# Backup keys

The backup key mechanism in Seald allows an administrator to generate a backup password to recover access to the account of a user in the event all their devices are lost or inaccessible.

This works by adding a virtual device (i.e. a key pair that will be called a "user backup key") to each user's account. The private key of this user backup key is then encrypted for an administrator backup key and this encrypted key is backed up on Seald's servers. The administrator backup key is itself encrypted by a password and this encrypted key is also backed up on Seald's servers. This mechanism allows an administrator who knows this backup password to recover access to a user backup key, and will allow in the future to associate a new device with an account.

# List of backup keys

This list is available in the settings of the administration panel, under the "Backup keys" tab.

Domaines
Tab Backup keys

The "Installed" column gives the number of users in the team who have added a certain backup key.

# Generation of a backup key

To add a backup key, click on the "Create a backup key" button. Give your key a name. You also have the option of sending a request to add the backup key to the team's users.

TIP

By asking existing users to add the backup key, a window will appear asking them to accept the key.

Otherwise, the window will appear the next time Seald is started.

TIP

For new users, a request to add the backup keys will happen at the end of the Seald registration.

Domaines
Adding a backup key

If you did not check the box to send a notification to your team's users to add the backup key, you can do so by clicking on the 3 small dots to the right of a key and select "Request adding".

Domaines
Backup key password

At this step, a password is given to you. Note that you must keep it or you will permanently lose access to this backup key.