# Project Aegis Disaster Recovery

## Encrypted RCON credential recovery

Atlas RCON credentials stored in MySQL can be recovered only with the Laravel `APP_KEY` that encrypted them. A usable recovery set requires both:

1. A current MySQL backup.
2. The matching production `APP_KEY`, restored through the approved server-side secret mechanism.

Do not regenerate the key during recovery. Restore the key first, restore the database, clear Laravel's configuration cache, and verify credential decryption through a protected connectivity test. If the matching key is unavailable, the encrypted values cannot be recovered; an Owner or Head Admin must replace every affected RCON credential through Project Aegis.

Never place plaintext credentials, encrypted ciphertext, or `APP_KEY` values in recovery notes, logs, audit events, or support messages.
