| 摘要 |
<p>The present invention is directed toward providing a secure method to access data when the user has lost or forgotten the user password (261). In accordance with the invention and in a system where decryption of an access key (232) will give access to data, two encrypted versions of the access key are created (236, 270). A first version (236) is formed using a key (264) formed with the user password. A second version (270) is formed using a public key (266) from a public-private key pair. Generally, data access can be had by decrypting the first encrypted version (236) of the access key (232) with the password key (264). However, if the password (261) is forgotten, access to data can be accomplished by decrypting the second encrypted version (270) of the access key (232) with the private key (280) from the public-private key pair. One embodiment of the invention requires the private key (280) to be stored at a remote site and for decryption using the private key to take place at the remote site. In this manner the user can gain access to data without significantly compromising the data security.</p> |
