Methods of Master password and 2FA recovery

This is not an emergency. I haven’t forgotten my master password nor locked out my account, I just want to explore password recovery and think about the implications in terms of security. Many services have provision for recovery, but the recovery means you have a gaping security hole. What would you do to recover?

For the master password, it appears that the only thing you can do is send a hint. If you have an open vault somewhere, I can export the vault, wipe out my account and reimport?

For 2FA, we can print out a recovery code. This is the only way? What happens if you don’t have a recovery cod and the 2FA devices gets destroyed? If I learn anything so far:

  1. Write down the Master Password and store it somewhere off-line.
  2. Backup the vault by exporting it. This will be use to recover if there is a
  3. Save the recovery code for 2FA.
1 Like