diff --git a/handbook/README.md b/handbook/README.md
index 029e7e186..063056b97 100644
--- a/handbook/README.md
+++ b/handbook/README.md
@@ -21,6 +21,8 @@ The Fleet handbook is the central guide for how we run the company. As part of o
 
 ### ⛑ Security
 
+[Account recovery process](./security.md#account-recovery-process)
+
 [How we protect end-user devices](./security.md#how-we-protect-end-user-devices)
 
 [Hardware security keys](./security.md#hardware-security-keys)
diff --git a/handbook/security.md b/handbook/security.md
index b1b9e93b0..aac26765d 100644
--- a/handbook/security.md
+++ b/handbook/security.md
@@ -1,5 +1,31 @@
 # Security
 
+## Account recovery process
+
+As an all-remote company, we do not have the luxury of seeing each other or are able to ask for help in person. Instead, we require live video confirmation of someone's identity before performing recovery and this applies to all Fleet company accounts, from internal systems to SaaS accounts.
+
+| Participant | Role                                                                                                                                                 |
+| ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Requester   | Requests recovery for their own account                                                                |
+| Recoverer   | Person with access to perform the recovery who monitors *#help-login*                                                                                                                               |
+| Identifier  | Person that visually identifies the requester in a video call. The identifier can be the recoverer or a person the recoverer can recognize visually |
+
+
+Here are the steps we take for the recovery process:
+
+
+1. If the requester still has access to Slack, they ask for help in *#help-login*. If they do not have access to Slack, they can contact their manager or a teammate over the phone via voice or texting, and they will post in *#help-login* for the requester.
+2. A recoverer acknowledges the request in #help-login using the "eyes" emoji 👀.
+3. The recoverer identifies the requester through a live video call.
+* If the recoverer does not know the requester well enough to positively identify them visually, the
+  recoverer can ask a colleague whom they recognize to act as the identifier. **All three must be
+  live on a video call at the same time.**
+*  For example, if the recoverer does not recognize Guillaume but can recognize Zach, they should ask Zach to identify Guillaume. Using the requester's manager or a direct teammate is recommended, as it increases the chances they see each other on video frequently.
+4. If the recoverer recognizes the requester, or has the identity confirmed by the person acting as
+   the identifier, they can perform the recovery and update the thread in *#help-login*.
+* If the recoverer is not 100% satisfied with identification, they do **NOT** proceed, and post to #g-security to engage the security team immediately.
+
+
 ## How we protect end-user devices
 
 At Fleet, we believe that a good user experience empowers contributors.