[dane-pgp]

> and not having any recovery codes

An alternative might be to use something like Shamir's Secret Sharing to split the recovery codes between a dozen mutually-unknown friends in different jurisdictions, such that the secrets held by some threshold of them could produce the recovery codes.

These friends would have to be trusted to only hand you their share if they meet you in person in their jurisdiction, and should perhaps also first tweet out that they were doing so, in order to warn anyone whose security might depend on your encrypted data not being compromised.

[XorNot]

Well the data is going to get wiped after you unlock without enough passphrases anyway, so it's kind of pointless - you need a backup. The point of not having recovery codes for the TPM is to ensure the disk is completely unusable if the machine is tampered with - i.e. you have to be forced to unlock that machine, and not a copy, to ensure the data is destroyed. I do wonder if TPM's would detect the use of SATA/PCI-E write blockers (or some elaborate shim system - but again, nation-state level).

Of course this is the real fiction: in reality I'm somewhat too lazy to set all that up for the much more likely scenario of a preventable glitch hosing my system.