← Back to context

Comment by robmccoll

1 year ago

How to do that on initial account creation:

- locally create a recovery key and use it to wrap any other essential keys

- Split that or wrap that with two or more keys.

- N - 1 goes to the cloud to be used as MFA tokens on recovery.

- For the other, derive keys from normalized responses to recovery questions, use Shamir's secret sharing to pick a number of required correct responses and encrypt the Nth key.

You can recover an account without knowing your original password or having your original device.

IOW, you've made the recovery questions into alternate passwords, passwords that law enforcement is likely able to find or brute force.