[Ajedi32]

End to end encrypted with what key? What if the user changed their password? What if they got a new phone? What if the server is only pretending the user got a new phone to trick you into leaking your messages?

All of those problems are solvable, but "simply" is hardly the word I'd use to describe designing a secure end-to-end encrypted application. It's way, way more development effort than just "hash user passwords with bcrypt and don't allow access without the password", which is why it's rarely done unless E2E encryption is a major selling point of the application.

[kelseyfrog]

Sorry, still not following. I wrote not E2E encrypted. I'm struggling to understand why messages that are not E2E encrypted would require key management.

[Ajedi32]

Sorry, misread.

Yes, you could symmetrically encrypt the tiny portion of personal data that needs to be read solely by you without much added complexity.

However, with few exceptions (password managers, backups, personal notes, etc), the whole point of uploading data to an online service is to allow it to be shared with other people or services. Once that happens, you need all those complicated key management and security systems I just talked about. It's effectively end-to-end encryption.