Embodiments include methods for managing encrypted files by storing a user password hash including a predetermined function of the user password associated with that user ID and the secret keys. Aspects also include, in response to receipt from a user computer of an input password and a the user ID for a required encrypted file, communicating with authentication servers to implement a key-reconstruction protocol in which each server computes first and second hash values for the required encrypted file. The file management server uses the first hash values to compute an input password hash including the predetermined function of the input password and the secret keys, checks if the input password hash matches the user password hash for the received user ID, and reconstructs the encryption key for the required encrypted file.