* calls you when their favorite blog doesn't "load"
* every password they've ever had is "password1"
Now you want to tell them to "download this new app, generate a private key, store it as a backup somewhere. When you get a new phone, you need to re-import it"
Fluffy Chat is great on iOS. My mom uses it; it respects system fonts very nicely.
I get the frustration with encryption though. I wish there was a way to mark a homeserver as default _NOT_ encrypted. My homeserver is in my closet. Given the choice, I'd rather take the extremely tiny opsec hit for all the simplicity and usability benefits of unencrypted rooms.
I assume the government installations are integrating it with LDAP/AD or at least they should. This assumes both chat and LDAP/AD are logging to a SIEM for the auditors.
Having tried to use that, I can assure you that no one actually (a) remembers their passphrase, nor (b) is willing to type it in when it does come up. It's a fun idea, but it's actually much worse UX than even a secure password.
* need to use size 18 font on their phone
* refer to the phone as "that fancy music player"
* calls you when their favorite blog doesn't "load"
* every password they've ever had is "password1"
Now you want to tell them to "download this new app, generate a private key, store it as a backup somewhere. When you get a new phone, you need to re-import it"
Good luck with that.