Improve security for UP backup / restore | LUKSO | Page 1

desert schooner Jan 5, 2024, 9:54 AM

#

As I understand the first backup / restore solution for UP will be a file + pw. I think that's very unsecure and remembers me of 2016 and my first ETH wallet. We should add HW devices (ledger, trezor, yubikeys) to the backup and restore process. So that not only a PW is used which can easily be intercepted (key logger). Currently having a HW device I can just go to any PC, download metamask and add my wallet via import from HW device in a secure way. No private key gets exposed. Something similar should be the standard for Lukso as well. A file + simple pw makes Lukso more unsecure than the status quo.

hybrid mica Jan 5, 2024, 9:56 AM

#

@whole dune would it be ok to add this as a feature request to our tracker ? 🙂

desert schooner Jan 5, 2024, 10:03 AM

#

Also look at dfinity. There you can add multiple HW devices (Macbook, Iphone, Android phone) to your account. So when one devices gets lost you can use the other devices. But the process is not done by sending files around and entering a PW 🙂 See here for more information: https://wiki.internetcomputer.org/wiki/ICP_custody_with_NNS_frontend_dapp

ICP custody with NNS frontend dapp

Currently, the easiest custody option is via the NNS Frontend Dapp.

#Improve security for UP backup / restore