Fractal (the Gnome @matrix client) still stores the logged-in user's password on the computer, even though this is what a client is supposed to *not* do. If my device somehow gets compromised, I can usually remotely delete that session off my account and remain safe, however the Fractal developers thought ( https://gitlab.gnome.org/GNOME/fractal/-/issues/427 ) that it would be a usability benefit for the user if it remembers their password whenever their session gets remotely signed out. What??
@vurpo @matrix a tangentially similar thing also happens with other communication platforms. Iirc, #wire offers secure means of communication, but stores sent and received messages in plain text on your device.
I wouldn't directly value this as an incredibly bad thing. However you may need to take it into consideration when deciding on your threat model and choosing communication platforms accordingly
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!