I'm currently migrating the encryption functionality used in a PHP project from mcrypt (which was deprecated in PHP 7.1.x and no longer works from PHP 7.2 onward) to openssl, using the defuse/php-encryption library.
I would like to encrypt some of the data using the lib's KeyProtectedByPassword feature, so that the data is encrypted by a key that is itself protected by the user's password. Using the library is quite straight-forward, so that's not my issue here. Instead, I wonder if it's possible at all to implement a "Forgot password" functionality while preserving the encrypted data for the user?
My understanding is that there's no way around knowing the password to get the encryption key (otherwise the whole feature would be useless), so that would mean that the data is lost when the password is lost. There is a changePassword method, but that requires supplying the current password as well, so that won't help.
I also have 2FA implemented for the user accounts as a voluntary option.
- Could it help to save the key encrypted in a way that it can be decrypted using 2FA, in order to have a second measure to restore access, or will that introduce other security concerns?
- How would I approach that? Simply using the 2FA secret key is not an option, as someone with access to the database could then just read that out and use it to decrypt the user's data.
I already read similar questions like this and this follow-up. I might implement additional measures as suggested in the answers there as well, but I would like to get an answer considering 2FA and the use of this specific library.
