS <maxime.grandcolas@scille.fr>
Date: Mon, 4 Nov 2024 07:40:56 +0100
Subject: [PATCH 4/6] [MS] Remove cypress from the CI

---
 .github/workflows/ci-web.yml | 18 ++----------------
 client/package.json          |  8 ++------
 2 files changed, 4 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/ci-web.yml b/.github/workflows/ci-web.yml
index 94f110f537a..665b04589e6 100644
--- a/.github/workflows/ci-web.yml
+++ b/.github/workflows/ci-web.yml
@@ -151,27 +151,13 @@ jobs:
       - name: Check testbed server is running
         run: curl http://localhost:6777
 
-      - name: Install cypress binary
-        run: |
-          npm exec cypress version
-          npm exec cypress install
-        working-directory: client
-        timeout-minutes: 5
-
-      - name: E2E tests
-        run: npm run test:e2e:headless
-        env:
-          TESTBED_SERVER: parsec3://localhost:6777?no_ssl=true
-        working-directory: client
-        timeout-minutes: 20
-
       - name: Install Playwright dependencies
         run: npx playwright install --with-deps
         working-directory: client
         timeout-minutes: 5
 
-      - name: Playwright E2E tests
-        run: npm run pw:e2e:headless
+      - name: E2E tests
+        run: npm run test:e2e:headless
         env:
           TESTBED_SERVER: parsec3://localhost:6777?no_ssl=true
         working-directory: client
diff --git a/client/package.json b/client/package.json
index 9409532d0d4..bf4e3f26499 100644
--- a/client/package.json
+++ b/client/package.json
@@ -10,12 +10,8 @@
         "preview": "vite preview",
         "lint": "eslint . --max-warnings=0 && vue-tsc --noEmit",
         "test:unit": "vitest run --dom",
-        "cy:e2e:headless": "cypress run --e2e",
-        "cy:e2e": "cypress run --e2e --headed",
-        "pw:e2e": "npx playwright test --headed --reporter=null --timeout=30000",
-        "pw:e2e:headless": "npx playwright test --reporter=null --timeout=30000",
-        "test:e2e": "start-server-and-test dev http://localhost:8080 cy:e2e",
-        "test:e2e:headless": "start-server-and-test dev http://localhost:8080 cy:e2e:headless",
+        "test:e2e": "npx playwright test --headed --reporter=null --timeout=30000",
+        "test:e2e:headless": "npx playwright test --reporter=null --timeout=30000",
         "web:open": "vite --open",
         "web:release": "npm run lint && vite build",
         "native:build": "node ./scripts/vite_build_for_native.cjs",

From 3a35aab7d26083cddb21d106998b9f30295e1152 Mon Sep 17 00:00:00 2001
From: Maxime GRANDCOLAS <maxime.grandcolas@gmail.com>
Date: Tue, 5 Nov 2024 14:20:28 +0100
Subject: [PATCH 5/6] Apply suggestions from code review

Co-authored-by: Marcos Medrano <786907+mmmarcos@users.noreply.github.com>
---
 client/src/locales/en-US.json  | 6 +++---
 client/src/locales/fr-FR.json  | 6 +++---
 newsfragments/8667.feature.rst | 2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/client/src/locales/en-US.json b/client/src/locales/en-US.json
index 51b5116468b..8333e9b5198 100644
--- a/client/src/locales/en-US.json
+++ b/client/src/locales/en-US.json
@@ -176,8 +176,8 @@
         "loginErrors": {
             "keyringFailed": "Could not log in",
             "keyringFailedTitle": "Login failed",
-            "keyringFailedQuestion": "Could not login to this device using the system authentication. Would you like to use a recovery device?",
-            "keyringFailedUsedRecovery": "Use a recovery device",
+            "keyringFailedQuestion": "Could not login using the system authentication. Would you like to use a recovery file?",
+            "keyringFailedUsedRecovery": "Use a recovery file",
             "keyringFailedAbort": "No"
         },
         "bmsOrganizationNotFound": "Could not find the organization {organization} on this device.",
@@ -865,7 +865,7 @@
             "recoveryKey": "Parsec_Recovery_Code_{org}.txt"
         },
         "errors": {
-            "exportFailed": "Failed to create a recovery device."
+            "exportFailed": "Failed to create a recovery file."
         }
     },
     "SasCodeChoice": {
diff --git a/client/src/locales/fr-FR.json b/client/src/locales/fr-FR.json
index 1b4d7973150..a47ff41be51 100644
--- a/client/src/locales/fr-FR.json
+++ b/client/src/locales/fr-FR.json
@@ -176,8 +176,8 @@
         "loginErrors": {
             "keyringFailed": "Impossible de se connecter",
             "keyringFailedTitle": "Impossible de se connecter",
-            "keyringFailedQuestion": "La connexion à cet appareil en utilisant l'authentification du système a échoué. Souhaitez-vous utiliser un appareil de récupération ?",
-            "keyringFailedUsedRecovery": "Utiliser un appareil de récupération",
+            "keyringFailedQuestion": "La connexion en utilisant l'authentification du système a échoué. Souhaitez-vous utiliser un fichier de récupération ?",
+            "keyringFailedUsedRecovery": "Utiliser un fichier de récupération",
             "keyringFailedAbort": "Non"
         },
         "bmsOrganizationNotFound": "Impossible de trouver l'organisation {organization} sur cet appareil.",
@@ -865,7 +865,7 @@
             "recoveryKey": "Parsec_Code_Récupération_{org}.txt"
         },
         "errors": {
-            "exportFailed": "Impossible de créer un appareil de récupération."
+            "exportFailed": "Impossible de créer un fichier de récupération."
         }
     },
     "SasCodeChoice": {
diff --git a/newsfragments/8667.feature.rst b/newsfragments/8667.feature.rst
index cc8f87626af..ceda769b82d 100644
--- a/newsfragments/8667.feature.rst
+++ b/newsfragments/8667.feature.rst
@@ -1 +1 @@
-Added the export and import of recovery devices to help with password loss
+Added support for recovery files to recover access in case the password is lost or the user loses access to its computer

From 3ce10f37a16197a379e58f673f70eff94805ba84 Mon Sep 17 00:00:00 2001
From: NicoTuxx <nicotuxxdev@gmail.com>
Date: Thu, 7 Nov 2024 04:26:33 +0100
Subject: [PATCH 6/6] Improve ForgottenPassword use case - improve transitions
 management - fix: move comment to avoid transition bug - add custom prop for
 backButton name

---
 client/src/locales/en-US.json                 |  3 +-
 client/src/locales/fr-FR.json                 |  3 +-
 .../devices/ImportRecoveryDevicePage.vue      |  2 +-
 client/src/views/home/HomePage.vue            | 65 ++++++++++++++-----
 client/src/views/home/HomePageHeader.vue      |  5 +-
 5 files changed, 55 insertions(+), 23 deletions(-)

diff --git a/client/src/locales/en-US.json b/client/src/locales/en-US.json
index 8333e9b5198..98d14cb07bb 100644
--- a/client/src/locales/en-US.json
+++ b/client/src/locales/en-US.json
@@ -100,6 +100,8 @@
     },
     "HomePage": {
         "topbar": {
+            "backToList": "Return to organizations",
+            "backToLogin": "Return to login",
             "settings": "Settings",
             "contactUs": "Contact us",
             "documentation": "Documentation",
@@ -152,7 +154,6 @@
             "joinOrganizationSubtitle": "I received an invitation to join an organization"
         },
         "organizationLogin": {
-            "backToList": "Return to organizations",
             "forgottenPassword": "Forgot your password?",
             "emailLabel": "Email",
             "passwordLabel": "Password",
diff --git a/client/src/locales/fr-FR.json b/client/src/locales/fr-FR.json
index a47ff41be51..ce666cb8116 100644
--- a/client/src/locales/fr-FR.json
+++ b/client/src/locales/fr-FR.json
@@ -100,6 +100,8 @@
     },
     "HomePage": {
         "topbar": {
+            "backToList": "Retour aux organisations",
+            "backToLogin": "Retour à la connexion",
             "settings": "Paramètres",
             "contactUs": "Nous contacter",
             "documentation": "Documentation",
@@ -152,7 +154,6 @@
             "joinOrganizationSubtitle": "J'ai reçu une invitation à rejoindre une organisation"
         },
         "organizationLogin": {
-            "backToList": "Retour aux organisations",
             "forgottenPassword": "Mot de passe oublié ?",
             "emailLabel": "Email",
             "passwordLabel": "Mot de passe",
diff --git a/client/src/views/devices/ImportRecoveryDevicePage.vue b/client/src/views/devices/ImportRecoveryDevicePage.vue
index 8bc58d1fb2b..12d80dbf2c5 100644
--- a/client/src/views/devices/ImportRecoveryDevicePage.vue
+++ b/client/src/views/devices/ImportRecoveryDevicePage.vue
@@ -1,11 +1,11 @@
 <!-- Parsec Cloud (https://parsec.cloud) Copyright (c) BUSL-1.1 2016-present Scille SAS -->
 
 <template>
-  <!-- step 1: recovery file -->
   <div
     v-if="state === ImportDevicePageState.Start"
     class="recovery-content"
   >
+    <!-- step 1: recovery file -->
     <div class="recovery-header">
       <ion-title class="recovery-header__title title-h1">
         {{ $msTranslate('ImportRecoveryDevicePage.titles.forgottenPassword') }}
diff --git a/client/src/views/home/HomePage.vue b/client/src/views/home/HomePage.vue
index 9f8684f7ee0..227c864fb6b 100644
--- a/client/src/views/home/HomePage.vue
+++ b/client/src/views/home/HomePage.vue
@@ -15,15 +15,16 @@
             class="header"
             @settings-click="openSettingsModal"
             @about-click="openAboutModal"
-            @back-click="backToOrganizations"
+            @back-click="backToPreviousPage"
+            :back-button-title="getBackButtonTitle()"
             @customer-area-click="goToCustomerAreaLogin"
             :show-back-button="
               state === HomePageState.Login || state === HomePageState.ForgottenPassword || state === HomePageState.CustomerArea
             "
           />
           <slide-horizontal
-            :appear-from="state === HomePageState.OrganizationList ? Position.Left : Position.Right"
-            :disappear-to="state === HomePageState.OrganizationList ? Position.Right : Position.Left"
+            :appear-from="slidePositions.appearFrom"
+            :disappear-to="slidePositions.disappearTo"
           >
             <template v-if="state === HomePageState.OrganizationList">
               <organization-list-page
@@ -35,18 +36,12 @@
                 ref="organizationListRef"
               />
             </template>
-            <template v-if="state === HomePageState.CustomerArea">
+            <template v-else-if="state === HomePageState.CustomerArea">
               <client-area-login-page />
             </template>
-            <template v-if="state === HomePageState.ForgottenPassword && selectedDevice">
-              <import-recovery-device-page
-                :device="selectedDevice"
-                @organization-selected="onOrganizationSelected"
-              />
-            </template>
-            <!-- after animation -->
-            <template v-if="state === HomePageState.Login && selectedDevice">
+            <template v-else-if="state === HomePageState.Login">
               <login-page
+                v-if="selectedDevice"
                 :device="selectedDevice"
                 @login-click="login"
                 @forgotten-password-click="onForgottenPasswordClicked"
@@ -54,6 +49,13 @@
                 ref="loginPageRef"
               />
             </template>
+            <template v-else-if="state === HomePageState.ForgottenPassword">
+              <import-recovery-device-page
+                v-if="selectedDevice"
+                :device="selectedDevice"
+                @organization-selected="onOrganizationSelected"
+              />
+            </template>
           </slide-horizontal>
         </div>
         <!-- end of organization -->
@@ -100,7 +102,7 @@ import { openSettingsModal } from '@/views/settings';
 import { IonContent, IonPage, modalController } from '@ionic/vue';
 import { DateTime } from 'luxon';
 import { Base64, Validity, MsModalResult, Position, SlideHorizontal, getTextFromUser, askQuestion, Answer } from 'megashark-lib';
-import { Ref, inject, nextTick, onMounted, onUnmounted, ref, toRaw } from 'vue';
+import { Ref, inject, nextTick, onMounted, onUnmounted, ref, toRaw, watch } from 'vue';
 import ClientAreaLoginPage from '@/views/client-area/ClientAreaLoginPage.vue';
 import { getServerTypeFromAddress, ServerType } from '@/services/parsecServers';
 import { getDurationBeforeExpiration, isExpired, isTrialOrganizationDevice } from '@/common/organization';
@@ -125,8 +127,19 @@ const loginInProgress = ref(false);
 const queryInProgress = ref(false);
 const organizationListRef = ref();
 
+const slidePositions = ref({ appearFrom: Position.Left, disappearTo: Position.Right });
+
 let hotkeys: HotkeyGroup | null = null;
 
+const stateWatchCancel = watch(state, (newState, oldState) => {
+  // we use the enum ordering to determine the direction of the slide
+  if (oldState > newState) {
+    slidePositions.value = { appearFrom: Position.Right, disappearTo: Position.Left };
+  } else {
+    slidePositions.value = { appearFrom: Position.Left, disappearTo: Position.Right };
+  }
+});
+
 const routeWatchCancel = watchRoute(async () => {
   if (!currentRouteIs(Routes.Home)) {
     return;
@@ -163,6 +176,7 @@ onUnmounted(() => {
     hotkeyManager.unregister(hotkeys);
   }
   routeWatchCancel();
+  stateWatchCancel();
 });
 
 async function handleQuery(): Promise<void> {
@@ -263,11 +277,6 @@ async function openJoinByLinkModal(link: string): Promise<void> {
   }
 }
 
-async function backToOrganizations(): Promise<void> {
-  state.value = HomePageState.OrganizationList;
-  selectedDevice.value = null;
-}
-
 async function onOrganizationSelected(device: AvailableDevice): Promise<void> {
   if (isDeviceLoggedIn(device)) {
     const handle = getDeviceHandle(device);
@@ -468,6 +477,15 @@ async function associateDefaultEvents(eventDistributor: EventDistributor, inform
   );
 }
 
+async function backToPreviousPage(): Promise<void> {
+  if (state.value === HomePageState.Login || state.value === HomePageState.CustomerArea) {
+    state.value = HomePageState.OrganizationList;
+    selectedDevice.value = null;
+  } else if (state.value === HomePageState.ForgottenPassword) {
+    state.value = HomePageState.Login;
+  }
+}
+
 function onForgottenPasswordClicked(device: AvailableDevice): void {
   selectedDevice.value = device;
   state.value = HomePageState.ForgottenPassword;
@@ -506,6 +524,17 @@ async function onJoinOrganizationClicked(): Promise<void> {
     }
   }
 }
+
+function getBackButtonTitle(): string {
+  if (state.value === HomePageState.Login) {
+    return 'HomePage.topbar.backToList';
+  } else if (state.value === HomePageState.ForgottenPassword) {
+    return 'HomePage.topbar.backToLogin';
+  } else if (state.value === HomePageState.CustomerArea) {
+    return 'HomePage.topbar.backToList';
+  }
+  return '';
+}
 </script>
 
 <style lang="scss" scoped>
diff --git a/client/src/views/home/HomePageHeader.vue b/client/src/views/home/HomePageHeader.vue
index a2950f7be48..2025daeb369 100644
--- a/client/src/views/home/HomePageHeader.vue
+++ b/client/src/views/home/HomePageHeader.vue
@@ -48,7 +48,7 @@
           slot="start"
           :icon="arrowBack"
         />
-        {{ $msTranslate('HomePage.organizationLogin.backToList') }}
+        {{ $msTranslate(backButtonTitle ?? 'HomePage.topbar.backToList') }}
       </ion-button>
     </div>
     <div class="topbar-right">
@@ -94,11 +94,11 @@
 </template>
 
 <script setup lang="ts">
-import { LogoRowWhite, MsImage, MsModalResult } from 'megashark-lib';
 import { IonButton, IonButtons, IonIcon, modalController } from '@ionic/vue';
 import { arrowBack, chatbubbles, cog, informationCircle, sparkles, documentText } from 'ionicons/icons';
 import { EventData, Events, UpdateAvailabilityData } from '@/services/eventDistributor';
 import { InjectionProvider, InjectionProviderKey } from '@/services/injectionProvider';
+import { LogoRowWhite, MsImage, Translatable, MsModalResult } from 'megashark-lib';
 import { onMounted, onUnmounted, ref, inject, Ref } from 'vue';
 import { Env } from '@/services/environment';
 import { needsMocks } from '@/parsec';
@@ -160,6 +160,7 @@ async function update(): Promise<void> {
 
 defineProps<{
   showBackButton: boolean;
+  backButtonTitle?: Translatable;
 }>();
 
 defineEmits<{