the same encrypted data for recovery (recovery-file-based)
When users create their password, I create 2 types of asymmetric key: password-based and recovery-file-based (this one is essentially a super-strong generated password).
As soon as this file is generated, it gets sent to the user over the email. It’s not stored anywhere else.
Now, when the user wants to use the “Forgot Password” feature, they’ll have to upload the recovery file.
The system then decrypts the data using the recovery-code-based private key, re-encrypts that using new user’s password and issues a new recovery-code for the user.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I store the same encrypted data in 2 forms:
When users create their password, I create 2 types of asymmetric key: password-based and recovery-file-based (this one is essentially a super-strong generated password).
As soon as this file is generated, it gets sent to the user over the email. It’s not stored anywhere else.
Now, when the user wants to use the “Forgot Password” feature, they’ll have to upload the recovery file.
The system then decrypts the data using the recovery-code-based private key, re-encrypts that using new user’s password and issues a new recovery-code for the user.