Data protection: Worst Case Scenario

Data Protection
Published on
April 26, 2023
📖  Table of content

Too much data security can lead to unintended consequences. Consider a scenario where all your accounts are protected by 2FA, random passwords, and backup codes stored in digital vaults that demand robust authentication.… Have you ever tought of what would happen if you lost all your devices simultaneously?


In the quiet of night, your household sleeps peacefully. Suddenly, at 3 AM, the piercing shriek of the smoke detector jolts you awake. Flames have taken over the kitchen! With not a second to spare, you gather your children, rush to the door, and escape to the safety of the street outside. Minutes later, the fire brigade arrives, and everyone is secure from harm.

But your house is burned down.

And all your devices were inside.

  • Computers and tablets
  • Mobile phones
  • Smartwatch
  • Physical backups: USB key, HDD, etc.
  • Wallet with identity papers
  • Recovery codes printed on a paper

In the morning you need to call insurance, do urgent administrative tasks, send and receive important emails. You are using someone else’s computer. Now, you try to connect to your accounts. But you realize, there is a problem.


The problem is that, as a security-aware person, you’ve enabled two-factor authentication on all your important accounts, as well as distinct random passwords on secondary accounts. And this is how the nightmare scenario can unfold.

 Getting any 2FA codes (for Google, Proton, iCloud, etc.) becomes impossible:

  • Restoring your Authentication app from cloud backup: it would have worked on the same device, but since your phone is destroyed, the codes are no longer valid on a new phone.
  • Backup codes stored on HDD, USB flash drive or piece of paper: lost in the fire.
  • Backup codes stored in the cloud, e.g. a secondary Google account: inaccessible because you can't recall the robust, random password (it is stored in your password manager), and/or 2FA is needed.
  • 2FA code by SMS: you don’t have your new SIM card yet, and since you’ve lost identification documents, obtaining one will take some time.
  • Recovery email address: similarly, you can't recall your secure, random password—that's what password managers are designed for.

❌ Logging into your password manager is also impossible:

  • To log in from a new device, your authentication app's 2FA is required.
  • You possess recovery codes, but they're stored on either a lost physical device or in the cloud on an account you can't access at the moment (due to a random password and/or 2FA).

Since all your physical devices were stored in the same place, and all your cloud recovery solutions rely on one another for access, you’ve locked yourself out from your digital world.

Mitigation strategy

To mitigate this worst case scenario, I’ve created a “recovery wallet”: an encrypted and anonymous container. It holds the essential backup codes required to restore 2FA authentication, as well as passphrases and important passwords, for my most critical accounts. It can also store any confidential files.

My recovery wallet, under 10MB in size, is AES-256 encrypted and secured with a strong password that I memorized, and that has never been written anywhere. The filename is generic and gives no hint about its owner (something like wallet.dmg)

Then I copied this wallet on 2 different media and stored it in 2 different places:

💾 A physical copy. It should be on a small device, like a USB Key, or an SD card. A micro SD card is smaller than a coin, very easy to hide, and costs about 15$ for 128GB on Amazon. Be sure to leave no distinctive sign on the device, in case it would be found.

I concealed the physical copy in a location outside my home. Close enough for quick retrieval in emergencies, yet sufficiently distant to be out-of-reach in the event of a fire, burglary, or thorough search.

🌥️ A copy in the cloud, on an anonymous and client-encrypted provider. A free anonymous Proton account is typically a good option, albeit with certain limitations:

  • 2FA cannot be set up on the account for the reasons previously mentioned. Therefore, your password must be strong yet memorable. However, the wallet's encryption provides a second layer of security.
  • Proton free accounts are deleted after one year of inactivity! So make sure to connect at least once a year to avoid silently losing your backup. This routine will also ensure that you haven't forgotten your password.

With this recovery wallet system implemented, I am confident in my ability to recover my data from even the worst case scenario.