Recovery codes

A list of randomly generated alpha-numeric codes.

Description

This allows a person to regain access to their data with single-use codes. Codes are downloaded and stored in a safe place, in case the user loses other authenticate factors such as text-messages, objects or the authenticator app.

Advantages

Allows access to data when other factors are lost or unavailable
Can be stored on local devices or in physical security

Limitations

If lost, access to data is potentially lost permanently
If found, it can lead to unauthorised access to data

Examples

Most services that use multi factor authentication create recovery codes for use when the other factor is unavailable. For example, Github or Lastpass.

Was this pattern useful?

Thank you 🙂

Description

Advantages

Limitations

Examples

Related patterns