The KMyMoney recovery key

KMyMoney has the ability to encrypt your data using GPG. Besides using your own key for encryption, KMyMoney supports the ability to encrypt your data with a recover key only available to the core developers.

This key will have no effect if you always have access to your own key, but if you lose your key or the passphrase for it, the KMyMoney recover key comes in handy as now the core developers can help you to recover your financial data. The only thing you have to do upfront is to encrypt your data with the recover key. If you don't do that, There is nothing we can do to help you.

For the second time I received an email with a request for help to decrypt a KMyMoney data encrypted with GPG where the user has lost his/her GPG-Key(ring). Unfortunately, in both cases KMyMoney's recover key feature had not been used and I could not recover the data. If I had the ability to help in these cases (without the recover key) it would mean that I can successfully break any GPG encryption. Trust me, this is not the case.

The only thing that allows me to help a user in this situation is the KMyMoney recover key. Using this feature, you encrypt your data with your key and the recover key. In case you lose yours, you can send me the file and I can use the secret part of the recover key pair to decrypt it. I will ask you some questions about the contents of the file to make sure that the person who sends me the file is the legal owner of the file. You will also have to provide me with your new (public) key, which I will use to encrypt the file to send it back to you. This way, your data is never travelling the internet in readable form.

BTW: I encrypt my data using my own key (the same I use to sign all my e-mails) and the recover key just for this purpose. I have stored a printed copy of the recover key as well as a CD containing it in a safe at my bank. This way, I can always reconstruct it and it is not getting lost.

Now, don't ever tell me you have not used the recover key feature ... you have been warned.

Import the key into your GPG keyring before you can use it inside KMyMoney. Select encryption against this key in the Security settings dialog. Save your data. That's it.


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: http://www.net-bembel.de/

mQGiBEHZVEsRBADT6dNItEHaZjpa9OOZ24mbemfwrVbCzH1EuV6mE+7ID8yH37Va
B5chb3qg44nAc4GY8F9Y/mggTQsG/Lvp6fIj1ADFHygHxeyzr7rh323TLZqaDbkc
rTQX0mzOK1I1Crp8AaRu3+Rs6J6WMC94QcMBNYyRppg0AN4Hxi3aPdXggwCgjd7a
wlFkKK4tXubzoXDOH06HDT0EAITZQdcZvlRMXx3XI4B/Qll3hgN55OVVhrV+xY34
E6XBFY1aaqLbussFCZOOcjUELymcD/eK/qt+mYLdkvmA0IYTk+W3E2NXvewphQuJ
X9h7kl5/Cvtm/0HLBIeRLEC4TVEruqc2ml7wni24HOC/Ez+vU4Zzk4HZVyS3akRl
xFnFBAC4fNyrupnWlWPd2UJNyggpd40rUYzy/yK+4W0b/3coHP1hOSFf1RBhhgC3
D/W8QEAWnCih15IXNNI4om86Bz+p9cnoDVELIjeq5BvafpPGGkz84Z7YU1+q9Lhc
oXabxZdzI/dC6EjOLThqQL0J/xlRaDyfdWXlHA9Kpf58Qz8w17RJS015TW9uZXkg
ZW1lcmdlbmN5IGRhdGEgcmVjb3ZlcnkgPGtteW1vbmV5LXJlY292ZXJAdXNlcnMu
c291cmNlZm9yZ2UubmV0PohkBBMRAgAkAhsDBgsJCAcDAgMVAgMDFgIBAh4BAheA
BQJLQkH4BQkSzu8tAAoJEFmw+CbSsIRAxlkAn3eCQdMWhilvHScJz+m9egvEt6VS
AJ9NisP1ZRjqhJSKGVOMQQvPgMP5w4hMBBMRAgAMBQJB2V9SBYMJZfZ5AAoJEJxZ
20C3XdO6Ka4AoKV1dfZLAfs6IMjBdLlqK4yXwboyAJ4pzfrXOC+5EWnvLWr1jjbU
ceEkfbkCDQRB2VRWEAgA1WRswk4r1I+7+omZTU1X645meLq4lSObWfIuqRA8bT5S
/oBiRx3yOMA6OhdVugeCUjaX9oAIaG478Q30hRor0ErQL4HVcMYrPJfL5C516mrj
LVBIeRpPrcUxwcO1o4x9/eLWoUGbgYu5DmJyWUQdmNmDDxPRNSs6yBtFmwdqOioW
ZUEqgUW8AGKCqqSw2Y9TaFye94dREeDag0WfeEiy1yFkn2e2R5oERen5j6yHHaoE
FMCRZAQeVqHC3THiEVy1avSEKNUuchwFC0ZEreMFDjXdVk0YeUoGu3/jfpLDy2Cv
dbrCzWKn+HOERmkmrolh5OEo2dRJynMdFfc64QcinwADBwf9HDfEvRjzvZcXHIsE
CFLEW61+0UJpVggQx01e/2CSnr+zP8stZd6JEE/gTZi49iHFdN9mCb+yj8J7KTje
GTImpG+kfNA7CXci4hAemVe/3wkBYLv4O2T2v03vzeOVRoChzdnxOIoEgckNyPcJ
suasxmCHJcACexTG/YVQzMpOrrUktY7fcqUVrerqT4VNbHzFQRv1NGOgcJJCZaao
umhw/QsfZ5FjQIHgjQmutlJhNkv/RgV+iAUPW8zrRtQN5DcNlk8pYNMG4WIGABsS
JFw1uI2SP/rVXdjtLGniefhNNb2oKU1iPKoCp6mi3txeZ5rOAWc/7U9D68iowOc0
RC+XEohPBBgRAgAPAhsMBQJLQkIDBQkSzu8tAAoJEFmw+CbSsIRAEqsAnjXDRpD7
tvKAVZouBf7QVIEGc60nAJ90Vs8aVWXkkE04jPTIzKMbX5xMAQ==
=on3M
-----END PGP PUBLIC KEY BLOCK-----