Recovery Group Not Set

Owned by Phil Rodrigues
Last updated: Jun 18, 2024
2 min read

Product

Full PreVeil, iOS app, and Android app

Common Causes

  • A recovery group is not assigned to a user in an organization or an individual

  • Multi-tenancy is in effect

  • Failure in application process

Recovery Group unassigned

A recovery group must be assigned prior to performing an account recovery, and the underlying process must be completed. The assignee and members of the recovery group must be online in a two-week period to complete the assignment.

Multi-tenancy

An account recovery may have been successful, but the account inaccessible owing to multi-tenancy. Subsequent attempts to recover can result in the error message. The solutions are two reset the tenant or to disable multi-tenancy.

Note: it is advised to retain multi-tenancy on a shared computer.

Failure in Application Process

To set up a Recovery Group, the assignee’s private key is broken into fragments or shards, with each shard assigned to a member of the group. These shards are encrypted and kept on the server. When a user needs to recover their account, each of the required approvers retrieves their encrypted shard from the server, decrypts it using the approver’s private key, and sends the decrypted shard securely to the user that is recovering.

It is important that the assignee and members of the group are online with PreVeil software running properly for the process to complete. The process happens automatically when users are online, and no actions are required on their part. If users are not online or have properly running software, within a two-week period, then the recovery group application will fail as timeframe to complete key fragmentation will have expired.

Administrators of PreVeil organization are sent weekly Health Check Emails to inform of users who have an invalid or missing recovery group configuration and how to resolve it.