Once the user logs in with the old recovery code, we have to ensure a new recovery secret is added to the secrets document, before updating it in Bonafide.

Acceptance Criteria

Given I already had a recovery secret, when I submit my back-up email, I should have a second recovery secret encoded with the new recovery code in the secrets file.

In Scope

• Generate new recovery code
• Encrypt secret with new recovery code
• Save the second secret in the secrets doc

Out of Scope

• Deleting the old recovery code

Depends on

#925