Jump to content
bdl

Emergency access / disaster recovery - one-time-pad?

Recommended Posts

Emergency access / disaster recovery - one-time-pad?

One very handy feature of modern password managers (and cloud services such as Google's Inactive Account Manager) is that of "emergency access" for disaster recovery. You provide some sort of gated access to your data to trusted contacts such as your family, or business partners in the case of business passwords, and in the event of your untimely demise or incapacitation they can gain access to your data. The gated access part is usually a period of waiting where you are notified of the impending release of the data and have an opportunity to deny it.


In Enpass' case, it'd be really neat to have a set of one-time-pad passwords that I could print out and stash somewhere safe that my trusted persons know about, and can use to access the enpass database. I can check whether anyone's stolen a one-time code by checking the next unused code (if it doesn't work, someone's used it!).

Share this post


Link to post
Share on other sites
Guest Akash Vyas

Hey @bdl

We appreciate the idea but we're sorry to say this can't be done. Enpass is an offline password manager and we don't keep any of your data with us, Enpass doesn't even need signing up, to begin with. Enpass only uses the master password to encrypt your data and keep it safe and adding the suggested feature would serve as a backdoor for a potential attacker. However, you can create this safety measure by noting down your master password and keeping it in some place safe, like a bank vault.    

Thanks for your understanding.

Share this post


Link to post
Share on other sites

G'Day Akash,

I'm not referring to the usual "please support U2F / TOTP", rather I'm suggesting a change to the key management mechanism / KDF to support multiple key slots (e.g. Linux's LUKS supports 8 independent keys), and further for one of those slots to be an OTP. Having said that, of course there's nowhere enpass could store the OTP seed/counter/etc so I'll belatedly admit that that's a silly request.

Another approach would be secret splitting: again, where the database supports multiple slots, one of those could be split (e.g. http://point-at-infinity.org/ssss/) and distributed to trusted people. Some number of these people would need to collaborate to recover the full key and access the database.

As to storing the key offline: sure, but that has a bunch of issues incl. making key rotation a pain in the backside. Though if there multiple key slots that'd be easier to manage.

So I suppose in an initial form, this feature request is really "please support multiple keys for accessing the database" with a bonus of "support secret splitting".

 

I'm not entirely certain on how enpass uses sqlcipher - perhaps these feature requests should be for sqlcipher?

  • Like 1

Share this post


Link to post
Share on other sites
Guest Akash Vyas

Hey @bdl

Thanks for the detailed explanation. Now that you've cleared the specifics, I'm starting to think that this actually might be a very productive addition to Enpass. So I've noted down the suggestion for internal discussions. 

Keep Suggesting.:)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×