Mobile applications executing on mobile devices may often be associated with, e.g., may leverage or otherwise interact with, remote applications executing on a remote server. For example, in the business context, an enterprise server may be utilized to execute an enterprise application and to store associated enterprise data, and a mobile application on a mobile device may be configured to leverage the enterprise application/data. In this way, for example, an employee may benefit from having access to necessary enterprise resources, even when travelling or otherwise away from an office environment.
In these and similar contexts, the remote server generally has access to a wide array of security services, as well as to the necessary hardware/software resources necessary to utilize such security services. Consequently, such a remote server may be considered to be relatively secure, so that a user or operator of the remote server may be reasonably confident with respect to a confidentiality and integrity of data stored in conjunction therewith.
In contrast, mobile devices executing mobile applications which communicate with the remote server have considerably fewer resources available to implement security measures to protect data stored using the mobile device. Moreover, such mobile devices, by their nature, are prone to be lost or stolen. As a result, mobile devices are widely recognized as representing potential points of failure with respect to maintaining a confidentiality and integrity of stored data. Consequently, mobile devices and mobile applications tend to be associated with widely-publicized and well-researched attack techniques, which only compound the vulnerabilities of such mobile devices.
In scenarios such as those referenced above, the mobile application thus represents a potential point of failure with respect to maintaining the confidentiality and integrity of data stored at the remote server. Consequently, the remote application, or an administrator thereof, may enforce a password policy with respect to a mobile password used at the mobile device to access the mobile application. Such a mobile password may be used in conjunction with a remote password required to access the remote application at the remote server, and may therefore provide an additional layer of security, beyond whatever security mechanisms that may be provided by the mobile device itself.
However, in conventional implementations, it may be difficult or impossible to recover such a mobile password, in the event that the mobile password is lost or otherwise becomes unavailable to a user of the mobile device. As a result, in such situations, all data encrypted using the mobile password may become inaccessible, so that the user of the mobile device may be forced to attempt to recover or recreate such lost data. Such attempts to recover or recreate lost data are generally inconvenient at best, and futile at worst, and therefore result in increased dissatisfaction of the user of the mobile device, as well as potential losses of profit, customer dissatisfaction, and/or other disadvantages experienced by a provider of the remote application.