pull down to refresh
147 sats \ 2 replies \ @SimpleStacker 14 Oct \ parent \ on: Minor complaint meta
Can users set their own pass phrase? Then they can decide how easy or secure they want to make it
No, at least not currently.
The reason the passphrases are generated is so we don't have to worry about spending wallets with weak encryption that we or a hacker could crack if they ever gained access to our database.
But I think I was mostly biased against user-generated passwords because I'm sure some will pick weak ones and I'm not sure in what position this puts us. The obvious solution would be password rules but I was also biased against them because most of the times their UX sucks. But maybe our UX doesn't have to suck? Mhh
I also thought about PINs:
However, maybe a PIN chosen by the user would be even better?Since we're trying to make it easy to unlock the wallets, and this is currently only possible by entering the passphrase, a user-chosen PIN should be even easier than entering a (custom) passphrase, right?The issue with that is that encrypting the passphrase with a PIN for easy unlocking is very insecure unless the encrypted data is deleted after a few failed attempts. However, since the encrypted passphrase is stored in our database, we cannot actually enforce a limit on the number of attempts by anyone who has access to the database.
But as you can see, I don’t see how we could implement PINs without compromising too much on security.
reply
I can see how it puts you in a tough situation. Even if it's the user's fault, you don't want to be caught up in any issue regarding stolen funds.
reply