Skip to content

Feature Request: Implement Recovery Key Support for Vault Recovery #1683

New issue
New issue
Open
Open
Feature Request: Implement Recovery Key Support for Vault Recovery#1683
Labels
proposalA proposal for a new feature
@OnyxOracle

Description

@OnyxOracle
OnyxOracle
opened on Jul 25, 2025

Description:

Hi Aegis team,

I would like to suggest a feature that could significantly improve the user experience in case of vault access loss due to a forgotten master password: the ability to recover the vault using a recovery key.

Currently, if a user forgets or loses their master password, there is no way to recover the Aegis vault. While this design decision aligns with strict security principles, it creates a significant risk for users who may forget their password or experience an unexpected data loss.

Many secure apps (e.g., Cryptomator) have found a good balance between usability and security by implementing a dual encryption mechanism using both a user password and a randomly generated recovery key. This way, a user can still recover access if they forget their password.

Proposed Feature: Recovery Key System

How it could work:

  1. Upon vault creation or password change, Aegis would:
    • Generate a random Master Key used to encrypt the vault.
    • Encrypt the Master Key using the user's password (current behavior).
    • Additionally, encrypt the same Master Key using a newly generated Recovery Key (e.g., a list of 44 English words or similar, following BIP-39 or custom word list for memorability and portability).
  2. The user would be shown the Recovery Key once, with clear instructions to store it securely offline (e.g., printed or written down). This key could never be retrieved again for security reasons.
  3. If the user forgets their password, they could recover access to the vault using the Recovery Key, and optionally set a new password.
  4. To maintain high security:
    • Recovery Key use could require confirmation (e.g., device authentication).
    • Optionally, users could disable the recovery option entirely if they prefer no fallback mechanisms.

Benefits

  1. Security: Maintains strong encryption while giving users an emergency recovery option.
  2. User-friendly: Avoids irreversible data loss due to password forgetfulness.
  3. Optional: Could be opt-in during setup for users who prefer strict security over recoverability.

Conclusion

This feature would provide a safety net for users without compromising the overall security model of Aegis. It aligns with the practices of other security-conscious tools and would improve trust and reliability in critical 2FA storage.

Thank you for considering this request!

Metadata

Metadata

Assignees

No one assigned

    Labels

    proposalA proposal for a new feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions