I setup the Passphrase and protection is enabled, and I try with Startup
Enable Auto Login off and on too it’s the same! It is useless because when I start my wallet it is easy to read the details wallet is not asking me for any passphrase! It is same on Mack and Windows PC too!
This is not protected anything! Logical should be when you start the wallet should ask for pass isn’t?
If I do something wrong, please tell me but if not than please check this!
Another thing it should be not bad on logon to we have option for passphrase protection + authenticator! In this case if someone can go inside in your PC just read the 24 words!
If this passphrase even works that do not protect us from keylogger too!
So, I can say only the protection of Chia wallet is very poor so please work in this ASAP!
The passphrase is only on the local client. In case someone gets access to your computer.
When you go to another computer, you would have to setup the passphrase there as well.
As for the passphrase: For me, I cannot see the keys without entering the passphrase:
Regarding your concern of someone logging into your computer:
I do not think it is possible to implement a 2 factor into the client as you authenticate againt the blockchain not against some central server.
It is your responsibility to have your operating system sufficiently hardened.
Some Measures may include:
- having a secure password
- having backups
- encrypt the disk
- have a device or virtual machine dedicated for wallet access
- keep majority of your funds in a cold wallet
- use a password manager and copy/paste for your passphrase rather than typing it
(also allows for longer passphrase) - make sure to keep the mnemonics safe
“The passphrase is only on the local client”
it is ok sure also
the rest is Ok
"* having a secure password
- having backups
- encrypt the disk
- have a device or virtual machine dedicated for wallet access
- keep majority of your funds in a cold wallet
- use a password manager and copy/paste for your passphrase rather than typing it
(also allows for longer passphrase) - make sure to keep the mnemonics safe"
This all basic and all is Ok only it is not clear why just not need a simple the passphrase on logon and that’s all and if we want Chia to be popular for middle knowledge people too these things must be easy for setting up !
So, I am not expert but also not a beginner and I love simple and secure things!
I hope some hardware wallet will support XCH soon
chia is still very new and on the beginnings. They are currently focused on pumping out new features.
But they are also working on usability. For instance just 1-2 releases ago, it was not yet possible to show the mnemonics and secret within the wallet.
It is also only possible since this release to assign names to wallets rather than having to remember wallet id each time.
Security should be on first place!!!
Also, if we want to be more popular it must be more user-friendly!!!
I love Chia project more than any other before so this should be only a constructive criticism
2fa maybe not, but a simple password that is needed before transactions can be made from the wallet surely is.
Btc had this implemented so many years ago.