[pmontra]

> A recovery key is an randomly generated 28-character code

That's easy to backup. You can even print it and bury it in a sealed box in the garden or put it in a book or whatever. It depends who you are protecting against.

[Klathmon]

But you shouldn't ONLY store it in a box or in your house.

That means you're one natural disaster away from losing everything.

As much as it can "weaken" security, an electronic backup is still recommended for most

[alistairSH]

As much as it can "weaken" security, an electronic backup is still recommended for most

Maybe I'm being dense (probably), but where would you save it?

iCloud? No, that doesn't work - you need the key to access iCloud.

Some other cloud storage service? No, that doesn't work - you need your phone to generate a token for access and your phone was destroyed in the same fire as the paper backup.

Seems like the safe choice is a lock box at a bank or similar. Or a fireproof safe at home.

[Klathmon]

Personally, I encrypt my backup/recovery/setup keys in a CSV file using a password that I have memorized, and send them to family members to store in their accounts/cloud storage.

But safety deposit boxes are a good choice too, just be careful to balance your own convenience. If you can't easily update your backups, you're really unlikely to include new accounts in them

[tacocataco]

What happens if you suffer a TBI and can't remember the password?

I guess you'd have bigger problems at that point.

[tshaddox]

Perhaps an estate lawyer could be trusted with the information in case you become incapacitated or dead.

[fennecbutt]

Doesn't that just mean that Apple's X character key is protected only by a password presumably of lesser length?

I suppose a phrase works too, and easy to remember.

[thfuran]

That also means you can't easily update passwords.

[microtonal]

You could put your passwords in 1Password or iCloud Keychain, so you only need to back up those credentials.

[CydeWeys]

> Some other cloud storage service? No, that doesn't work - you need your phone to generate a token for access

You definitely don't need your phone for access. I use Yubico security keys for everything like this. I have several of them that are on all my accounts and I don't keep them in the same place.

[s3krit]

Engraved onto something like titanium would be better than a fireproof safe - they're only safe for X amount of time (I want to take a stab in the dark and say about 90 minutes?). This is how I have backed up some (since retired) crypto seed phrases in the past.

[tshaddox]

Where do you keep the titanium plate? I'd be more worried about losing it due to a natural disaster than merely having it destroyed beyond readability in a natural disaster.

[dylan604]

What happens if there's a typo in the engraving? Who's doing the engraving? How much do you trust the people you are providing the key to do it? When does the paranoia kick in vs being diligent?

[0cf8612b2e1e]

This was at least an innovation in the bitcoin community. Several assemble at home systems where you can build a physical manifestation of a secret. Metal cards you punch with a hammer and nail. Another is essentially a tube where you string along metal letters of the password.

[bombcar]

Get it tattooed on a (normally not seen) part of your body. Like under your hair! ;)

Of course, a code like that can be in multiple places, possibly where it won’t be recognized as such.

[alistairSH]

And pray you never need to update the passcode!

I'm imagining this spiraled around somebody's upper thigh... "fakePassw0rdo̶n̶e̶t̶w̶o̶t̶h̶r̶e̶e̶four"

[zrm]

Keep one copy in your fire-resistant safe at home. Then encrypt a copy, give the encrypted copy to your best friend and the decryption key to a family member, or keep one of these things in your desk at work. Neither of them have access unless they both figure out what it is and collude with each other, but you have a recovery system in case you lose your own copy.

[tzs]

One possibility is to encrypt a copy with a key that you are pretty sure you can remember, and store that encrypted copy someplace public on the web. Periodically check that you do still remember the key.

The conventional way to do this would be encrypt it with a symmetric cipher keyed from a password or passphrase. I've been using an unconventional approach where the secret you have to memorize is an algorithm rather than a password/phrase. Programmers might find an algorithm easier to memorize than a passphrase.

Here's an example of this general idea. The algorithm is going to be a hash. This one will take a count and a string, and output a hex string. In English the algorithm is:

  hash the input string using sha512 giving a hex string
  while count > 0
    prepend the count and a "." to current hash and apply sha512

The recovery code I want to backup is 3FAEAB4D-BA00-4735-8010-ADF45B33B736.

I'd pick a count (say 1969) and a string (say "one giant leap for mankind"), actually implement that algorithm, run it on that input and string. That would give me a 512 bit number. I'd take "3FAEAB4D-BA00-4735-8010-ADF45B33B736" and turn it into a number too (by treating at as 36 base 256 digits). I'd xor those two numbers, print the result in hex, and split it into 2 smaller strings so it wouldn't be annoyingly wide.

Then I'd save the input count, input string, and the output:

  1969 one giant leap for mankind
  ed428dffa23f4f14ae2a7b7e842019fc11b5726d726b96c11ec266758be67cb0
  f2a78a320a85df809afe83c6c7840e2d175cceadb455260735405cd047459cc9

I'd then delete my code.

I could then do a variety of things with the "1969 one giant leap for mankind" and the two hex strings. Put then in my HN description. Include then in a Reddit comment. Put them on Pastebin. Take a screenshot of them and put it on Imgur.

To recover the code from one of those backups, the procedure is to implement the algorithm from above, run it with the count and string from the backup to get the 512 bit hash, take the 512 bits of hex from the backup, xor them, and then treat the bytes of the result as ASCII.

Then delete the implementation of the algorithm. With this approach the algorithm is the secret, so should never exist outside your head except when you are actually making or restoring from backup.

When picking the algorithm take into account the circumstances you might be in when you need to use it for recovery. Since you'd probably only be needing this if something so bad happened that you most of your devices and things like your fireproof safe, you might want to pick an algorithm that does not require a fancy computer setup or software that would not be in a basic operating system installation.

The algorithm from this example just needs a basic Unix-like system that you have shell access to:

  #!/bin/sh
  COUNT=$1;
  shift;
  KEY=`/bin/echo -n $* | shasum -a 512 | cut -d ' ' -f 1`
  while [ $COUNT -ge 1  ]; do
    KEY=`/bin/echo -n $COUNT.$KEY | shasum -a 512 | cut -d ' ' -f 1`
    COUNT=`expr $COUNT - 1`
  done
  echo $KEY

[tacocataco]

Why can't you bury a 2nd box in your friends yard who lives across the country?

[CatWChainsaw]

Okay, and when your friend moves, and you buried it years ago, so they forgot to dig it up what with everything else going on in their life at moving time?

[forgotmyinfo]

Never underestimate the security and safety of a hidden piece of paper! If it's good enough for wills for the last 500 years, it's good enough for a password.

[lxgr]

A better analogy would be a piece of paper with your username.

Finding somebody’s will doesn’t give you access to any of their data or funds.

[fortran77]

I keep one-time keys between pages of some books on my shelf, and a copy in a safe deposit box. I suppose if I were publically known to have tons of money in "crypto" or were a target of a nation-state, this wouldn't be safe enough. But I think it's OK for my gmail and OneDrive, etc.