How to review an account recovery request
Accepting or rejecting an account recovery request
Administrators might receive account recovery requests from the users who lost their passphrase or recovery kit. Email notifications can be configured for the administrators to receive an email when an account recovery is requested. This email facilitates the account recovery request review by providing a link that redirects to the account recovery request review dialog. In any case, it’s possible to review account recovery requests without email by accessing the user workspace. With the account recovery feature enabled, a new column “attention required” appears in the list of users. This helps to quickly see or sort users who require administrators to process their account recovery request.
To process a request there are 4 ways you can choose.
Using the link in the received email, it will open the application with the corresponding dialog opened.
By right-clicking on the user row in the grid and click on “review request” in the contextual menu
Having the user selected, by clicking on the “more” button on top of the grid and click on “review request”
Using the “review” button accessible in the section “account recovery” from the user details. This section also shows the number of account recovery requests a user made and the state of the last request..
Administrators are prompted to accept or reject the account recovery request. Some information is provided in the UI, they need to be carefully checked before taking any action by verifying that the user is known and that the fingerprint is the expected one (we’re never too much careful). As a safety check, after making a choice administrators are prompted to provide their passphrase (unless they decided that the extension should remember it).
At this step, if administrators choose to reject the request, an email will be sent to inform the corresponding user and the procedure stops there. Otherwise the private ORK is asked in order to continue with the procedure. It is necessary for the browser extension as the key will be used to decrypt the user’s private key before re-encrypting iit with the user’s temporary key. Then the user will receive an email to finish the procedure.
Other frequently asked questions in the same category
- How to install and remove browser extensions
- How to create and setup an account
- What can I do if my registration token expired?
- How can I change the profile picture
- How to copy a password to clipboard
- Password basics
- Managing your favorites
- How to share passwords
- How to import passwords from a csv or kdbx file
- How to disable your browser/mobile built-in password manager
- How to use tags (PRO)
- Roles and permissions FAQ
- Roles and permissions
- How to subscribe to the account recovery program?
- How to review an account recovery request
- How to generate an OpenPGP key
- How to recover my passphrase?
- How to recover an account?