samgranger
commented
6 years ago This will be included in the trinity wallet (99% sure).
Open yet-another-account opened 6 years ago
samgranger
commented
6 years ago This will be included in the trinity wallet (99% sure).
yet-another-account
commented
6 years ago But Trinity doesn't come out for at least the next few weeks, and won't be out for desktop for even longer. That's not an excuse to leave such a vital feature out of the official wallet.
PVBKXWYUMYTJ
commented
6 years ago У людей деньги воруют из за коротких паролей /составных фраз прям в пароле, или левых генераторов
lbux
commented
6 years ago Even if it were to be implemented into the wallet people would lose their funds to some other sort of phishing scam and blame the product itself. You can't really fix stupid or protect against it.
Just look at what happened before, people lost their funds because they didn't think to save their PASSWORD & USERNAME (Seed). If a seed generator were to be implemented and something like an encrypted KeePassX database is used to save the Seed people would then forget the password for the KeePassX database and then again blame IOTA.
yet-another-account
commented
6 years ago But at least it would be an enormous stop in the right direction. Yes, there will always be people who do stupid things. But at least we can make the number smaller, or at least be consistent with every other crypto wallet ever. You shouldn't stop putting airbags in cars because people will die in crashes anyways.
With the recent online seed generator fiasco, as well as a plethora of non cryptographically secure generators being used (ones using java's Random, js's Math.random, python's random.choice, etc), I believe it is time to revisit the idea of integrating a seed generator into the wallet. From what I understand, the seed generator was removed for fear that if a vulnerability was found, an attacker could sweep funds from all users' wallets.
However, this simply pushes many users to use insecure seed generators instead. Every single major wallet for every other cryptocurrency has a built in private key generator, and while it may be easy--indeed, trivial--for most developers working on Iota, we have to remember that the vast majority of users (yes, even cryptocurrency users!) know little to absolutely nothing about private keys or password entropy or cryptographically secure random number generation. Those that we don't drive away in confusion will likely google "iota seed generator" and go with the first result (and possibly get phished).