Since Yoroi wallet just launched I thought I would address some security that a user should employ.
First, always look to the official wallet documentation, Yoroi Wallet Security FAQ:
" Is Yoroi Safe?
Yes, Yoroi is safe. The private key associated with a user‘s wallet is stored only on the user’s computer and they are encrypted with the wallet password that only the user should know. They are not stored on centrally hosted servers. If an attacker gains access to a user’s computer and Yoroi wallet, no funds can be moved without the wallet password."
- Your computer should be secure, when you leave it lock your screen.
-
Yoroi encrypts your keys BUT that encryption is dependent on the password you set on your wallet!
2.a. Use only strong passwords and use that password only on this wallet. Should you ever get locked out of your wallet, forgot or lost your sending password, merely restore Yoroi with the 15-words that created your wallet in the first place, simple as that.
For me, I only use a physical device, hardware layer of protection, that securely generates and stores all my keys. I use Nitrokey as they open source their code, no backdoors. I just ordered Librem Key from Purism, which was built by Nitrokey, making it also open source; therefore a very secure key.
As an aside, I know many are waiting for some hardware key maker to add Cardano, but why wait for them when you can do it now yourself?
Below is Yoroi asking for confirmation to send out:
See that “SPENDING PASSWORD” input, a hardware key can populate that field for you; making your Yoroi wallet ultra safe as no one can access the sending key because it’s on your hardware key, not on your computer or saved to some online web service.
The Yoroi wallet is a great wallet, just like the Daedalus wallet, but how safe these wallets are once in your possession is dependent on you. Cardano has done its part, now do yours, use only strong passwords, consider getting a hardware key, so you do not have to remember or generate those long passwords ever again.
Happy October everyone.