How To Reset Password If Forgot Password

Question

How To Reset Password If Forgot Password

phpgraduate opened this issue 4 years ago · 3 comments

Hi, I'm trying to add forgot password function in this repo to set a new password.
/**
* Forgot password
* @param newPassword
* @throws error, if newPassword is incorrect
*/
forgotPassword(newPassword) {
if (newPassword != "") {
let enc = new TextEncoder("utf-8");
this.chaChaPassword = new ChaCha20(this.keyPassword, this.keyPasswordNonce).encrypt(enc.encode(newPassword));
this.useDefaultPassword = false;
}
else throw new Error("Incorrect old password");
}

I tried this but it is not working can anyone help me with this.

Answer 1 · 2021-02-04T08:01:43.000Z

Basically the secrets are differently encrypted depending on the Storage. On hard drives they are encrypted using OpenPGP symmetric encryption and in Memory via ChaCha20.
If you only have a the file that is placed on the hard Drive, the only possibility to recover it is via cracking. Depending on the password strength this can take years.

Answer 2 · 2021-02-04T08:16:49.000Z

Does it mean if I forgot the password I can never access my account?

Answer 3 · 2021-02-04T08:33:25.000Z

Correct, otherwise encryption makes no sense, everyone is then able to reset the password.