This allows a person to regain access to their data with single-use codes. Codes are downloaded and stored in a safe place, in case the user loses other authenticate factors such as text-messages, objects or the authenticator app.
- Allows access to data when other factors are lost or unavailable
- Can be stored on local devices or in physical security
- If lost, access to data is potentially lost permanently
- If found, it can lead to unauthorised access to data
Most services that use multi factor authentication create recovery codes for use when the other factor is unavailable. For example, Github or Lastpass.
Was this pattern useful?