Best practices for using a recovery certificate
Symantec
recommends the following best practices for using a recovery certificate:- Be sure to create and use a long-life recovery certificate. This means that the recovery certificate should not expire within a year but should be valid for at least five years.
- The users are not notified about the expiry of the recovery certificate. Therefore, ensure that you track the expiry of the recovery certificate where you and the users can see it, such as on a group calendar. You can create a reminder of the expiration date of the recovery certificate so that you can create a new recovery certificate before the first certificate expires.