Comment by cdrini
5 years ago
I feel like I'm missing something with these E2E encrypted products. I would _never_ recommend one of these to my family. What happens if they lose their password? Suddenly all of their photos are physically impossible to recover? What if the primary account holder dies? I would never trust a physical storage locker that said "if you lose your key we're going to set your stuff on fire". I _do_ place some amount of trust in the owners to potentially get access to the contents of my storage in extreme situations. Making that physically impossible is terrifying.
In addition to your password, you have a recoveryKey that can be shared with your family members. As long as you've access to either your password or your recoveryKey, you will be able to decrypt your data.
A shared recoveryKey can be revoked and a new one generated if necessary. (We don't have a hook for this on the UI yet, but our system is designed to support a key rotation).
Nice! I appreciate that this is something that you've looked into. I'm still wary of the core tech here, because it's just too powerful. I'm personally ok with my photos being discovered by family many generations into the future. Or by random archivists. So much of the history we have access to is the result of discoveries of people's miscellany. Moving into an age where people's photos/messages/letters will auto-self-destruct by default -- the opposite of their physical counter-parts -- is scary to me.
The risk you're talking about applies to all cloud storage providers that depend on monthly/annual subscription renewals I suppose. Which makes me wonder if there is a market for a 100 year plan with pro-rated refunds. :)
I leave the handling of those situations to Lastpass. My wife and kids may request access to my password locker, and if I don't reject within 30 days the locker is opened to them.
Thanks for sharing this, I had no idea Lastpass had such a feature.
I guess this means that your family already has access to your decryption keys and the Lastpass servers are merely restricting access to the encrypted data for the 30 day time period.
That's an ingenious system.