[Story] ER-233: Manually enter a recovery key (passphrase)

[mxandreas]

Description

Background

In some environments it is challenging to store a generated recovery key because users are not used to using password managers, and/or the organization is discouraging or even banning the use of password managers. Thus, as a mitigation, users can choose the recovery key themselves which they can remember. Of course, what the user chooses is not used directly for encryption - the encryption key will be derived from this. Note that the primary downsides of this approach are:

• Users not choosing a string that is not strong enough.
• Users confusing it with their account password.
• Users overwhelmed with choices when both generated recovery key and manually entered one are available.

These concerns above are partially mitigated in the new designs below.

Solution

• The option to manually enter the recovery key (passphrase) is not available by default. It needs to be configured in the ESS to be active by setting a minimum length for the passphrase. Configuration option TBD.
  • Activating this will deactivate the generated key - only one of them is available at a time.
• The only criteria for the entered passphrase is the length, others (e.g. must contain certain characters) will be added later if needed.
• Designs: Web | iOS | Android

Acceptance criteria

• TBD

Leads

• Tech:
• Design: @americanrefugee

Time sheeting

?

Documentation

Dependencies

• None

Out of scope

• Nothing

Open questions

• None

Subtasks

Android

iOS

Rust

Other

Sign-offs

• Android
• iOS