You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Encrypting a new directory with a new v2 policy re-uses the login protector. However, it does not re-use the recovery protector, but creates a new one (Y/n). User ends up with multiple directories with the same login protector but different recovery protectors.
After offering to create a recovery protector (recommended), perhaps fscrypt can ask if the user would like to re-use [list all keys with "Recovery" in the description] or create a new one.
Or detect what recovery protector is used by another policy that uses the login protector.
In the end it makes sense for the user to have the same recovery passphrase for directories that use the same login protector.
The text was updated successfully, but these errors were encountered:
Encrypting a new directory with a new v2 policy re-uses the login protector. However, it does not re-use the recovery protector, but creates a new one (Y/n). User ends up with multiple directories with the same login protector but different recovery protectors.
After offering to create a recovery protector (recommended), perhaps
fscryptcan ask if the user would like to re-use [list all keys with "Recovery" in the description] or create a new one.Or detect what recovery protector is used by another policy that uses the login protector.
In the end it makes sense for the user to have the same recovery passphrase for directories that use the same login protector.
The text was updated successfully, but these errors were encountered: