I’m not sure if this is the correct place to ask this, so if there’s a better community please direct me to it.

I’m making a web app that I plan on hosting. Users will be able to create an account on the website. The only information about the user themself I store is email and an argon2 hash of the password. All the other information stored about a user’s account is specific to and only makes sense in the context of the app.

Now, while I only have one piece of PII, I’d prefer it to be zero. Ideally I’d replace the email with a username for the purpose of uniquely identifying users. However, there’s one problem: I want to be able to send an email to a user if they forget their password so they can reset it. I don’t know if there’s a way to do this without storing their email.

Is there a way to do the mentioned functionality without storing PII? Alternatively, is there another way of handling a user forgetting their password that doesn’t require them to remember anything and doesn’t need PII?

  • X_Cli
    link
    fedilink
    arrow-up
    1
    ·
    3 years ago

    You can generate “shadows” of the password with a scheme like Shamir’s Secret Sharing Scheme. These shadows can then be distributed to “unrelated friends”. Whenever you loose your password, you ask your friends for the shadows you gave them earlier and you can recover the password from the secret recovery procedure of the scheme. This prevents any single “friend” from recovering your password while allowing password recovery.