Passcrow brings password reset functionality to strong encryption, without giving sensitive data to third parties.
Your sensitive, encrypted data stays on your devices, but fragments of a recovery key are placed in escrow with community-run servers, which only release the fragments once you have proven your identity.
Passcrow works like this:
This is intentionally similar to the password resets of mainstream cloud accounts. Familiarity is a feature!
Behind the scenes, Passcrow uses Shamir's Secret Sharing and AES encryption to safeguard user data and privacy.
Servers store recovery key fragments, releasing them only when you have verified your identity. The fragments and identities are strongly encrypted and the keys required to decrypt and initiate recovery live on your device.
Until you request recovery, you are completely anonymous.
Passcrow is primarily a tool for developers of encryption software, who are in need of methods to safely regain access when keys or passwords get lost.
Want to add recovery options to your project? Passcrow can help!
Technically savvy people who want to manage recovery themselves, are of course encouraged to do so as well!
Anyone can run a Passcrow server, but doing so for the general public implies a commitment to keeping the server online for a long time: years or even decades.
Currently, Mailpile is committed to running one such server, but it would be great if more organizations took part.
Please get in touch if you have ideas!
The following table lists the known public Passcrow servers. These servers are automatically monitored by passcrow.org to track availability and whether escrow/recovery requests succeed or not.
|Admin||Country, version, ...||Uptime (days)||Escrow Tests|
To add your server to the list, open a pull request against the master JSON file.