pull down to refresh

30 sats \ 1 reply \ @ek 5h \ parent \ on: Minor complaint meta
No, at least not currently.
The reason the passphrases are generated is so we don't have to worry about spending wallets with weak encryption that we or a hacker could crack if they ever gained access to our database.
But I think I was mostly biased against user-generated passwords because I'm sure some will pick weak ones and I'm not sure in what position this puts us. The obvious solution would be password rules but I was also biased against them because most of the times their UX sucks. But maybe our UX doesn't have to suck? Mhh
I also thought about PINs:
However, maybe a PIN chosen by the user would be even better?
Since we're trying to make it easy to unlock the wallets, and this is currently only possible by entering the passphrase, a user-chosen PIN should be even easier than entering a (custom) passphrase, right?
The issue with that is that encrypting the passphrase with a PIN for easy unlocking is very insecure unless the encrypted data is deleted after a few failed attempts. However, since the encrypted passphrase is stored in our database, we cannot actually enforce a limit on the number of attempts by anyone who has access to the database.
But as you can see, I don’t see how we could implement PINs without compromising too much on security.
write
preview
0 sats \ 0 replies \ @SimpleStacker 2h
I can see how it puts you in a tough situation. Even if it's the user's fault, you don't want to be caught up in any issue regarding stolen funds.
reply