Questions about account recovery

millertime

Since we have an ongoing discussion in another thread for the same topic, I'm closing this thread. 🙂

-Dave

I agree. The current recovery process is less than ideal. In another post I suggested a solution for access with passkey only. Basic idea is to have one passkey for main account and another for a recovery server where the recovery code is stored. The recovery server has no knowledge which account the recovery code belongs to, so job done, access via passkeys alone with no prior authorised device required:)

millertime Well maybe yes and no. Normally most email providers have processes for customers who lost their password. So there is a slight chance to recover the email access. But depends on details (provider and their security processes) - at least the mail databases are usually not that encrypted like those 1PW vaults are... And I would even guess that 1PW support might have chances to change the eMail address as the address is not part of encryption key (But they need to tell if this is possible)

I don't understand the process, usually a user has his passwords in 1Password also for his mail account. Should the case occur that the user no longer has access to his trusted devices, I assume that he no longer has access to his mails. So this fallback mode is nonsensical and serves no regular purpose.