PGP - Lost Keys

How to help a client who has lost their PGP keys and hadn’t backed them up

Problem

A client has lost their key pair because their computer is lost or they have reinstalled the system and their key pair had not been backed up beforehand.

The client has not generated a revocation certificate or has lost it.

The client has no way of revoking the key, letting others know they will not be using it again.

Solution

1. If the client has still access to the device where their key pair was stored, try to help them recover it using one the following tools:

   • Recuva for Windows
   • Disk Drill for Mac
   • Foremost for Linux
   • Magic Rescue for Linux

2. If recovering the key does not succeed, recommend the following steps to the client:

   • Create a new key pair (see Article #18: FAQ - PGP Setup for details).
   • Back up the new key pair in a secure device (e.g. an encrypted USB stick or SD card).
   • Update email signature and business cards with the new PGP key ID and fingerprint.
   • Ask contacts to delete the old key from their keyring.
   • Ask contacts and friends to sign the new public key to increase the level of trust for the new key.

Comments

Related Articles

• Article #18: FAQ - PGP Setup