For a university project of mine I am making a password manager online and I want to be able to store user's passwords on my server without being able to access it myself. Here is what I intend to do:
- encrypt users' passwords with RSA encryption
- store the keys used for encryption, encrypted with a long hash generated on the client side using the
master password
- Having the user type its
master password
every time some of the keys are used
But in this process there is a huge issue. I am not able to recover/generate new user password. What if they forgot their password.
Based on what I came up with there are two options:
Not giving the users ability to change their password - well this seems like killing the product before the launch
Change user's password by keeping a copy of the key encrypted with some other hash like security question - this does not seem like an option since security questions are obsolete on most modern websites because of security risks.
Do I have some other options except for this ones? I guess I need a 'Trust No One' (TNO) or 'Zero Trust' architecture but there are some holes in my design.