How do you manage (if you do) the 'lost password' process ? Is the user allowed to change his password without giving the old one first ? It should break the 'link' between the encrypted record and the actual record, isn't it ?
the same encrypted data for recovery (recovery-file-based)
When users create their password, I create 2 types of asymmetric key: password-based and recovery-file-based (this one is essentially a super-strong generated password).
As soon as this file is generated, it gets sent to the user over the email. It’s not stored anywhere else.
Now, when the user wants to use the “Forgot Password” feature, they’ll have to upload the recovery file.
The system then decrypts the data using the recovery-code-based private key, re-encrypts that using new user’s password and issues a new recovery-code for the user.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
How do you manage (if you do) the 'lost password' process ? Is the user allowed to change his password without giving the old one first ? It should break the 'link' between the encrypted record and the actual record, isn't it ?
I store the same encrypted data in 2 forms:
When users create their password, I create 2 types of asymmetric key: password-based and recovery-file-based (this one is essentially a super-strong generated password).
As soon as this file is generated, it gets sent to the user over the email. It’s not stored anywhere else.
Now, when the user wants to use the “Forgot Password” feature, they’ll have to upload the recovery file.
The system then decrypts the data using the recovery-code-based private key, re-encrypts that using new user’s password and issues a new recovery-code for the user.