COVERING THE BOTTOM LINE, 2-STAGE SECURITY
- 23 Jun, 2022
The Ronyn Vault has 2 stages of user authentication.
1) First the user must enter the PIN, this secures your device.
2) Second the user must enter the Password, this secures your seed.
Why this 2-stage approach for security? Why not just a pin?
It is to cover the bottom line, the seed.
In most wallets, the seed alone secures the entire wallet. The pin only secures the device, independently of the seed. This means that if someone were to obtain your seed, then they have full access to your wallet. This is especially concerning considering that common protocol is to write down your seed on a piece of paper or to engrave your seed on metal. If that paper or metal is exposed then all your assets are compromised.
With the Ronyn Vault we think that this is insufficient. This is why the Ronyn Vault uses a password to protect your seed. Essentially in order to access the wallet both the seed and the password are needed. This means that if your seed is exposed somehow, your wallet is not compromised, the password is still needed to access the assets.
In this scheme, an additional layer of security provided by the fact that the password is "linked" to the PC or smart phone to which it was successfully authenticated. When a Ronyn Vault is first successfully authenticated on a PC or a smart phone, some data is recorded on the PC or the smart phone. When the user logs in again to this PC or a smart phone this data is verified to ensure the password is correct.
If a person tries to login to the Ronyn Vault via a PC or Smart Phone which is not "linked" then he/she will not be informed whether the password is correct or incorrect, i.e. Plausible Deniability. This means that a malicious entity who gains access to the wallet but not the PC or Smart Phone can not even brute force the password.
The security provided by the password can be enhanced if the user follows some best practices.
Note: The password is a 8-20 digit string consisting of alphabets, numbers and special characters.
1) The longer the password the better
2) Use less common vocabulary the better
3) Include both capital case and lower case letters
4) Include numbers
5) Include special characters
6) Do not enter your password where another person can view your PIN
7) Do not store your password in electronic format
8) Do not store your password in the same place as your seed