"Please put it in your wallet." is too demanding

[npdoty]

Here's my current conversation with keybase during the paper key setup process:

Have you written down the above paper key? [y/N] y
Excellent! Is it in your wallet? [y/N] n

Please put it in your wallet.

Now is it in your wallet? [y/N] n

Please put it in your wallet.

Now is it in your wallet? [y/N] n

Please put it in your wallet.

Now is it in your wallet? [y/N] 

I think what you mean, at least after the first go round, is that you want me to put the paper key in a safe place, and that if I want to provision new devices on the go, it's useful to have it in a container that I often carry with me. I don't want to keep this bit of paper in my wallet, though I will put in a safe, memorable place. I don't like lying to my security software during this kind of conversation, so I'd like it if keybase could just help me make a good decision that works for me rather than demanding a particular action. (Also, some people use purses, bags or pocketbooks, rather than wallets.)

[timmc]

Yeah, this made me nervous too -- I didn't understand why it was so important, and putting it elsewhere seemed more secure.

Then I saw that the reason is that the paper key is supposed to stand in for a mobile device so that I can include other laptops and desktops more easily -- the injunction to put it in my wallet isn't for security at all! Doesn't feel great.

[zQueal]

I really feel like wallet was used as an interchangeable placeholder for "safe place." It's not like Keybase can actually check to see if you've printed the paper key and placed it in your wallet. But I honestly feel like it's supposed to be demanding. It also protects Keybase from "I lost access to my key, and it's all your fault!" accusations. It's vitally important to have a backup of your paper key somewhere just in case the unforeseeable does happen.

Do I think it should be changed? Eh, maybe. If it's causing an obvious issue then maybe the wording should be changed, but I think the process itself and physically stopping the onboarding if a user chooses No is actually pretty important. IMO, anyways.

[smoyer64]

@zQueal

You shouldn't be "printing" your paper key - I hope you simply meant "write it down" as the instructions say.

[zQueal]

There are many valid reasons why someone would choose to print a paper key rather than writing it. Personally I have such terrible handwriting a pharmacist would have difficulty deciphering it, let alone myself. It would be a pretty shitty situation to have a paper key, need it, and be unable to read it. If you feel that printing your paper key is terribly insecure, then simply don't print it.

I mean, I can understand your concern. It is inherently insecure to print such sensitive data. However, so is uploading your private key to a webservice. So...

[timmc]

Well, not all of us do upload our private keys to keybase, so... :-P

I think that regardless of what action is requested of the user, the second-level interaction should (at least once) explain why this is important. It can be short, something like "You need a paper backup of some sort in case your computer dies and you ever want to regain access to keybase."

[lachesis]

Yeah, I just hit this and it's quite annoying and pushy. Definite +1 to remove.

[wesleysmyth]

+1...

[ryandhaase]

Old thread but +1. Also, I had to look this issue up to confirm they wanted me to actually write it down and put it in my wallet. For a minute I thought 'wallet' was code for some other piece of software such as lastpass.

[lachesis]

shrug this has been ignored for 3 years, closing my PR to get it out of my personal github view.