Internet Identity Email Recovery is now live, letting ICP users restore account access through email alongside existing recovery methods.
Author: Akshay
5th June 2026. DFINITY Foundation announced on June 5 that Internet Identity now supports email recovery. Users who lose every device can regain access with a message sent to their own inbox.
High Signal Summary For A Quick Glance
CryptOpus
@ImCryptOpus
@dfinity Strong identity solutions build trust, that’s the future
Never lose access to your identity again. Internet Identity now has email recovery. Lose every device, and you still get back in with a message from your own inbox. II verifies it is really you. No seed phrase to guard. Set it up at https://t.co/TavUu6G3YW https://t.co/g7d4auUwUD
09:54 AM·Jun 5, 2026
Alex (BCP)
@BlockchainPill
@dfinity Very good for onboarding normies 🤝 They shouldn't worry about secret phrases and getting locked out of their wallets
Never lose access to your identity again. Internet Identity now has email recovery. Lose every device, and you still get back in with a message from your own inbox. II verifies it is really you. No seed phrase to guard. Set it up at https://t.co/TavUu6G3YW https://t.co/g7d4auUwUD
09:07 AM·Jun 5, 2026
High attention and emotional sentiment detected.
The foundation shared the news in a 09:00 GMT post on X. According to DFINITY, no seed phrase is needed for the new recovery flow. Instead, Internet Identity verifies each request directly on-chain.
Internet Identity is the Internet Computer’s passwordless login system. Specifically, it uses passkeys and security keys to sign in to dApps without exposing a persistent identifier.
Until now, recovery relied on a 24-word recovery phrase or a backup device. The new option adds email to that list. So users gain another way back in once their devices are gone.
In its announcement, DFINITY put it plainly. “Lose every device, and you still get back in with a message from your own inbox,” the post said.
Internet Identity launched as a privacy-first login system for the Internet Computer. Initially, users protected their anchor with either a 24-word recovery phrase or a second device.
Through late 2025, DFINITY improved how recovery phrases activate and verify. The II 2.0 migration then refined the wider experience while keeping older setups compatible.
Email recovery is the next step in that arc. It extends self-sovereign identity to people who never felt safe guarding a seed phrase.
Setup happens at id.ai. First, log in with an existing passkey or device. Then open the Access and Recovery section and register an email address.
Recovery runs in reverse. First, a user enters their anchor number on id.ai and selects the recovery option. Next, Internet Identity sends a verification message to the registered email.
The message carries a link or code. Internet Identity validates that token on-chain. After it confirms, the user can add a new passkey and sign in again.
The email itself is sent by the canister, so the flow stays inside Internet Identity’s trust boundary. DFINITY tested the same setup earlier on a staging site, beta.id.ai, before flipping it on for everyone.
Internet Identity recovery methods: recovery phrase, passkeys, and the new email recovery option
The headline detail is what the flow removes. There is no 24-word secret to write down, hide, or lose. As a result, email recovery targets the part of onboarding that scares mainstream users most.
Still, email recovery does not replace the older methods. DFINITY says it supplements passkeys, recovery devices, and recovery phrases. So anyone who already set up a phrase keeps it as a fallback.
The upgrade is live in production, not in beta. It shipped in the release-2026-06-02 build of Internet Identity.
Token holders approved it through NNS proposal 141991, which enabled the recovery emails feature and a security fix. The feature had sat disabled in production before that vote.
The release ties back to a specific commit, 230a8061, and to pull requests numbered 3963, 3972, and 3973. So developers can read the exact code that powers Internet Identity email recovery.
Additionally, anyone can verify the deployment independently. The II canister, rdmx6-jaaaa-aaaaa-aaadq-cai, shows a module hash that matches the release on its public dashboard.
Email recovery improves the experience, yet it also shifts the risk. A recovery phrase sits offline, away from attackers. An inbox does not.
Because of that, the new channel leans on the security of a user’s email provider. Phishing and inbox takeovers become relevant attack paths. Some users raised this concern within hours of the launch.
For balance, the model still asks Internet Identity to verify each request on-chain. So the email works as one controlled channel, much like a recovery device does today.
Early sentiment on X leaned positive among ICP supporters. In particular, many users framed the change as a win for onboarding newcomers who fear losing a seed phrase.
Not everyone cheered, though. A few users questioned email security and asked what happens if an inbox gets hacked. No major security researcher has weighed in yet.
The market stayed quiet too. ICP showed no clear price move or volume spike around the 09:00 GMT post, partly because the news is only hours old. Tier-one outlets had not covered it at the time of writing either.
Several details remain unpublished for now. DFINITY has not detailed token expiry, rate limits, or whether a linked email can be removed later.
It is also unclear whether the stored email is hashed or visible on-chain. The full phishing surface and any anti-abuse limits are not spelled out either. Official documentation is still pending, so treat these points as open until the foundation publishes more.
Mainstream users can set up Internet Identity email recovery today at id.ai. Meanwhile, those seeking deeper technical information can monitor the GitHub releases page and DFINITY’s official channels for future updates. As additional documentation becomes available, more implementation details may emerge regarding security controls and recovery parameters. However, this article is provided for informational purposes only and should not be considered security or financial advice.
Our Crypto Talk is committed to unbiased, transparent, and true reporting to the best of our knowledge. This news article aims to provide accurate information in a timely manner. However, we advise the readers to verify facts independently and consult a professional before making any decisions based on the content since our sources could be wrong too. Check our Terms and conditions for more info.
Grayscale HYPG ETF Buys Over $5M in HYPE in 48 Hours
Internet Identity Email Recovery Is Now Live on ICP
GEODNET GEO-MEASURE Update Brings DePIN Utility to the Field
Arthur Hayes Sells Entire Zcash Position Over Orchard Bug
Grayscale HYPG ETF Buys Over $5M in HYPE in 48 Hours
Internet Identity Email Recovery Is Now Live on ICP
GEODNET GEO-MEASURE Update Brings DePIN Utility to the Field
Arthur Hayes Sells Entire Zcash Position Over Orchard Bug
Internet Computer
$2.37
