Remove the account recovery code
Please remove the account recovery code that you have just added. This is a huge security risk. Pretty much the biggest security risk you could add. Did you do this intentionally so you can compromise our accounts when you need to?
It's especially suspicious that you were clearly stating before: 'don't lose your password, we cannot reset your account' and now you miraculously add this without anyone asking for it.
It's especially concerning that this so-called private code can reset both the password AND the 2FA. I don't need that kind of vulnerability in my life. Who does? People who forget their passwords - they're free to go to Gmail - why would you intentionally shoot yourself in the leg? Did some three letter agency got to you?
The account recovery code is only readable/encrypted for the account owner. We can not access it and therefore can’t access your encrypted data.
If you use a second factor, you can’t recover your account by just entering the recovery code. You need two out of three:
- Your password and your recovery code for resetting second factors
- Your second factor and the recovery code for resetting your password.
You can only access your recovery code, if your provide your password. If someone has access to your desk, he won’t be able to inspect the recovery code without knowing your password.
If you don’t want to use the recovery code, you don’t have to. But you can’t restore access to your account if you lost your second factor or your password in that case.