| 摘要 |
A system and method are disclosed for providing secure deposit and recovery of secret data based on a secret of a user, such as a password, a shared secret from a recovery server, and a secret from a recovery peer. The secret data is encrypted with these three secrets and stored remote from the user device to only allow the user to recover the secret data without compromising the secrecy of the secret data. Systems and methods for decoupling a password from the secret data the password protects is also provided to allow resetting the password or recovering the secret data to be separate operations that can be carried out independently. Another aspect provides for a user account to be securely recovered using a recovery peer to verify ownership of the user account. |
