FAQs - Cove Identity App

What is zero-knowledge storage and end-to-end encryption?

Zero-knowledge storage is a security measure where the service provider knows absolutely nothing about the data you're storing with them. This is achieved through end-to-end encryption, a system where your data is encrypted on your device before it's sent to the server for storage. Thus, only you hold the keys to decrypt your data.

How does Cove implement zero-knowledge storage and end-to-end encryption?

At Cove, we're committed to your privacy and security. We employ a process where the encryption keys are generated on your device. When you upload a file to Cove, it's encrypted right on your device before it leaves for our servers. This ensures that we don't have access to your keys or your data, establishing true zero-knowledge storage. We also provide secure and convenient options to back up your encryption keys, like Seed phrase or Cove Managed Key Backup, for subsequent logins.

How can I manage my keys? Do I need to be tech-savvy to safeguard my keys and my data?

Absolutely not! At Cove, we believe in making top-tier security accessible for everyone, regardless of their technical proficiency. We handle all the complicated, "techy" aspects of data encryption and key management for you. When you put your data into the Cove drive, our systems automatically encrypt everything, so you don't have to do anything extra. You can choose to back up your encryption key with a simple seedphrase or use our Cove Managed Key Backup service, where we securely maintain your keys for you. Either way, our goal is to make your data security seamless and straightforward. Rest assured, we're working hard behind the scenes so that we know nothing about your data, providing you with ultimate privacy and peace of mind.

What are the options to securely backup the encryption keys?

At Cove, we offer two convenient and secure methods for you to backup your encryption keys:
Cove Managed Keys:
With this option, Cove takes responsibility for managing and maintaining your encryption keys. We use state-of-the-art security methods and Hardware Security Modules (HSMs) to store and encrypt your keys, allowing you to use your account with ease and peace of mind.
Seedphrase:
This is a user-managed option where you're given a unique string of words (the seedphrase) to recover your encryption key every time you log in. It's a secure and reliable method, but it requires you to safely store the seedphrase as losing it may prevent you from accessing your existing encrypted data.

Both these options are designed with maximum security and user convenience in mind. Whether you want to take the responsibility of key backup onto yourself (Seedphrase) or prefer Cove to handle it for you (Cove Managed Keys), we've got you covered.

What is Cove Managed Key Backup?

Cove Managed Key Backup is a service where Cove securely manages and maintains your encryption keys for you. We use state-of-the-art, secure facilities and Hardware Security Modules (HSMs) to store and encrypt your keys, relieving you from the worry of securing and maintaining them.

How secure is Cove Managed Key Backup?

It's highly secure. We use advanced hardware and software technologies to protect your encryption keys. Moreover, access to your data is always controlled by you and secured by authentication using your phone or email, along with two-factor authentication (if you have set it up). So if it's not you, nobody else can access your data.

Who controls my data in Cove Managed Key Backup?

You do. Whether you use Cove Managed Key Backup or the seedphrase method, you always remain in control of your data. Nobody else can access your data without your explicit consent.

What is a seedphrase key backup?

The seedphrase key backup is a string of words that acts as a secure way to recover your encryption key every time you log in using your email or phone number. You can think of the seedphrase as your "key retrieval" tool, helping you gain access to your encrypted data. It's important to note that setting up a seedphrase is one of the options and not mandatory. You would need to set it up only if you choose to use this method for key backup.

What happens if I lose my seedphrase?

Losing your seedphrase means that you lose access to your existing encrypted data, as the seedphrase is the only way to retrieve your encryption key. However, you still maintain the ability to revoke access to shared documents or delete them.

Can I create a new encryption key if I lose my seedphrase?

Yes, you can create a new encryption key. Any data you upload after creating the new key will be accessible to you. You can then back up this new key with a new seedphrase.

Can I back up my key with a new seedphrase if I lose my old one?

Yes, if you're still logged into your account, you can back up your encryption key with a new seedphrase at any time.

Why is my seedphrase important?


The seedphrase is important because it is a way to back up your encryption keys. You will need it to retrieve your encryption key upon logging in.

How secure is my seedphrase?

Our seedphrase is secure, as it works in conjunction with Cove's authentication process. This process first verifies your email or phone number, followed by two-factor authentication (if set up). Without authenticating first, nobody can use your seedphrase to access your data.

What is the role of a seedphrase in the zero-knowledge end-to-end encryption?

The seedphrase completes the zero-knowledge end-to-end encryption, which means that no one, including us at Cove, can decrypt your data unless you've shared access with them.

What is 2FA?

Two-factor authentication (2FA) is a security measure that requires two forms of identification to access an account or system. Typically, the first factor is a password or PIN, while the second factor is something the user has, such as a security token or biometric data. By requiring two factors of authentication, 2FA makes it more difficult for unauthorised users to gain access to sensitive information.

How Cove Uses 2FA to Secure Your Account:

At Cove, we take the security of our users' data seriously. That's why we offer two-factor authentication (2FA) as an extra layer of security to protect your account from unauthorized access.

2FA is a security process that requires a user to provide two different authentication factors to verify their identity. This ensures that even if one of the factors is compromised, the account remains secure. Cove uses 2FA to provide our users with the highest level of security possible.

When you enable 2FA on your Cove account, you'll be prompted to enter a unique code in addition to your password every time you log in. This code is generated by a 2FA app installed on your mobile device, such as Google Authenticator or Authy. The app generates a new code every 30 seconds, making it virtually impossible for anyone to access your account without your permission.

Do's and Don'ts

1. Do set up 2FA wherever possible: 2FA can greatly enhance the security of your online accounts, so it's a good idea to set it up wherever it's available.

2. Do use strong authentication methods: When setting up 2FA, choose strong authentication methods such as biometric data or hardware tokens, rather than relying solely on SMS or email-based authentication.

3. Don't share your 2FA codes: 2FA codes should be kept confidential, and should never be shared with anyone else.

4. Don't reuse passwords or PINs: Using the same password or PIN for multiple accounts can make it easier for attackers to gain access to your accounts.

What is zero-knowledge storage and end-to-end encryption?

Zero-knowledge storage is a security measure where the service provider knows absolutely nothing about the data you're storing with them. This is achieved through end-to-end encryption, a system where your data is encrypted on your device before it's sent to the server for storage. Thus, only you hold the keys to decrypt your data.

How does Cove implement zero-knowledge storage and end-to-end encryption?

At Cove, we're committed to your privacy and security. We employ a process where the encryption keys are generated on your device. When you upload a file to Cove, it's encrypted right on your device before it leaves for our servers. This ensures that we don't have access to your keys or your data, establishing true zero-knowledge storage. We also provide secure and convenient options to back up your encryption keys, like Seed phrase or Cove Managed Key Backup, for subsequent logins.

How can I manage my keys? Do I need to be tech-savvy to safeguard my keys and my data?

Absolutely not! At Cove, we believe in making top-tier security accessible for everyone, regardless of their technical proficiency. We handle all the complicated, "techy" aspects of data encryption and key management for you. When you put your data into the Cove drive, our systems automatically encrypt everything, so you don't have to do anything extra. You can choose to back up your encryption key with a simple seedphrase or use our Cove Managed Key Backup service, where we securely maintain your keys for you. Either way, our goal is to make your data security seamless and straightforward. Rest assured, we're working hard behind the scenes so that we know nothing about your data, providing you with ultimate privacy and peace of mind.

What are the options to securely backup the encryption keys?

At Cove, we offer two convenient and secure methods for you to backup your encryption keys:
Cove Managed Keys: With this option, Cove takes responsibility for managing and maintaining your encryption keys. We use state-of-the-art security methods and Hardware Security Modules (HSMs) to store and encrypt your keys, allowing you to use your account with ease and peace of mind.
Seedphrase: This is a user-managed option where you're given a unique string of words (the seedphrase) to recover your encryption key every time you log in. It's a secure and reliable method, but it requires you to safely store the seedphrase as losing it may prevent you from accessing your existing encrypted data.

Both these options are designed with maximum security and user convenience in mind. Whether you want to take the responsibility of key backup onto yourself (Seedphrase) or prefer Cove to handle it for you (Cove Managed Keys), we've got you covered.

Cove Managed Key Backup
What is Cove Managed Key Backup?

Cove Managed Key Backup is a service where Cove securely manages and maintains your encryption keys for you. We use state-of-the-art, secure facilities and Hardware Security Modules (HSMs) to store and encrypt your keys, relieving you from the worry of securing and maintaining them.

How secure is Cove Managed Key Backup?

It's highly secure. We use advanced hardware and software technologies to protect your encryption keys. Moreover, access to your data is always controlled by you and secured by authentication using your phone or email, along with two-factor authentication (if you have set it up). So if it's not you, nobody else can access your data.

Who controls my data in Cove Managed Key Backup?

You do. Whether you use Cove Managed Key Backup or the seedphrase method, you always remain in control of your data. Nobody else can access your data without your explicit consent.

Seedphrase Key Backup
What is a seedphrase key backup?

The seedphrase key backup is a string of words that acts as a secure way to recover your encryption key every time you log in using your email or phone number. You can think of the seedphrase as your "key retrieval" tool, helping you gain access to your encrypted data. It's important to note that setting up a seedphrase is one of the options and not mandatory. You would need to set it up only if you choose to use this method for key backup.

What happens if I lose my seedphrase?

Losing your seedphrase means that you lose access to your existing encrypted data, as the seedphrase is the only way to retrieve your encryption key. However, you still maintain the ability to revoke access to shared documents or delete them.

Can I create a new encryption key if I lose my seedphrase?

Yes, you can create a new encryption key. Any data you upload after creating the new key will be accessible to you. You can then back up this new key with a new seedphrase.

Can I back up my key with a new seedphrase if I lose my old one?

Yes, if you're still logged into your account, you can back up your encryption key with a new seedphrase at any time.

Why is my seedphrase important?

The seedphrase is important because it is a way to back up your encryption keys. You will need it to retrieve your encryption key upon logging in.

How secure is my seedphrase?

our seedphrase is secure, as it works in conjunction with Cove's authentication process. This process first verifies your email or phone number, followed by two-factor authentication (if set up). Without authenticating first, nobody can use your seedphrase to access your data.

What is the role of a seedphrase in the zero-knowledge end-to-end encryption?

The seedphrase completes the zero-knowledge end-to-end encryption, which means that no one, including us at Cove, can decrypt your data unless you've shared access with them.