Lost password¶
It is possible to help a user who has forgotten their password, however due to how StoredSafe works, this is slightly more complicated than you probably are used to.
Since every user in StoredSafe is protected with a unique PGP keypair per user, so when the user has lost their password, they have actually forgotten the passphrase to their private PGP key. Thus that PGP keypair is lost, and the solution is to deactive the old user and create a new user with the exact same user details.
The steps¶
- Deactivate the old user. (System Users -> Edit -> Deselect “Active”)
- Create a new user with the same user details, name, yubikey etc.
Get access to vaults¶
If there are other active users, with the data custodian permission, in all of the vaults the user had access to, get those users to share the vault back to the new user created in step 2.
Key Escrow¶
If a vault is left without a data custodian due to the deactivation in step 1, those vaults needs to be recovered thru the key escrow procedure. (Recover lost data using key escrow user)
An alternative to Key Escrow¶
An alternative is to have an active user copy all items from the affected vaults, and paste them to a new vault. (How to copy or move objects)