I thought we all assumed 'security questions' are just security vulnerabilities, and just fill them in with `crypto.randomBytes(64)`.
On Mon, Aug 22, 2016 at 5:59 PM Julien Vehent <[email protected]> wrote: > On Tue 23.Aug'16 at 10:48:28 +1000, Ryan Kelly wrote: > > On 23/08/2016 10:43, Richard Newman wrote: > > > Under the hood there would be a bunch of shamir's secret sharing > and key > > > wrapping palaver to actually make things go. > > > > > > You mean like wrapping the user's kB with their own kA (prove ownership > > > of your account) plus your friend's kB (prove non-resetness of their > > > account)? Yeah, that's a dance, but it could work :) > > > > Right, something like that. Alternately, wrap kB with an escrow > > recovery key kR, shamir split the secret kR, and encrypt the different > > parts of it in different ways - one part with the user's kA, one part o > > with the buddy's kB, one part with answers to security questions, etc. > > > > But at that point I may be wandering into "fun crypto games" territory > > rather than "solve a user problem" territory, which does happen to me > > sometimes :-P > > Just to be a downer here (apologies in advance). > > I think that works great in theory. In practice we would end up with > a bunch of users who listed their ex-spouse who left with the dog and > the microwave 2 years ago and can't be reached out. I can already see > the bugs coming into triage... > > I like the algorithm Richard described, but as a user, I rarely remember > any of my security answers. To the point that I write them down in an > encrypted file. I'd be curious to know how non-tech users handle them. > > - Julien > _______________________________________________ > Sync-dev mailing list > [email protected] > https://mail.mozilla.org/listinfo/sync-dev >
_______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
