Users can also choose to create a password for their old mail. In this case, the randomly generated key is stored in a backup key vault with a hardware security module (HSM). After storing the message, the user can enter the password in the backup key vault to obtain the encryption key and unlock the old message from the storage. Once a certain number of failed password attempts are made, the key will be inaccessible.
