Encrypted Home... Forgotten Password, but no Passphrase
The encrypted home directory (and encrypted private folder) features make use of a random mount passphrase. This mount passphrase is then stored encrypted with the user's login password. On login, the user's password is used to decrypt the mount passphrase and the key is used to mount the home directory.
When you perform a normal password change where the old password is requested before entering the new one, the mount passphrase can be re-encrypted with the new login password. When you perform an administrative password change, this can't be done since the key used to decrypt the mount passphrase is not provided.
In order to get in to the encrypted home directory now, you will need one of the following:
- the old login password for the account.
- the mount passphrase used when you set up the encrypted home directory (you would have been told to write this down somewhere).
If you have either of these, you should be able to access the data by running the following command and following the prompts:
sudo ecryptfs-recover-private /home/user
If you don not have either of these pieces of information, then the information is lost. This is by design, since if you could access the data under these circumstances then so could an attacker.