[messaging] Password reset mechanisms with an SRP authentication framework

elijah elijah at riseup.net
Tue Apr 22 12:51:04 PDT 2014

On 04/22/2014 08:43 AM, Dave Baggett wrote:

> I'd love to get your collective thoughts on a challenge we have.

At LEAP, we also use SRP in a similar way for the same reason. Options
we have considered:

(1) do nothing: warn the user they are totally screwed if the forget
their password. (working!)

(2) recovery code: encourage users to print out a long recovery code
that can be used to download and restore all their secrets. (working,
but no UI for it yet)

(3) Shamir's Secret Sharing [1]: as described by Michael except
automated and using OpenPGP (akin to Trevor's public key suggestion).
(not working)

(4) third party escrow: I would like to start an escrow service that
providers could use so that they didn't need to be the escrow
themselves, located in some place with jurisdictional arbitrage. The API
would allow saving a password along with one of three reset methods
(email, question, sms), and returns an identifier. (not working)

(5) shitty mode: allow users to configure their account in low security
mode, with big flashing warning lights. In this mode, the provider would
keep a copy of the user's password. (not working)


[1] https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing

More information about the Messaging mailing list