happynine icon indicating copy to clipboard operation
happynine copied to clipboard

Published 20 hours ago verified publisher icon sowbug

Suggest strong passphrase in case user isn't feeling creative

Open sowbug opened this issue 11 years ago • 3 comments

sowbug avatar Jan 17 '14 18:01 sowbug

My opinion is that no passphrase should be allowed as well, just like electrum does.

In my case, I use no passphrase on low value wallets or no passphrase on separated high security machines that are protected in other ways.

fireduck64 avatar Jan 17 '14 18:01 fireduck64

That's an interesting thought. Here's how I arrived at the current design.

For 1.0 I wanted to default to the best options for users (i.e., not give them a choice) because it made for a very straightforward UI flow. For 1.x, I could add more options.

In the case where you're setting up a public-key-only wallet ("seedless" or whatever Electrum calls it), it never asks you for the passphrase after you initially set it, because it never needs it to do anything. That argues both ways -- (1) yeah, you do need to pick some passphrase, but it never gets in your way after that, (2) so why bother requiring one in the first place?

Since the app uses chrome.storage.sync, I didn't want to ever worry that users' unencrypted private keys were ever being sent across the wire. That said, the design uses a 256-bit ephemeral symmetric key in any case, so even if there were no passphrase, the data would still be encrypted with PKDBF2(null), which is at least some protection against extremely casual snoopers.

I could offer an option to store the passphrase in chrome.storage (i.e., local to the machine only), and even offer it during the initial setup. Then you'd have the convenience of no passphrase, but the security of knowing that only that machine had the credentials to use your wallet. Would that be any better? (I know your answer is "just give me the option already," but for every expert user who understands the difference between high-value and low-value assets, there are 99 who will commit their life savings to an empty passphrase on a rooted machine.)

sowbug avatar Jan 17 '14 19:01 sowbug

Ah, I didn't know about the app syncing aspect of it. That makes it more of, what is the security of the least secure machine you use chrome on linked to this account, which is a tougher question.

The risk with the local only is of course if that machine fails in some way. I think the story of you need access to your google account and the passphrase or you need the private root key makes more sense.

The bottom line is whatever the options are, they need to be extremely clear.

fireduck64 avatar Jan 17 '14 19:01 fireduck64