Recovery Box

Lockbox allows you to choose a trusted party to help  you recover your passphrase in the unlikely event that you forget it.

The recovery box is the way to allow this to happen. You can use it to assign a trusted person with the permission to access your recovery passphrase. Lockbox uses trusted users to handle passphrase recovery to minimise identification and authentication issues on the server side. Trust is pushed away from Lockbox to the users because they know best whom to trust.

Be very careful who you invite to access your recovery box. Only choose someone who you trust implicitly.

Enable Recovery Box

Set up recovery box

Set up recovery box Step 2

The first thing to do is to enable your recovery box.

  1. Go to the main menu and open the ‘Security’ menu. Then select the ‘Recovery Box Management’ item.
  2. Select the ‘Enable recovery box’ button.
  3. After the setup is completed, the recovery box management window displays two new buttons that allow you to refresh and disable your recovery box.

Invite user to recovery box Step 1

Invite user to recovery box

In the next step, you invite a trusted user who will have access to your recovery passphrase and credential revocation.

  1. Select the ‘Invite user’ button.
  2. Enter the email address of a trusted Lockbox user in the combo box, e.g. a family member, a close friend, and press ‘Next’.
  3. The trusted user is added to the list in your recovery box table and receives a box invitation which they must accept.

Confirm recovery box user

Confirm recovery box user Step 3

In the final step, you need to contact the trusted user and ask them to accept your invitation. After they have done so

  1. The status of the user changes from ‘invited’ to ‘pending’.
  2. Tick the checkbox next to the invited user and then select ‘Accept selected user’.
  3. The setup of the recovery box completes and the status of the trusted user changes from ‘pending’ to ‘connected’.

Your recovery box is now ready to use.

You can invite more than one trusted users to access your recovery box.

Disable Recovery Box

Disable recovery box

If you wish to disable your recovery box, do the following

  1. Go to the main menu and open the ‘Security’ menu. Then select the ‘Recovery box management’ item.
  2. Select the ‘Disable recovery box’ button.
  3. After the operation completes, your recovery has been completely disabled and cannot be accessed by anyone.

Remove Trusted User

Remove trusted user

To revoke access to your recovery box for a user, do the following

  1. Go to the main menu and open the ‘Security’ menu. Then select the ‘Recovery box management’ item.
  2. Tick the checkbox next to the invited user and then select ‘Delete selected user’.
  3. After this operation completes, the deleted user does not have access to your recovery box.

Refresh Recovery Box

This simply produces another password recovery password.

Use this function, for example, after you have changed the set of people who have access to your recovery box or when you have changed your credentials passphrase.

Passphrase Recovery

Passphrase recovery Step 3

Passphrase recovery Step 5

The objective of your recovery box is to give a trusted user the ability to provide you with a recovery passphrase in case you forgot yours. If you want to access your recovery passphrase you need to contact the trusted user who then performs the following

  1. Login to Lockbox.
  2. Go to the main menu and open the ‘Security’ menu. Then select the ‘Recovery box management’ item.
  3. Select your email address in the ‘Manage other users recovery boxes’ list box.
  4. Select ‘Show passphrase recovery passphrase’ button.
  5. A window with your recovery passphrase pops up. Ask your trusted user to forward this passphrase to you, e.g. via SMS or a phone call.

Your recovery passphrase can only be applied on a computer that has your private Lockbox credentials installed locally. Lockbox strongly recommends to keep your local credentials only on a computer to which you have exclusive access rights. In this way you ensure that only you can gain access to your Lockbox using your recovery passphrase.

The trusted user cannot use your recovery passphrase to access your Lockbox unless they also have access to your private credentials. Hence, make sure your credentials are kept secret in order to prevent unauthorised access to your Lockbox.

Credential Revocation

If you need to revoke your personal Lockbox credentials, contact your trusted user and ask them to do the following:

  1. Login to Lockbox.
  2. Go to the main menu and open the ‘Security’ menu. The select the ‘Recovery box management’ item.
  3. Select your email address in the ‘Manage other users recovery boxes’ list box.
  4. Select ‘Revoke user credentials’ button.

Be absolutely certain whether you want to revoke your credentials. After revocation, your credentials are invalid and you will not be able to access your box anymore. All contents will be lost – except for invited boxes and shared client boxes you participated in. To regain access to these boxes, you require an invite from another person in each box that you had previously access to.

 

Customer Login Contact Sales