I want to ask abt the security of the wallet. Is it safe to store all the coins?
I’m glad you asked!
The private key(s) only stay in your wallet mobile/desktop app, and in encrypted form. It only can be decrypted by your password (to open wallet app).
The wallet app will be auto-lock if you're inactive in few minutes (configurable time).
If users are more paranoid, they can use settings to require both Password/PIN and OTP to unlock wallet.
On Midas web dashboard, we use 2-factor authentication (OTP) and consider accepting login by Civic or uPort as a way to fully blockchain-ize our platform.
Besides that, we're researching other interesting ways to integrate Civic/uPort with wallet app to increase security and improve UX at the same time. I really like the idea about social circle of uPort.
Another thing we're considering is using U2F, USB-dongle, FIDO,... to improve security for Midas desktop wallet app and Midas web dashboard.