Jump to content
Xrphunter

Toast Wallet on USB thumb drive

Recommended Posts

33 minutes ago, Marc_Royale said:

Now If only they would add 2FA and remove that insecure PIN system.
Right now, anyone recording your inputs could steal your funds.

Anyone who knows/finds your ledger passphrase can use your funds.

If you need to satiate your paranoia a paper wallet works great.

Share this post


Link to post
Share on other sites
46 minutes ago, ADingoAteMyXRP said:

Anyone who knows/finds your ledger passphrase can use your funds.

If you need to satiate your paranoia a paper wallet works great.

Not true, they'd have to take me out, break into my safe, find where my passphrase is and then use my funds.
That's a lot of work for a very little payout.

Also, It's not really paranoia when any 12 years old with hacking tools could eavesdrop on you.
With this logic you might as well just leave your crypto in an exchange.

Share this post


Link to post
Share on other sites
41 minutes ago, Marc_Royale said:

Not true, they'd have to take me out, break into my safe, find where my passphrase is and then use my funds.
That's a lot of work for a very little payout.

Also, It's not really paranoia when any 12 years old with hacking tools could eavesdrop on you.
With this logic you might as well just leave your crypto in an exchange.

So by “not true” you mean “true.” If someone had your passphrase they could buy a fresh ledger and use your funds.

But they won’t, just like they won’t try to find mine.

Hackers are massively incentivized to go after exchanges rather than individual crypto owners. That’s why exchanges get hacked all the time. Keystroke recorders on personal machines are a rarity.

Share this post


Link to post
Share on other sites
7 hours ago, TheXRPer said:

You're XRP isn't stored on anything other than the XRPL. 

Exactly. No matter how any crypto is stored the difference between you being in control of your crypto and not, is knowing your private/secret key

Share this post


Link to post
Share on other sites
On 10/28/2018 at 6:50 AM, Marc_Royale said:

Now If only they would add 2FA and remove that insecure PIN system.
Right now, anyone recording your inputs could steal your funds.

+1

Share this post


Link to post
Share on other sites
On 10/28/2018 at 6:50 PM, Marc_Royale said:

Now If only they would add 2FA and remove that insecure PIN system.
Right now, anyone recording your inputs could steal your funds.

 

2FA doesn't work that way. There no remote server to authenticate you using two factors of authentication. Your phone/device stores your encrypted wallet. You decrypt it using your passphrase in order to send XRP. An attacker logging your keystrokes would also need a copy of your wallet backup or wallet data to break into your wallet.

The closest we could get to 2FA is adding multi-sign. This would add significant complexity, requiring two copies of Toast on different devices with different wallet data in each.

We have already added offline transactions in February. Simply turn off Internet on your device and send a payment from Toast. You complete the payment via an airgapped QR code with an online version of Toast (without a wallet installed.)

Almost no one uses this offline functionality, so we're not convinced any greater number of people would use a multi-sig function if we added it.

Share this post


Link to post
Share on other sites

×