Opening the wallet without a password!


#1

I have installed Daedalus on my Mac and successfully added ADA. When I open Daedalus, it goes straight to the summary page showing my balance. Should I not be required to enter my password?

TIA


#2

It is expected. Daedalus only requires you to enter the password when you try to make a transaction or generate a new address.


#3

They key is your pw and its fixed unless you want to make a new wallet, The pw locks your application access but if you use the key on a new desktop you will have to re-apply the pw.


#4

Thanks so much!


#5

Shunfan is right - and in case you didn’t set up a password, you can always set up your spending password in the settings :slight_smile:


#6

Hello, this is my first post. I installed Deadalus and added some ADA. But very strange no password is needed to open the Daedalus Wallet. I think most people don’t like that. I don’t. I think there should be a password protected login.

I really like the Cardano Project, but this is a big disappointment. I think a wallet needs a password protected login. I don’t want to use another application software layer to make it password protected, as I saw in another posting.
Not everybody has a computer for his/herself…
I hope it will be changed in future updates…


#7

I’m not a cryptographer myself, but if the crème de la crème of the cryptographic community working on Cardano didn’t feel necessary to add a password feature, they surely have a good reason.

Think that a malicious individual who is able to own your computer is surely also able to bruteforce / keylog your password.

My point is that a password can give an illusion of protection and just because you don’t have one doesn’t mean you’re not protected, as long as you don’t click on every dangerous link around. The real protection is beforehand the password feature.


#8

Hello! For now it is decided to only use a “spending password”, that disallows other people to spend money from your wallet. But I easily see why someone would want to have a way to disallow other users to see their wallets at all. Your point about “Not everybody has a computer for his/herself…” is perfectly valid.

But for now the Daedalus wallet is still in deep-development phase, so most probably it’s just that they have put this feature for later, so they could have more time to decide - what would be the best way to implement it, and for users to use it. Foe example: should it be a password on the program launch itself, or a password on multiple accounts inside the program, where each account has it’s own set of wallets and settings.

I also hope that something like this will be implemented, but for now it is unfortunately not the immediately prioritised project.


#9

Hi CosmosX, no I don’t agree with your arguments. They have nothing to do with it. You talk about illusion of protection…Cardano probably has a good reason to etc. Nonsens. Fine that the real protection is beforehand the password feature… Good but…

Look, not everybody has a computer for his/herself as I mentioned before. And if someone else uses that computer, another person can click on daedulus and immediately see your funds. And everyone who holds Cardano knows that the daedulus wallet has no password, and so they can just click daedalus if they see it on another computer, just because they are curious for example. Also if your computer is stolen, the people stealing can open daedalus and see ho much funds there are. Suppose it is a lot. It will give reasons for them to make free time to inspect/hack the computer further because now they know the computer they have stolen from, has a lot of funds.

Also I see a lot of other people asking the same question. It is the only wallet until now that I have seen without password protected login, and it is wrong. Not a good idea. I am really disappointed.


#10

It is not the only one, Jaxx and Zen Swing are just two that I happen to know, there might be others.


#11

Hi @vantuz-subhuman,
Ok, yes I understand the development phase, so lets give Cardano much more time to develop.
But as a user, I thought it is important to give my opinion, because a lot of people don’t like it. and if nobody speaks up, they will not change it. I think the Forum is meant to mention those bugs/improvements/ideas. I will see and wait what happens in the future. I hope they will come with password protection, as other wallets also do…


#12

OK fine, I don’t like it. I have good reasons/arguments for it.


#13

I didn’t mean to imply disagreement on the main issue, I just thought it was worth noting that there are others.


#14

@grytchen. Thanks for your reply. Of course it would be better to add one, and you’re absolutely right in saying that if other people are using the same computer, it should at least be password protected. There is no denying that, and IOHK is probably working on it as pointed out by Rob and Vantuz.
I am not sure whether your raised it a general concern or if you are personally annoyed because someone you don’t trust uses the computer on which you have Daedalus installed?

In the meantime I see 3 temporary options to solve it:

  • Make sure that you have your list of secret words stored somewhere safe with a back-up of it, then delete/uninstall Daedalus from your computer, keeping in mind that your coins are not stored in your Daedalus but on the blockchain. This list IS your coins. That’s the safest option. You can then recover your Daedalus using this recovery seed at any time.
  • Encrypt Daedalus with a software such as Veracrypt. More complicated
  • Use a password protected Virtual Machine and Install Daedalus on it (bonus: it adds a layer of security from the host machine). Even more complicated but feasible with instructions

#15

It is very good that you have chose to speak about it on this forum, and no one have implied any blame on you for it :slight_smile:

Yes, that is exactly what forum is for, and we’re just continuing the discussion, so all the views and possibilities will be open for people who read these topics afterwards.

I have created this GutHub issue, that describes the problem and possible solution, as I see it, and also links back to this discussion, so it may be continued to be questioned here.

I am also hoping that they will get to this feature sooner or later. But as it is - Cardano is in early development for now. No software for now is in no form considered to be a “final product”. Cardano is at its least a 2020 project, and for sure will be continually improved afterwards also. So for now we just have to accept the roadmap and the fact that some features may be not as prioritised as we would want :man_shrugging:


#16

I just got an encrypted external hard drive and installed Daedalus on there. If I want to open Daedalus, I just enter the password for the drive and then access the wallet. It’s a temporary fix, but it gives you the features you want right now.


#17

Wow, @Not_Anonymous, that’s actually cool stuff! Could you please provide us with some details, like: what drive’s model you are using, how expensive it is approximately, what OS did you use to install it in there, and were there any complications in the process, or was is smooth all the way? :slight_smile:

I am personally and the community would really appreciate the info! Thanks!


#18

Here is what I used. Fairly simple to copy it over, but if you don’t use it to get onto the system for a while, then it takes some time to sync. It is the only thing I have on there as I am kind of paranoid about security with crypto.


#19

So the DB and Wallet folders remain on the main drive?


#20

I believe so, but I need to double check. I only open it from there and it doesn’t appear anywhere else that I know of, but I need to scrub the files. I need to try eject the hard drive from my PC and plug it into my laptop when I get back home and I’ll let you know how it works out. I haven’t downloaded Daedalus to it yet, so it will be a little bit of a test run.