Should password really be compulsory?

apetersson

hero member

Activity: 668

Merit: 501

Quote from: Andreas Schildbach on February 09, 2014, 01:03:03 PM

Quote from: yabu on February 09, 2014, 07:37:41 AM

When the user of the Android Wallet wants to do a backup he has to give a password otherwise the application won't do the backup. Should the application really force the user to give a password? I mean one of the biggest security risks when it comes to losing bitcoins is in my opinion forgotten passwords. Why not make it optional.

Yes, forgotten passwords are a risk.

However, if you backup without or with a weak password, its extremely easy to leak your private keys. Backups need to be stored on public storage (the SD card aka "external memory"), otherwise you would not be able to move them to a safe place (off the device). Thus, any app can read your backup.

In future, you will be able to encrypt your wallet. This means you'll need to enter your password each time you want to sign a transaction. Thus will hopefully help to remember your password.

you can share custom URIs that your app provides to specific apps that can consume those files. (think google drive, email, etc) this is not perfect but it is better than requiring SD card storage (which google wants to remove anyways for usability reasons)

yabu

newbie

Activity: 19

Merit: 0

Quote from: Andreas Schildbach on February 10, 2014, 05:19:25 PM

Quote from: yabu on February 10, 2014, 03:57:54 PM

And the second question then becomes, who is the right person, the user or the developer, to answer the first question.

Users are almost always the wrong people to ask when it comes to technical questions.

Yes, but the risk that forgotten password poses is not really a technical question, is it? I would say it's more like a behaviouristic question.

Anyway, I'm just one of those users that dislikes it when an application thinks it knows better than me what's good for me.

roslinpl

legendary

Activity: 2212

Merit: 1199

Quote from: yabu on February 10, 2014, 03:57:54 PM

So the question then becomes, which one is a bigger risk, forgotten passwords or malware.

And the second question then becomes, who is the right person, the user or the developer, to answer the first question.

From malware you can secure yourself

From forgotten passord you can secure yourself too.

But you cant secure your private keys when you will not set password and someone will copy it from your computer. Example - a good friend with pendrive

MoonShadow

legendary

Activity: 1708

Merit: 1010

Quote from: yabu on February 09, 2014, 07:37:41 AM

When the user of the Android Wallet wants to do a backup he has to give a password otherwise the application won't do the backup. Should the application really force the user to give a password? I mean one of the biggest security risks when it comes to losing bitcoins is in my opinion forgotten passwords. Why not make it optional.

Considering that Android Wallet operates in an "always on" networked environment, on an android device which is usually a smartphone, there is no other way to secure the wallet from malware. An offline android wallet is possible, but pointless, and would still be exposed anytime the user desired to spend his bitcoins anyway. So yes, the developers should force a password. If you're stupid enough to make it too easy; well, you can't really fix stupid, but you can fix lazy.

Andreas Schildbach

hero member

Activity: 483

Merit: 551

Quote from: yabu on February 10, 2014, 03:57:54 PM

And the second question then becomes, who is the right person, the user or the developer, to answer the first question.

Users are almost always the wrong people to ask when it comes to technical questions.

yabu

newbie

Activity: 19

Merit: 0

So the question then becomes, which one is a bigger risk, forgotten passwords or malware.

And the second question then becomes, who is the right person, the user or the developer, to answer the first question.

Andreas Schildbach

hero member

Activity: 483

Merit: 551

Quote from: yabu on February 09, 2014, 07:37:41 AM

When the user of the Android Wallet wants to do a backup he has to give a password otherwise the application won't do the backup. Should the application really force the user to give a password? I mean one of the biggest security risks when it comes to losing bitcoins is in my opinion forgotten passwords. Why not make it optional.

Yes, forgotten passwords are a risk.

However, if you backup without or with a weak password, its extremely easy to leak your private keys. Backups need to be stored on public storage (the SD card aka "external memory"), otherwise you would not be able to move them to a safe place (off the device). Thus, any app can read your backup.

In future, you will be able to encrypt your wallet. This means you'll need to enter your password each time you want to sign a transaction. Thus will hopefully help to remember your password.

roslinpl

legendary

Activity: 2212

Merit: 1199

Quote from: yabu on February 09, 2014, 07:37:41 AM

When the user of the Android Wallet wants to do a backup he has to give a password otherwise the application won't do the backup. Should the application really force the user to give a password? I mean one of the biggest security risks when it comes to losing bitcoins is in my opinion forgotten passwords. Why not make it optional.

Why? It is easy.
If you wont put a password your backup keys are so easy to be taken by someone and you might loose your bits.
So.
Password is most important thing when you do a backup

yabu

newbie

Activity: 19

Merit: 0

When the user of the Android Wallet wants to do a backup he has to give a password otherwise the application won't do the backup. Should the application really force the user to give a password? I mean one of the biggest security risks when it comes to losing bitcoins is in my opinion forgotten passwords. Why not make it optional.

Topic: Should password really be compulsory? (Read 1135 times)