diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php
index 0c8418c67a87d39518846d53259b9e5d7d997e9f..8fa42be27fcd7cbde906bc0624125d716ae94ad9 100644
--- a/apps/encryption/lib/keymanager.php
+++ b/apps/encryption/lib/keymanager.php
@@ -213,7 +213,7 @@ class KeyManager {
 	}
 
 	/**
-	 * @param $password
+	 * @param string $password
 	 * @return bool
 	 */
 	public function checkRecoveryPassword($password) {
diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php
index cffa641f5175b165bbdfe4abdf0ff2229177778a..32e3ec16deef16ced990df0d9eaa56cf4665690a 100644
--- a/apps/encryption/lib/recovery.php
+++ b/apps/encryption/lib/recovery.php
@@ -102,7 +102,6 @@ class Recovery {
 	}
 
 	/**
-	 * @param $recoveryKeyId
 	 * @param string $password
 	 * @return bool
 	 */
@@ -112,6 +111,9 @@ class Recovery {
 
 		if (!$keyManager->recoveryKeyExists()) {
 			$keyPair = $this->crypt->createKeyPair();
+			if(!is_array($keyPair)) {
+				return false;
+			}
 
 			$this->keyManager->setRecoveryKey($password, $keyPair);
 		}
@@ -134,6 +136,9 @@ class Recovery {
 	public function changeRecoveryKeyPassword($newPassword, $oldPassword) {
 		$recoveryKey = $this->keyManager->getSystemPrivateKey($this->keyManager->getRecoveryKeyId());
 		$decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $oldPassword);
+		if($decryptedRecoveryKey === false) {
+			return false;
+		}
 		$encryptedRecoveryKey = $this->crypt->encryptPrivateKey($decryptedRecoveryKey, $newPassword);
 		$header = $this->crypt->generateHeader();
 		if ($encryptedRecoveryKey) {
@@ -264,8 +269,9 @@ class Recovery {
 		$encryptedKey = $this->keyManager->getSystemPrivateKey($this->keyManager->getRecoveryKeyId());
 
 		$privateKey = $this->crypt->decryptPrivateKey($encryptedKey, $recoveryPassword);
-
-		$this->recoverAllFiles('/' . $user . '/files/', $privateKey, $user);
+		if($privateKey !== false) {
+			$this->recoverAllFiles('/' . $user . '/files/', $privateKey, $user);
+		}
 	}
 
 	/**
diff --git a/apps/encryption/tests/lib/RecoveryTest.php b/apps/encryption/tests/lib/RecoveryTest.php
index 0cdd76d6b44985ff1d78624d5500d9b313a0dfcc..82f5341960e28d05b6a1eee8ac7d434d316f53d2 100644
--- a/apps/encryption/tests/lib/RecoveryTest.php
+++ b/apps/encryption/tests/lib/RecoveryTest.php
@@ -59,14 +59,44 @@ class RecoveryTest extends TestCase {
 	 */
 	private $instance;
 
-	public function testEnableAdminRecovery() {
+	public function testEnableAdminRecoverySuccessful() {
 		$this->keyManagerMock->expects($this->exactly(2))
 			->method('recoveryKeyExists')
 			->willReturnOnConsecutiveCalls(false, true);
 
 		$this->cryptMock->expects($this->once())
 			->method('createKeyPair')
-			->willReturn(true);
+			->willReturn([
+				'publicKey' => 'privateKey',
+				'privateKey' => 'publicKey',
+			]);
+
+		$this->keyManagerMock->expects($this->once())
+			->method('setRecoveryKey')
+			->willReturn(false);
+
+		$this->keyManagerMock->expects($this->exactly(2))
+			->method('checkRecoveryPassword')
+			->willReturnOnConsecutiveCalls(true, true);
+
+		$this->assertTrue($this->instance->enableAdminRecovery('password'));
+		$this->assertArrayHasKey('recoveryAdminEnabled', self::$tempStorage);
+		$this->assertEquals(1, self::$tempStorage['recoveryAdminEnabled']);
+
+		$this->assertTrue($this->instance->enableAdminRecovery('password'));
+	}
+
+	public function testEnableAdminRecoveryCouldNotCheckPassword() {
+		$this->keyManagerMock->expects($this->exactly(2))
+			->method('recoveryKeyExists')
+			->willReturnOnConsecutiveCalls(false, true);
+
+		$this->cryptMock->expects($this->once())
+			->method('createKeyPair')
+			->willReturn([
+					'publicKey' => 'privateKey',
+					'privateKey' => 'publicKey',
+			]);
 
 		$this->keyManagerMock->expects($this->once())
 			->method('setRecoveryKey')
@@ -83,7 +113,19 @@ class RecoveryTest extends TestCase {
 		$this->assertFalse($this->instance->enableAdminRecovery('password'));
 	}
 
-	public function testChangeRecoveryKeyPassword() {
+	public function testEnableAdminRecoveryCouldNotCreateKey() {
+		$this->keyManagerMock->expects($this->once())
+			->method('recoveryKeyExists')
+			->willReturn(false);
+
+		$this->cryptMock->expects($this->once())
+			->method('createKeyPair')
+			->willReturn(false);
+
+		$this->assertFalse($this->instance->enableAdminRecovery('password'));
+	}
+
+	public function testChangeRecoveryKeyPasswordSuccessful() {
 		$this->assertFalse($this->instance->changeRecoveryKeyPassword('password',
 			'passwordOld'));
 
@@ -101,6 +143,19 @@ class RecoveryTest extends TestCase {
 			'passwordOld'));
 	}
 
+	public function testChangeRecoveryKeyPasswordCouldNotDecryptPrivateRecoveryKey() {
+		$this->assertFalse($this->instance->changeRecoveryKeyPassword('password', 'passwordOld'));
+
+		$this->keyManagerMock->expects($this->once())
+			->method('getSystemPrivateKey');
+
+		$this->cryptMock->expects($this->once())
+			->method('decryptPrivateKey')
+			->will($this->returnValue(false));
+
+		$this->assertFalse($this->instance->changeRecoveryKeyPassword('password', 'passwordOld'));
+	}
+
 	public function testDisableAdminRecovery() {
 
 		$this->keyManagerMock->expects($this->exactly(2))
@@ -145,8 +200,7 @@ class RecoveryTest extends TestCase {
 
 		$this->cryptMock->expects($this->once())
 			->method('decryptPrivateKey');
-		$this->assertNull($this->instance->recoverUsersFiles('password',
-			'admin'));
+		$this->assertNull($this->instance->recoverUsersFiles('password', 'admin'));
 	}
 
 	public function testRecoverFile() {