Let's be honest - the integrity of passwords have gone downhill in recent years. Login pages are just another inconvenience and few people really care about diversifying passwords. Mailboxes, streaming services, Apple ID and even bank applications - often share the same code with only minor deviations in terms of capitalization and/or additional characters. This poses two challenges: the first being that a hacker can gain access to multiple accounts just by figuring out the password for one of them. More embarrassing can be when in an attempt to over-diversify a password the user ends up forgetting it him/herself! For most applications a password reboots it but a simple click and security question away.
The Blockchain, however, was designed to be trustless. With intermediaries removed from the decentralised services, the entire responsibility for access now lies on the user. It is an incentive for honest behaviour with one small consequence: if you forget your password and lose access to your wallet, it is forever. It is impossible to access your funds again. The community is still split on whether this is actually a “downside” or simply a testament to the principles of ownership and security from which the blockchain was born.
Any decentralised wallet on any blockchain, when created, urges users to write down their so-called private keys. This can look like a set of unrelated words or in the form of alphanumeric gibberish like this: c96c4Ff8d17c415ce2b9Dc1ccb4a74949f3e5ac7506e242c73E97ce3659405H6.
What this really is though is a private key shown in hexadecimal format (256 bits shown as 64 hexadecimal digits, each 4 bits). There’s many private key formats which are essentially different ways to show the same number and are useful under different circumstances (different programs). The idea is that by adding more entropy, there is more security.
Today’s wallets tend to use cryptographically secure pseudorandom number generators using a seed which comes from a source of sufficient “entropy”. Simply using your own key or words is not enough as computers nowadays are extremely powerful and can input thousands of known words and hashes every second.
Linking the key to a wallet is how one can access the funds on the wallet. Private keys are what constitute the basis of ownership - through a process of asymmetric cryptography (one-way elliptic curve multiplication) users have access to not just “see” what funds are in a wallet but rather, send/receive these funds.This is what makes your funds truly yours - is your ability to use them.
It is therefore extremely important to save either the hashed version of a private key or the seed phrase somewhere to avoid losing access to your funds. Remember that this is the basis for ownership since it is no use to have funds in a wallet that you cannot use.
Below are two of the most popular ways of storing keys:
1. Paper note in the safe
⁃ Obviously, the simplest thing is to print or write down the private key on a piece of paper and put it in a safe at home or in a cell in a bank.
⁃ The only downside to this is that anyone who accidentally takes a picture of this key can then enter your wallet from anywhere in the world and withdraw all your funds.
⁃ A common solution then is to add your own twist of entropy by entering a 1-2-3 letters-numbers known only tby you into the private key randomly (for example, in the beginning, in the end, 5 characters away from the beginning, etc. - just don`t forget where you have inserted them).
EXAMPLE Let's say you have a pet cat, Kitty, that you got in 2020, which is a third pet in your life. And so you decide to enter symbols 'k20' into the private key after the 3rd character. You end up with new incorrect code that can be fixed and used only by you:
You can keep this key even as a magnet on your fridge. No one can use it!
2. Cloud storage - a little more tricky but stronger
⁃ Download any of the special services (1Password, LastPass, Avira, RoboForm, Enpass) and store your private keys there. If you are afraid of the hackers, one solution is to register in 2 different services, break the private key into 2 parts, then store one part in one service, and the other in another service. Obviously, you'd better use different passwords for different cloud storages.
We split the private key into 2 parts:
Next, just save each part in different cloud storage.
Security is Embily’s number 1 priority. We don’t store our clients’ crypto, the digital assets are simply converted into Euros immediately when funds are deposited into the account. Similarly,, we do not store any private keys of users.
Read more about crypto bank security - https://eu.embily.com/blog/embily-obtains-pci-dss-certification