Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

What happens if user forgets his password ? #12

Open
theodorDiaconu opened this issue Feb 8, 2016 · 2 comments
Open

What happens if user forgets his password ? #12

theodorDiaconu opened this issue Feb 8, 2016 · 2 comments

Comments

@theodorDiaconu
Copy link

No description provided.

@PhilippSpo
Copy link
Contributor

Since all of his data is encrypted with his private key, and his private key is encrypted with his password, his data will be lost if his private key is lost...

@theodorDiaconu
Copy link
Author

@PhilippSpo so I figured. The thing is I am trying to build a system where this is recoverable by a set of security questions. We'll decrypt his private key with the md5-or-whatever hash from the answers of his questions. This way we can assure data recover-ability.

It might be neat if you could implement that, meanwhile I'm building my own zero-knowledge system using your node-rsa meteor+browser ready library. Good job so far with this package, but it definitely needs fallback + a super user that can access his data.

Business use case:
Host cannot read the data.
An logged in admin can read the encrypted data of other users.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@theodorDiaconu @PhilippSpo