The Security Center is an interface that ensures no data stored in Sikker is ever lost. It checks the elements required for the master password reset process and guides you if any action is needed to prevent data loss.
As a manager, you can access the Security Center from Sikker via the "Security Center" tab, or from MySikker via the Notification tab when an action requires your attention.
Standard users do not have access to the Security Center.
Shortcuts
To help you monitor the health of the encryption keys used for master password resets, we have set up shortcuts:
On MySikker (user space): a notification invites you to visit the Security Center if a critical action is required.
On Sikker (manager space): an alert pop-up appears to direct you to the Security Center if an action is needed to prevent data loss.
Organization Key Section
The organization key is used to reset the master password without data loss. Without this key, users' vaults would become permanently inaccessible after a master password reset.
Verifying the organization key confirms that managers are able to reset master passwords. Without it, there is a risk of data loss when attempting a reset. Click Check Status to get the real-time status of each manager's organization key:
Existing – the key is available.
Non-existent – the manager without the key cannot reset master passwords.
To verify a key, the relevant manager must log in to their interface to trigger the verification.
Encryption Verification
When clicking "Check Status", an encryption test is run to confirm the key's validity. Possible statuses are:
Verified – the key is valid.
Unverified – the manager has not logged in recently to verify their organization key.
Unknown – the manager does not have an organization key.
Manager not set up – the manager has not created a master password.
Verification is valid for one week and must be performed individually by each manager.
Error Handling
When one or both components are incorrect, help messages are displayed from most to least critical.
Case | Issue Message | Criticality | Probable Causes | Solution |
1. Organization key = non-existent & encryption = manager not set up | Some managers do not have a master password. They cannot receive the organization key and therefore cannot perform resets. | 🔴 Critical | The manager has never created their master password. | Ask the manager to complete the Sikker onboarding to create their master password, which will generate the elements needed to share the organization key. |
2. Organization key = non-existent & encryption = unknown | Some organization keys are missing; these managers cannot reset passwords. | 🔴 Critical | The manager does not have the organization key. | A manager who holds the key must log in to transmit it. If they have access to MySikker → automatic sharing; otherwise a banner will prompt the share. |
3. Organization key held by only one manager | Only one manager holds the organization key and is therefore the only one able to perform resets. | 🟠 Important | Not enough managers with the key. | Invite the manager to add other managers via Sikker to share the organization key. |
4. Organization key = existing & encryption = unverified | Some keys are unverified; reset capabilities cannot be confirmed. | 🟡 Moderate | Key never verified or not verified within the past week. | The manager must log in for verification to happen automatically. Each manager must log in individually for their own verification. |
Recovery Key Section
The recovery key allows a user's vault access to be restored without data loss. Two possible statuses:
Valid – no action required, the key is working. (not displayed in the interface)
Regeneration required – the key must be recreated.
What happens when the status changes to "Regeneration required"?
The message lists the affected users. Simply ask the user to unlock their vault. When the user unlocks their vault, the key is automatically regenerated. The manager can then click Check Status to refresh the information and see the alert disappear.
Summary
The Sikker Security Center is the preventive verification layer that:
Monitors the availability of critical keys.
Automates their regeneration when necessary.
Protects the organization against any loss related to master password resets.
It is your trusted shield for the security of encrypted data within Sikker.