Passphrase Reset

Learn more about the Passphrase reset feature and how it works.

The passphrase reset feature of Affinidi Vault provides a secure method for Vault users to recover their access if they forget their Vault passphrase. The Affinidi Vault passphrase secures the private key that encrypts and decrypts data in the Affinidi Vault.

This feature implements a cryptographic algorithm called Shamir’s Secret Sharing, which allows the secure distribution of private information (“secrets”) across different networks or devices. This keyless cryptographic technique keeps personal data like biometrics, cryptographic keys, and passphrases safe and secure.

The Affinidi Vault passphrase reset feature generates 3 PDF files (Shares) from the current Vault Passphrase of the user, each containing phrases. Each of these files does not expose the information about the “secret” unless the required number of these individual files (Affinidi Vault requires 2 of the 3 files) are combined to be able to reconstruct the secret and use it to recover the access to the Affinidi Vault.

How Passphrase Reset Works in Vault

Using Shamir’s Secret Sharing algorithm, the Affinidi Vault Passphrase reset provides the following flow.

Downloading the PDF Files

To reset the Vault passphrase later, if they forget it, Affinidi Vault users must download the PDF files containing secret phrases on the Settings page. After verification, the Affinidi Vault will generate the 3 PDF files based on the user’s current Vault passphrase.

Affinidi Vault - Passphrase Reset Settings

Users must securely distribute the files to their trusted person, devices, or location, which they can use later to recover access if they forget their passphrase to unlock the Affinidi Vault.

Follow some of these tips on securely distributing and storing the recovery files:

Give one of the copies to someone you trust, like your family members or friends.
Store one of the copies on one of the trusted devices, either on a laptop or mobile device.
Store one of the copies in a secure storage service, like Google Drive, to have a digitally accessible copy.
Print one of the copies and keep it safe in a secure physical location with restricted access, such as a deposit box.

Never store the copies in a single location to reduce the risk of someone getting a copy of the recovery files and gaining access to your Affinidi Vault.

If the user updates their passphrase after downloading the PDF files, they will need to download the files again.

Recovering Affinidi Vault Access

If the user forgets their passphrase to unlock Affinidi Vault, the user can click on the Forgot Passphrase? link in the Affinidi Vault login page.

Retrieve 2 of the 3 PDF files downloaded and securely stored previously and upload them into the Reset passphrase page of the Affinidi Vault. The Affinidi Vault will use the 2 PDF files containing the secret phrase to reconstruct the passphrase and unlock the Affinidi Vault.

After successful validation of the reconstructed passphrase and unlocking the Affinidi Vault, for enhanced security, the Affinidi Vault will prompt the user to set their new passphrase.

Was this page helpful?

Glad to hear it! Please tell us how we can improve more.

Sorry to hear that. Please tell us how we can improve.

Thank you for sharing your feedback so we can improve your experience.