Advance notice to backup keystore + Backup strategy

[luclu]

There should be some additional warning for the dangers of losing the wallet-files.

As in other systems e.g. WhisperSystems/Signal this could be part of the onboarding process.

Issues regarding lost wallets/password:
#396
#256

• In addition: Request for visibility-toggle when setting the password: Add password visibility toggle on creation #554

[frozeman]

Thats definitely something we need to add, thanks luca for collection those.

[hiddentao]

So what should the algorithm be here?

• First time user starts Mist suggest backup
• After that, if user hasn't backed up for X days then suggest backup again?

[frozeman]

We can't check of the user backed up as we currently only open a folder.

We can show a note once a user created an account.

It we build a real backup export import system. Then we can check if the user backed up.

Liebe Grüße,
Fabian

[frozeman.de]

On 03.05.2016, at 18:50, Ramesh Nair notifications@github.com wrote:

So what should the algorithm be here?

First time user starts Mist suggest backup
After that, if user hasn't backed up for X days then suggest backup again?
—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub

[hiddentao]

I'm proposing a backup system with a proper GUI. Thus the user will select a backup path within the app. They can then backup immediately and/or schedule regular backups to that location. We record the last backup location and last backup time internally (localforage).

[tayvano]

@hiddentao Not a bad idea, but it doesn't solve the problem of HDD crashes, lost computers, whatever people manage to do. It also may give some false sense of security: "But I had automatic backups on!" ... "Well you dropped your computer in a lake...." or "But you delete the automatically backed up folder when you installed a fresh OS."

I think there needs to be a warning each time a new account is created with a one-click button to open the keystore folder. Throwing that warning up once a month wouldn't be the worst idea ever.

The language should be simple, direct, and to the point. ie:

"If anything happens to your computer, your Ether are lost if you do not make a backup. Please make an external backup of your keystore file now, and ensure you always remember your password. Remember, in order to access and send your Ether and any tokens, you need the password AND the keystore file." [Learn More] [Back Up Now]

I'm a true believer that education is the best place to start. You can build scripts and pretty GUIs all day, but if a person realizes what and why they need something, they tend to do it on their own. Learning from hundreds of support messages from MyEtherWallet, ignorance (not stupidity) is by far the biggest issue:

1. People don't realize they need their private key / keystore file. They think the address + password is it because that is what they are familiar with (email, logins etc.)
2. People try to access / save their keystore file as something else. The fact that it has no extension scares them or something? This is a fairly new one. So far I've gotten two .doc keystore files that were "broken" and one that had been transformed into binary.
3. People don't understand the basics of encryption and where the password comes into play. They want to "reset" the password when they forget it.
4. People don't realize that ETH is stored on the blockchain and they are just accessing it via the client/wallet, so they think they need to back it up every time they make a transaction.
5. People don't know what words mean, which makes everything infinitely more difficult: "I think I have some trouble understanding what the difference between my account and my wallet, and my encrypted/unencrypted private key, public key, and keystore files."

The above, in plain english, could be discussed further in a "Learn More" section. That could easily be built out later though. Warning pop up first, IMO.

[hiddentao]

The instructions and explanations are a good idea, but once the user understands what the deal is, surely they'd want automatic backup of some sorts for convenience sake? I know I would. To mitigate disk corruption, etc why don't we offer cloud backups too? e.g. you can backup to local disk or to Google/Dropbox/etc. Most users just want something that's easy and straightforward to use. The only important point we need to make clear to them is that their password cannot be reset if forgotten. But the keystore is something we can help to backup without difficulty.

[tayvano]

My only worry with that is keystores being stolen from Dropbox. IMO, cloud storage is not a good place for keys. Additionally, if attackers know that Mist provides a 1-click backup to Dropbox or Google Drive, they will start phishing/targeting these more. The demographic that uses 1-click backups to Dropbox will overlap heavily with the demographic that isn't too terribly careful when clicking suspicious links and isn't too terribly careful about not re-using passwords.

see: https://www.reddit.com/r/ethereum/comments/4hd7zu/i_opened_my_ethereumwallet_yesterday_and_my_ether/

[hiddentao]

As a first step I think it would be good if all password generation dialogs had some stern warnings. I also think we need a password strength meter to try and encourage users to create secure passwords. I can certainly raise a PR for this.

[luclu]

to consider: #448

When I started up a pristine wallet, it asked me for a password that "I should protect like my house". This makes me think that this will be a master password for accessing the wallet. Of course this is actually only the password for an auto generated primary account. However this in very non obvious to someone who didn't actually write Mist.

I think that if Mist detects that there are no accounts present yet, it should offer the user to create one, making it clear that it's inserting a new default account. Further it should be clear that the password is for that new account. Lastly when the account is created, it should display a message that "Yo man: this is the account we've just created for you". Because in my experience, I had to wait two hours for Mist to sync up and whatnot to even see what I used my password on.

[bulibasa]

Fabian, I don't think this is good enough: "this is something we need to add" how about the past?
I lost a fortune by not saving the wallet because I didn't know about that.

Like luclu when I installed the wallet, it asked me for a password and told me that "I should protect with my life". This made me think exactly the same that this will be a master password for accessing the wallet, and that's ok, I have it. What now, my money is gone and actually it's been confirmed that the warning system was not designed correctly?

And what's next? This is not right, isn't there any chance to recover my money?

[hiddentao]

I'm wondering if we should switch to being a HD-wallet, resulting in less to store and less to backup for the user.

[luclu]

We might need to reassess the storage concept for web3-secret-storage, though.
Are there any efforts/EIPs on a united/frontend managed keystore?
Parity, for example, loads geth's default keystore as well as it's own when started with the --geth flag. All this feels half-baked.
On the other hand there are custom on chain systems and proxy identities like uport's system to be considered, too.

[BreakHeadz]

Good day to all.
I have a problem with the password from my wallet that I created on May 27, 2017 in version 0.8.10 of the Etereum node.
I heard that this version may not perceive some signs and replace them with others, my password contains signs "@", "#", "_".
At the time of the creation of the wallet I used Mac OS Sierra with "USA" standard language layout and "Russian PC"
When stand Russian PC layout this sings looks like this:
@ its "
_ its _ .
and # its №
Maybe somebody can help me with the variants of this symbols which maybe were converted on another ones by Ethereum program, I will be very thankful.
Cheers.