It is usually strongly recommended to build your security around a small number of masterkeys, and to derive all other passwords from the masterkeys. This is typically what is proposed by password managers, which encrypt your passwords with a masterkey.
But what if you lost your masterkey?
It is a desirable security feature that your passwords be protected against any entity that does not know the masterkey. But our flawed human brain can fail to remember our masterkeys. So what can we do to digitally protect ourselves against both hackers and our flawed brains?
A fundamental cybersecurity solutions is diversified redundancy, which can be cryptographically guaranteed by Shamir's secret sharing. Concretely, secret sharing divides your masterkey into any number n of shares. Any subset of t of these shares can be used to reconstruct the masterkey. However, any subset of t-1 shares provides zero information about the masterkey.
The shares are also implemented with checksums. More specifically, we use Reed-Solomon encryption, which is based on similar principles, to tolerate an error in share reporting.
It is typically recommended to store and conceal your n shares in different locations like your wallet, house, work office, vehicle and relatives' homes, if possible in sealed envelopes (to know if someone peeked at the shares). Thereby, there will be a recovery solution that will allow you to mitigate the limitations of your human brain!
This web app implements Shamir's secret sharing, to allow you to create a (n, t) sharing of any of your masterkeys, and to join any subset of t of your shares to recover a masterkey.
We invite you to write down both the shares' numbers and texts in different sheets of papers. Then store each sheet in a different secret location and in a sealed envelope.