Right now, Mega, the zombie file sharing service currently only useful for people with infinite patience and/or dial up Internet, doesn't offer any sort of password reset or recovery system. If you forget your Mega password, you're shit out of luck. That's because the password you use is the master key in decrypting the files you uploaded. You cannot lose that password. For now.
Mega has announced that in the future it will allow you to reset your password. But unlike normal password resets, you don't automatically gain full access to all your uploaded files. Mega says:
A password change feature will re-encrypt the master key with your new password and update it on our servers
A password reset mechanism will allow you to log back into your account, with all files being unreadable. Now, if you have any pre-exported file keys, you can import them to regain access to those files. On top of that, you could ask your share peers to send you the share-specific keys, but that's it - the remainder of your data appears as binary garbage until you remember your password.
That means the password reset feature for Mega is going to be super secure and better than a typical reset. If someone tries to tap into your account by reseting your password, they still won't have access to the files you previously uploaded. You can only access those old files if you have the old keys. The annoying thing though? If you really just forgot your Mega password, you're going to be pretty annoyed that you can't access those files. So in the name of security, DON'T FORGET IT!
No comments:
Post a Comment