Tech dobz

preparing a tiny bit of magic...

    Overview

    Account Recovery & Password Changes

    Account Recovery & Password Changes

    Read this first: Zero uses strong encryption. If you have not created a recovery kit and you forget your master password, your encrypted data cannot be recovered. Backups do not bypass this; they preserve the same encryption.

    What is the recovery kit?

    A recovery kit is a small offline file (JSON) that can unlock Zero without re-encrypting your data. It does not contain your data, but anyone who has it can unlock your vaults on your device. Keep it offline and private (USB, password manager, printed QR).

    What’s inside the kit?

    A short code (rk) that can unlock your encryption key. The code is wrapped by Zero’s cryptography and is safe to store offline, but possession equals access. Treat it like a physical key.

    Create a recovery kit

    1. Open Recovery in the app.
    2. Choose Create recovery kit.
    3. Re-enter your current master password to confirm.
    4. Download the file zero-recovery-kit.json and store it offline.

    Zero also supports Test kit to verify that your file/code works without changing anything.

    Use the kit to recover access

    1. Open the app and go to Use recovery kit (on the login page or the Recovery screen).
    2. Upload your zero-recovery-kit.json or paste the recovery code (rk).
    3. Zero unlocks your session. You’ll see a “Recovered session” badge.
    4. Immediately set a new master password (see “Set a new password after recovery”).

    Rotate or disable your kit

    • Rotate kit: Generates a brand-new kit and invalidates the old one. Do this after any suspected exposure.
    • Disable recovery: Permanently removes the recovery option until you create a new kit again.

    Both actions require your current master password (you must be in a normal, non-recovered session).

    Change your master password (normal session)

    When you know your current password:

    1. Open Recovery → Change login password.
    2. Enter current password, then a new password.
    3. Zero re-wraps the encryption key with your new password. Your data is not re-encrypted; this is fast and safe.

    Set a new master password (recovered session)

    After unlocking with a recovery kit:

    1. Open Recovery → Set new login password.
    2. Paste the rk from your kit to authorize the change.
    3. Choose a new master password and save.

    This links your vaults to the new password going forward.

    Best practices

    • Create a recovery kit immediately after your first login and store it in at least two safe places.
    • Use a strong master password and avoid reusing it elsewhere.
    • Rotate your kit if you ever suspect it was exposed.
    • Back up regularly; backups preserve the same encryption and require your password or recovery kit after restore.

    Troubleshooting

    “Invalid kit” when restoring

    Make sure you selected the correct zero-recovery-kit.json or pasted the exact rk value. If you rotated the kit, older files are no longer valid.

    I used the kit and can access my data, but I’m prompted to set a password

    That’s expected in a recovered session. Use Set new login password to attach a fresh password to your vaults.

    I never created a kit and forgot my password

    Zero cannot recover encrypted data without a valid password or recovery kit. This is by design to protect your privacy.