"Add as Second Device" desktop UI/UX

Expected behavior

I have a Delta Chat account on my smartphone (Android, but I believe that’s not really that important here).
I wanted to attach the Delta Chat app on my computer as a second device.
I expected to see an interface similar to mainstream messengers, which would ask me to scan the QR code displayed on the computer with my phone (see example screenshot from the Telegram)

image361×412 7.61 KB

Actual behavior

I encountered the exact opposite of what I expected.
The app suggested that I scan the QR code from my phone screen with my desktop.
Initially I was unable to do so due to the absence of a camera.

01K5S52W9F8H1WKSXY22H0YTT8484×592 15.6 KB

What I was able to do

I was able to connect the camera to my computer and scan the QR code from my phone screen, but it took me about 5 minutes of attempts or so, even though the camera is capable of producing a fairly clear FullHD image.

What I think and suggest

I don’t think this is a expected - or healthy - interface. I did not expect to encounter this, and I did not consider it safe to pass the authorization string from my phone to my computer via other channels as the only available alternative.
Ultimately, the suggested options do work, but I find it odd to expect users to scan their phone screens with a desktop camera since things like this are usually done with a phone camera, and addressing my own experience there I expect that many desktop cameras will not really be up to the task.
I suggest making it possible to authorize a second device by scanning a QR code on it, for the cases when the first device is a phone and the second is a desktop.
If for some reason this is impossible, I believe it is necessary to at least change the wording on the desktop app. There may be some personal linguistic issues here, as English is not really my primary language, but I found the “on the first device, go… and scan the code shown here” line somewhat confusing and implying that the “code shown here” is the code that should be shown somewhere on my desktop. Took me a moment to realize.

I’d want password protection or something to stop anyone with a phone from cloning my account (as long as they sent nothing, I’d never know).

Someone with a low-def laptop camera also complained on this forum.

Typing the URL-shaped link code into your desktop sounds like it would actually have been quicker.

The English does sound confusing. Asking if this is the exporting or importing device and then giving instructions might be clearer.

If a computer does not have a camera or it has a too low resolution, it is best to simply transfer the link from the mobile phone.
To do this, copy the link to the clipboard on the mobile phone and then into a text file and transfer it in a secure way to the desktop, for example by cable.
Of course, you can also use the cable to transfer the backup straight away, so you no longer need a QR code or link.

If you lack an existing secure channel or access to a cable as suggested by Raiden, you can create a secure channel by creating a temporary chatmail account on your desktop, scanning the contact QR code with your mobile, and passing the authorization string this way to your new temporary account. You can delete your temporary account later if you no longer need it.

However this is maybe not an obvious workaround.

Someone else already suggested inverting the flow for adding a second device, or allowing it in both directions, as for contacts:

One thing I found very weird about adding my laptop as a second device to an account created on a phone, was that Delta Chat on the phone asked me for an unlock password, when I’d never set any sort of password, and in fact it wanted my Android unlock password, but never explained that, nor explained why. Very confusing and off-putting, and I had to do several web searches to figure out what password it was even asking for.

The password is requested for security reasons, in case an attacker gains temporary physical access to the phone. This way, the attacker could transfer the profile to their own device and then read everything and even send messages under a false name.

It’d be helpful if there were any indication that the Android screen unlock password is the password it’s requesting.

It’d be helpful if there were any indication that the Android screen unlock password is the password it’s requesting.

the screen is not under control of Delta Chat, we can set some text to explain why we require the credentials, not which credentials to enter (we do not even know if it is face, fingerprint, password, swipe…)

it is up to the operating system to make clear, that it is a system unlock screen and the system credentials are to be entered.

most operating system i’ve seen make this pretty clear, but yeah, there may be bad exceptions. a pre-screen comes to mind, but that is also easily annoying, doubling information, and may be regarded as distracting. also, people do not read, so adding more text usually does no help

might even be that the screen is shown only shortly, if at all, eg. when face is recognized by the system (this is very usual on iOS, not sure on android, but also speaks against doing anything but recommended api-wise)

eg. the following is the unlock screen from android 12 (marked text is from Delta Chat, the other texts and elements are by the OS):

Screenshot 2025-10-06 at 22.03.04760×1606 127 KB

which android version are you using and how does the unlock screen look like there?

all in all, i can understand that one can be confused by which password to enter where.

then, it is probably helpful that, by default, Delta Chat, since a year, does not require or ask for any password on profile creation

+10000 to this, the UX of scanning the QR with the computer instead of with the phone is horrible and I have seen a lot of people struggling IRL even with me there guiding them

I guess my OS is also a bad exception. If I set it to use a password, then not only does the unlock screen shown in Delta Chat not explain that the system credentials is needed, but the system unlock screen looks completely different to the system unlock screen which is normally shown when the phone wakes up, which can be very confusing.

I see a hybrid screen where half of the screen appears under control of Delta Chat (it displays the text from Delta Chat) and half appears under control of the system. It seems that Delta Chat clearly controls the text in half of the screen and could make it clear which credentials are needed in the other half of the screen.