I have two new users that are requesting to use the same certificate to the same receiver. The original user has the a key that was created on her machine and I’m able to export them and import them onto the machines of the other users. The problem arises when the other two users try to sign any new documents using the key because the original user and creator of the key does not remember the passhrase.
Is there a way to recover the original users passphrase?
“Is there a way to recover the original users passphrase?” -Donald Thibodeaux
Unfortunately, no. Unless the creator of the key can remember the passphrase, that key is essentially useless.
The passphrase is the last (and essentially only) line of defense against an attacker being able to decrypt your communications. If there was a way to recover the passphrase, an attacker could theoretically retrieve it just as easily as the rightful owner.
This is precisely why I recommend using a password manager, such as LastPass or KeePass.
There is one alternative. You can make a backup of your key and change the passphrase of the backup to something easy to remember or guess. The catch being that the backup must be kept in an absolutely secure location, since it has an inherently weak passphrase.