Thanks for the ideas, Garrett, food for thought. There must be a way to zero the config on the plugin, though, for testing and similar. I’d like to play around with some common scenarios myself before rolling it out to the demo group, to see how the recovery process works, what steps users need to take to restore on the ‘happy path’, the non-happy path, etc.
Re: the demo users themselves, they’d be other members of the tech team. Not necessarily security oriented, but used to pawing through filesystems and such, so they can follow a list of steps without too much worry
(From previous experience with team password managers, you can take an end-user, sit them down personally for 5 minutes, look them in the eye and say “I know that you get ‘don’t forget this password/whatever’ often, but this one you really can’t lose; I cannot reset it”, have them convincingly say “yes, I understand”, and a week later have the same person ask for it to be reset because they forgot… that particular person was a senior backend dev, too…)