# Refresh user keys

If there is a suspicion that private keys were compromised, you need to lock the user account and recreate the account with new keys.

## Prerequisites

Before you refresh the user key, you need the user to re-register with the same user name and share the new public key with you.

The user can re-register with either the UI or API.

For more information, see:

- [Ripple Custody API > Generate a key pair and share the public key](/products/custody/v1.34/api/get-started/register#generate-a-key-pair-and-share-the-public-key)
- [Ripple Custody UI > Create a profile](/products/custody/v1.34/ui/get-started/register#create-a-profile)


## Refresh a user key

These steps describe how to refresh a user key with the API.

To refresh a user key:

1. Make a note of the login provider information in `LoginIds`.
For more information about how to retrieve the user information, see [View user details](/products/custody/v1.34/api/environment/user/view).
2. Create an intent of type `v0_UpdateUser` to set the `LoginIds` to null.
For more information, see [Propose an intent to update an entity](/products/custody/v1.34/api/get-started/key-operations/update/intent-proposal#propose-an-intent-to-update-an-entity).
3. Create an intent of type `v0_LockUser` to lock the user.
For more information, see [Propose an intent to lock or unlock an entity](/products/custody/v1.34/api/get-started/key-operations/update/intent-proposal#propose-an-intent-to-lock-or-unlock-an-entity).
4. Create a user with:
  - The same user name, roles, and `LoginIds`
  - The newly-generated public key
For more information, see [Create a user](/products/custody/v1.34/api/environment/user/create#create-a-user).