diff --git a/slapos/runner/runnertest.py b/slapos/runner/runnertest.py
index b1ce381225e84cb3a68000b74c0c51459d0b24f7..6d5c7b94be34ff1974b763413d193a058e28c41b 100644
--- a/slapos/runner/runnertest.py
+++ b/slapos/runner/runnertest.py
@@ -20,7 +20,8 @@ import shutil
 import time
 import unittest
 
-from slapos.runner.utils import (getProfilePath, getSession, isInstanceRunning,
+from slapos.runner.utils import (getProfilePath, getRcode,
+                                 getSession, isInstanceRunning,
                                  isSoftwareRunning, startProxy,
                                  isSoftwareReleaseReady,
                                  runSlapgridUntilSuccess,
@@ -69,7 +70,6 @@ class SlaprunnerTestCase(unittest.TestCase):
     views.app.config['TESTING'] = True
     self.users = ["slapuser", "slappwd", "slaprunner@nexedi.com", "SlapOS web runner"]
     self.updateUser = ["newslapuser", "newslappwd", "slaprunner@nexedi.com", "SlapOS web runner"]
-    self.rcode = "41bf2657"
     self.repo = 'http://git.erp5.org/repos/slapos.git'
     self.software = "workspace/slapos/software/"  # relative directory fo SR
     self.project = 'slapos'  # Default project name
@@ -103,8 +103,9 @@ class SlaprunnerTestCase(unittest.TestCase):
     self.app = views.app.test_client()
     self.app.config = views.app.config
     #Create password recover code
-    with open(os.path.join(views.app.config['etc_dir'], '.rcode'), 'w') as rpwd:
-      rpwd.write(self.rcode)
+    parser = ConfigParser.ConfigParser()
+    parser.read(self.app.config['knowledge0_cfg'])
+    self.rcode = parser.get('public', 'recovery-code')
     #Create config.json
     json_file = os.path.join(views.app.config['etc_dir'], 'config.json')
     if not os.path.exists(json_file):
@@ -118,7 +119,6 @@ class SlaprunnerTestCase(unittest.TestCase):
 
   def tearDown(self):
     """Remove all test data"""
-    os.unlink(os.path.join(self.app.config['etc_dir'], '.rcode'))
     project = os.path.join(self.app.config['etc_dir'], '.project')
     users = os.path.join(self.app.config['etc_dir'], '.users')
 
diff --git a/slapos/runner/utils.py b/slapos/runner/utils.py
index c5a907a184fc501b97fee4ff790d4e8b12681733..f60c26553d4fe76cbba7a458cbb810f38b528049 100755
--- a/slapos/runner/utils.py
+++ b/slapos/runner/utils.py
@@ -2,6 +2,7 @@
 # vim: set et sts=2:
 # pylint: disable-msg=W0311,C0301,C0103,C0111,W0141,W0142
 
+import ConfigParser
 import json
 import logging
 import md5
@@ -112,6 +113,15 @@ def saveSession(config, account):
     return str(e)
 
 
+def getRcode(config):
+  parser = ConfigParser.ConfigParser()
+  try:
+    parser.read(config['knowledge0_cfg'])
+    return parser.get('public', 'recovery-code')
+  except (ConfigParser.NoSectionError, IOError) as e:
+    return None
+
+
 def createNewUser(config, name, passwd):
   htpasswdfile = os.path.join(config['etc_dir'], '.htpasswd')
   if os.path.exists(htpasswdfile):
diff --git a/slapos/runner/views.py b/slapos/runner/views.py
index 325d036270f2babda5a165bb9a5bb6f0938d7100..0e1dd55c6e5ac4a7b9c2ef0268d117c05c8eecd2 100755
--- a/slapos/runner/views.py
+++ b/slapos/runner/views.py
@@ -16,7 +16,7 @@ from slapos.runner.process import killRunningProcess
 from slapos.runner.utils import (checkSoftwareFolder, configNewSR,
                                  createNewUser, getProfilePath,
                                  listFolder, getBuildAndRunParams,
-                                 getProjectTitle, getSession,
+                                 getProjectTitle, getRcode, getSession,
                                  getSlapStatus, getSvcStatus,
                                  getSvcTailProcess, isInstanceRunning,
                                  isSoftwareRunning, isSoftwareReleaseReady, isText,
@@ -552,7 +552,7 @@ def updateBuildAndRunConfig():
 #update user account data
 def updateAccount():
   code = request.form['rcode'].strip()
-  recovery_code = open(os.path.join(app.config['etc_dir'], ".rcode"), "r").read()
+  recovery_code = getRcode(app.config)
   if code != recovery_code:
     return jsonify(code=0, result="Your password recovery code is not valid!")
 
@@ -583,8 +583,7 @@ def configAccount():
   account.append(request.form['email'].strip())
   account.append(request.form['name'].strip())
   code = request.form['rcode'].strip()
-  recovery_code = open(os.path.join(app.config['etc_dir'], ".rcode"),
-                      "r").read().strip()
+  recovery_code = getRcode(app.config)
   if code != recovery_code:
     return jsonify(code=0, result="Your password recovery code is not valid!")
   result = saveSession(app.config, account)
@@ -595,8 +594,7 @@ def configAccount():
 
 def addUser():
   code = request.form['rcode'].strip()
-  recovery_code = open(os.path.join(app.config['etc_dir'], ".rcode"),
-                      "r").read().strip()
+  recovery_code = getRcode(app.config)
   if code != recovery_code:
     return jsonify(code=0, result="Your password recovery code is not valid!")
   if createNewUser(app.config, request.form['username'],