Recovery Objective
Cloudberrie must be able to recover access to critical infrastructure if the primary Mac, browser session, authenticator, or administrator is unavailable.
Required Copies
| Copy | Location | Contents |
|---|---|---|
| Primary | Apple Passwords | Credential, account identity, recovery codes and notes |
| Secondary | Encrypted offline storage in a physically secure location | Tier 1 recovery codes and emergency ownership references |
| Not permitted | Email, unencrypted cloud drive, screenshots or chat | Any usable secret |
Recovery Test
At least annually, and after major account changes, verify:
Emergency Sequence
- Use the official platform recovery process.
- Verify the legal and operational owner before changing access.
- Reset the password and MFA factors.
- Revoke unknown sessions and tokens.
- Document the event without recording secrets in the manual.
- Replace stored recovery codes after use.