Skip to main content

πŸ” Passwords & Seeds

Learn how to create secure passwords, manage your recovery phrase, and understand the security implications of your vault credentials.

Password Security​

Vault Password Requirements​

Your vault password is the primary security layer protecting all your wallets and sensitive data.

Password Requirements​

  • Minimum Length: 8 characters
  • Recommended Length: 12+ characters
  • Character Mix: Letters, numbers, and symbols
  • Uniqueness: Never reuse passwords from other services
  • Complexity: Avoid common words or patterns

Password Strength Levels​

Password Strength:
β”œβ”€β”€ Weak (0-40): Common words, short length
β”œβ”€β”€ Fair (41-60): Some complexity, medium length
β”œβ”€β”€ Good (61-80): Good complexity, adequate length
β”œβ”€β”€ Strong (81-95): High complexity, long length
└── Very Strong (96-100): Maximum security

Creating a Strong Password​

Best Practices​

  • Use a Passphrase: Combine multiple words with numbers/symbols
  • Avoid Personal Info: Don't use personal information
  • Make it Memorable: Choose something you can remember
  • Test Strength: Use SuperSafe's strength indicator

Examples​

βœ… Good Passwords:
- "MyWallet2024!Secure"
- "Crypto$afe#Password123"
- "SuperSafe@Wallet2024"

❌ Avoid:
- "password123"
- "12345678"
- "MyName2024"
- "SuperSafe"

Password Management​

Storage Recommendations​

  • Never Write Down: Don't write passwords on paper
  • Password Manager: Consider using a password manager
  • Memory Only: Keep in your memory if possible
  • No Sharing: Never share your vault password

Recovery Considerations​

  • No Password Recovery: SuperSafe cannot recover forgotten passwords
  • Recovery Phrase: Use recovery phrase to recreate vault
  • Backup Strategy: Have multiple backup methods
  • Test Recovery: Practice recovery process

Recovery Phrase Security​

Understanding Recovery Phrases​

Your recovery phrase is a 12-word seed phrase that can recreate your entire vault and all wallets.

Recovery Phrase Details​

  • Format: 12 words separated by spaces
  • Standard: BIP39 mnemonic standard
  • Language: English wordlist
  • Entropy: 128 bits of entropy
  • Security: Cryptographically secure

Example Recovery Phrase​

Example Recovery Phrase:
abandon abandon abandon abandon abandon abandon 
abandon abandon abandon abandon abandon about

Recovery Phrase Storage​

  • Write on Paper: Use pen and paper
  • Multiple Copies: Create multiple copies
  • Secure Locations: Store in secure, separate locations
  • Fire/Water Proof: Use fire/water resistant storage

Storage Locations​

Recommended Storage:
β”œβ”€β”€ Home Safe: Primary secure location
β”œβ”€β”€ Bank Safe Deposit: Secondary location
β”œβ”€β”€ Trusted Family: Emergency backup
└── Secure Office: Additional backup

What NOT to Do​

❌ Never Do:
β”œβ”€β”€ Store Digitally: No digital storage
β”œβ”€β”€ Take Photos: No photos or screenshots
β”œβ”€β”€ Cloud Storage: No cloud services
β”œβ”€β”€ Email/Text: No electronic transmission
β”œβ”€β”€ Social Media: No social media posts
└── Shared Devices: No shared computers

Recovery Phrase Verification​

Verification Process​

  1. Write Down Phrase: Write all 12 words
  2. Check Spelling: Verify each word spelling
  3. Check Order: Verify word order
  4. Test Recovery: Test recovery process
  5. Store Securely: Store in secure locations

Common Mistakes​

  • Wrong Order: Words in incorrect order
  • Misspelling: Incorrect spelling of words
  • Missing Words: Forgetting some words
  • Extra Words: Adding extra words

Vault Security Model​

Unified Vault System​

SuperSafe uses a Unified Vault System where all wallets share the same encrypted vault.

Vault Architecture​

Vault Structure:
β”œβ”€β”€ Single Password: One password for all wallets
β”œβ”€β”€ Multiple Wallets: Multiple wallets in one vault
β”œβ”€β”€ Shared Encryption: All data encrypted together
β”œβ”€β”€ Centralized Security: Centralized security management
└── Local Storage: All data stored locally

Security Benefits​

  • Single Point of Security: One password to remember
  • Consistent Security: Same security level for all wallets
  • Centralized Management: Easy to manage all wallets
  • Backup Simplicity: One recovery phrase for all wallets

Vault Operations​

Create Vault​

  1. Set Password: Create strong vault password
  2. Generate Phrase: Generate 12-word recovery phrase
  3. Verify Phrase: Verify recovery phrase
  4. Encrypt Vault: Encrypt vault with password
  5. Store Locally: Store encrypted vault locally

Unlock Vault​

  1. Enter Password: Enter vault password
  2. Derive Key: Derive encryption key from password
  3. Decrypt Vault: Decrypt vault data
  4. Load Wallets: Load all wallets into memory
  5. Start Session: Begin active session

Lock Vault​

  1. Clear Memory: Clear sensitive data from memory
  2. Re-encrypt Vault: Re-encrypt vault with key
  3. Store Vault: Store encrypted vault
  4. End Session: End active session
  5. Clear UI: Clear UI state

Auto-Lock System​

Default Settings​

Auto-Lock Configuration​

  • Timeout: 15 minutes of inactivity
  • Configurable: User can adjust timeout
  • Immediate Lock: Lock on browser close
  • Session Persistence: UI state preserved

Lock Triggers​

  • Inactivity: After specified timeout
  • Browser Close: When browser is closed
  • Manual Lock: User-initiated lock
  • Security Event: Security-related events

Auto-Lock Benefits​

Security Benefits​

  • Memory Protection: Clears sensitive data from memory
  • Session Security: Prevents unauthorized access
  • Automatic Protection: No manual intervention needed
  • Consistent Security: Same security level always

User Experience​

  • Seamless: Automatic and transparent
  • Configurable: Adjustable to user needs
  • State Preservation: UI state preserved
  • Quick Unlock: Fast unlock process

Session Security​

Memory-Only Storage​

During active sessions, sensitive data is stored only in memory:

Memory Security​

  • No Disk Storage: No sensitive data written to disk
  • Memory Encryption: Sensitive data encrypted in memory
  • Automatic Clearing: Data cleared on lock
  • Process Isolation: Isolated from other processes

Session Data​

Session Data in Memory:
β”œβ”€β”€ Private Keys: Decrypted private keys
β”œβ”€β”€ Wallet Data: Wallet information
β”œβ”€β”€ Connection Data: dApp connections
β”œβ”€β”€ Transaction Data: Pending transactions
└── UI State: Interface state

Session Persistence​

UI State Persistence​

  • Interface State: UI state preserved across locks
  • Navigation State: Navigation state preserved
  • Form Data: Form data preserved
  • User Preferences: User preferences preserved

Security Data Clearing​

  • Private Keys: Private keys cleared from memory
  • Sensitive Data: All sensitive data cleared
  • Session Tokens: Session tokens cleared
  • Temporary Data: Temporary data cleared

Security Best Practices​

Password Best Practices​

Create Strong Passwords​

  • Use Passphrases: Combine words with symbols
  • Make it Unique: Never reuse passwords
  • Test Strength: Use strength indicators
  • Regular Updates: Change periodically

Store Passwords Securely​

  • Memory Only: Keep in memory if possible
  • Password Manager: Use password manager
  • No Digital Storage: Avoid digital storage
  • No Sharing: Never share passwords

Recovery Phrase Best Practices​

Store Securely​

  • Physical Storage: Write on paper
  • Multiple Copies: Create multiple copies
  • Secure Locations: Store in secure places
  • Test Recovery: Practice recovery process

Protect from Threats​

  • No Digital Storage: Never store digitally
  • No Photos: Don't take photos
  • No Sharing: Never share with anyone
  • Regular Verification: Verify periodically

Vault Security Best Practices​

Regular Maintenance​

  • Regular Backups: Backup vault regularly
  • Test Recovery: Test recovery process
  • Update Security: Keep security updated
  • Monitor Activity: Monitor vault activity

Security Awareness​

  • Phishing Awareness: Be aware of phishing
  • Scam Awareness: Watch for scams
  • Trust Verification: Verify trust levels
  • Risk Assessment: Assess all risks

Troubleshooting​

Common Issues​

Password Issues​

  • Forgotten Password: Use recovery phrase
  • Weak Password: Create stronger password
  • Password Mismatch: Check password entry
  • Character Issues: Check character encoding

Recovery Phrase Issues​

  • Forgotten Phrase: Cannot recover without phrase
  • Wrong Order: Ensure correct word order
  • Misspelling: Check word spelling
  • Missing Words: Ensure all 12 words present

Vault Issues​

  • Vault Corruption: Use recovery phrase
  • Encryption Issues: Check password
  • Storage Issues: Check storage space
  • Access Issues: Check permissions

Recovery Options​

If You Forget Password​

  1. Use Recovery Phrase: Use 12-word phrase
  2. Create New Vault: Create new vault
  3. Import Wallets: Import wallets from phrase
  4. Restore Data: Restore wallet data

If You Lose Recovery Phrase​

  1. No Recovery: Cannot recover without phrase
  2. Create New Vault: Create new vault
  3. Start Over: Start with new wallets
  4. Learn Lesson: Improve backup strategy

Security Reminders​

Regular Security Checks​

  • Password Strength: Check password strength
  • Recovery Phrase: Verify recovery phrase
  • Backup Status: Check backup status
  • Security Settings: Review security settings

Emergency Procedures​

  • Lost Password: Use recovery phrase
  • Lost Phrase: Cannot recover
  • Compromised Vault: Create new vault
  • Security Breach: Report immediately

Next Steps​

Now that you understand password and seed security:

  1. Key Encryption - Learn about encryption details
  2. Safe dApp Interaction - Learn dApp security
  3. Security Configurations - Configure security settings
  4. Vulnerability Reporting - Report security issues

Ready to learn about encryption? Continue to Key Encryption!