Access recovery questions in LoginShield

If your LoginShield authenticator is lost or damaged, you’ll need to get a new one and recover access to your account.

As the front door to your online account, using the LoginShield authenticator is by far more secure than using a password. But to enable you to recover access to your account when the authenticator is lost or damaged, we also need a side door: the access recovery questions.

It’s critical to have a secure access recovery process so that it doesn’t become the weak link that attackers can exploit to hack into your account.

To make the access recovery process more secure, we did some things differently:

1. We ask for your email address and verify it before continuing the process. An attacker needs to hack into your email to continue.

2. If you set up one or more secure access recovery locations, we check that you’re at one of those locations before continuing the process. An attacker would need to physically be at one of the designated locations to continue.

3. If you set up an access recovery password, we ask for that next. This is a great replacement for the “security questions” that are typically used at many websites. If you’ve ever been frustrated at being asked those questions and being forced to choose security over honesty, you’ll be happy to have an access recovery password you can choose.

4. If you want a little hint instead of using an arbitrary password, or you want to increase your account security by using a password and additional questions, you can answer use the optional “state id” and the “memorable date” questions. Your answers to these questions are also completely arbitrary. LoginShield doesn’t care what you enter here, as long as you can enter the exact same thing when it’s time to recover access to your account. We limit the number of attempts, so an attacker has to wait 24 hours and repeat the process if they guess incorrectly too many times.

5. The password, state id, and memorable date are double hashed for your privacy and security. Each one is hashed a first time by the LoginShield app before being sent to the server. That means the server (and any of our staff) can’t know the original password, state id, or memorable date you entered. Each one is hashed a second time by the LoginShield server before storing it. If an attacker hacks into our server and steals the database, the attacker cannot use that information to complete the access recovery process.

6. We send you an email notification when someone is attempting to recover access to your account. If it’s an attacker, and you still have your LoginShield authenticator, you can log in to your LoginShield account and see what exactly is being attempted. Then you can take appropriate actions to secure your account, such as changing your email password (when was the last time you did that?), reviewing and possibly changing your designated recovery locations and recovery password.

Learn more in the LoginShield Handbook: How to recover access and how to set up access recovery.