Another temptation is to put in back doors in your code so that a customer service representative (for example) can get at secure data, even if the customer has lost a password or a certificate. With just the little extra effort it takes to put in a carefully controlled back door, you look like a shining hero, saving the customer from her own foolishness.
That's possibly the case. On the other hand, back doors are often poorly implemented and can give way to easy hacks. The result is a lot of wasted time and effort on security.
To illustrate this, we'll use the 100th Window Problem. Let's say your company has a large building with 100 windows that are all open , and you rush around locking them all before you leave for the day. Unfortunately, you actually lock only 99 windows, having overlooked one. Even if you have excellent locks and burglar alarms on all the locked windows, a thief can slip in the 100th window and make off with all your corporate goods. The more windows you add, the harder it is to make sure that everything is secure.
Generally speaking, there's no point in securing less than 100 percent of the relevant portion of your system. If you're going to do it at all, you must be committed to securing everything. It's better to offer your customers secure offsite escrow of passwords and keys than it is to build in back doors. That way, if they don't take you up on your service and they lose their password or certificate, they can only blame themselves .
Also, you're not saying, "By the way, our software is really secure, but we can break the security if you need us to." You're saying "We'll try to help you avoid costly mistakes, but our software is so secure that even we can't break the security." This is a better technical message and a much better marketing message.