Why we don’t reset passphrases
Published on August 10, 2017
We often get asked why we won’t reset passphrases for email accounts. People forget their passphrases all the time, why can’t we just make life easier for everyone by resetting them?
Our commitment to security
Simply put, Hushmail is committed to security and privacy, and enabling people to reset passphrases doesn’t support that.
For starters, we don’t even know your passphrase, since we don’t store them on our system. This eliminates the possibility of Hushmail being compromised and your passphrase getting into the wrong hands. Hushmail Business customers who have enabled passphrase recovery can reset passphrases for users on their domain who have lost or misremembered their passphrases, but we put this in your control. We still don’t have the ability to reset the administrator’s passphrase if it’s lost or forgotten.
Passphrase resetting is not secure
Many of the ways passphrases are reset open the door to security breaches.
To reset your passphrase, a service provider will often email a link to a backup email account, which you click on to reset your passphrase. But if that backup email account has been compromised, it gives someone with unauthorized access the ability to change your passphrase and access your email.
Another method of resetting passphrases is by using security questions to confirm your identity. But it can be easy to figure out the answers to those questions, sometimes with just a few minutes of research. (A famous example was when someone accessed vice presidential candidate Sarah Palin’s email through the account recovery process for forgotten passwords. The person who hacked the account easily found details on Palin, such as her birthday, zip code and what high school she attended, and that was enough to get into her email.)
If security questions are answered over the phone, they can be even easier to solve, since it might be possible to persuade the person on the other end to offer up a few hints.
Some services will reset your passphrase via SMS, but that’s not too difficult to circumvent either. Hushmail uses SMS for two-step verification, but only when used together with a passphrase, never by itself.
In short, most passphrase resetting methods are easier to crack than the passphrase itself, which defeats the purpose of having a strong passphrase. At Hushmail we value safety and security, sometimes over convenience. Not enabling you to reset your Hushmail passphrase makes your account more secure.