A method may include obtaining a secret key, a user device secret key, and a server secret key based on the secret key and the user device secret key. The method may include dividing the user device secret key into a plurality of user device shares and the server secret key into a plurality of server shares. The method may include distributing the plurality of user device shares to a plurality of user devices and the plurality of server shares to a plurality of service providers. The method may include obtaining a public key based on the secret key. The method may also include publishing the public key. The method may include obtaining a recovery authority secret key and a recovery vault secret key such that a user may recover an account if the user devices and/or the service providers are compromised.