PIN/Password web wallets

[hugeblack]

I noticed that some wallets like Exodus doesn’t require Internet to decrypt the password and others like Blockchain.info/greenaddress require Internet.
also from FAQ of greenaddress :
When you create a PIN, a random 256 bit AES password is created and used to encrypt your mnemonics and store them on your device in encrypted form. This password is sent to the server and destroyed on the client.
If the server is given the correct PIN when logging in, it will return the password to the device in order to decrypt the mnemonics.[1]

Does this mean that the server can get my password?
How can a wallet decrypt password without knowing the password?
I would be happy if someone explained how PIN/password encryption & decryption works because my information is very scarce.

Source:
#1 https://greenaddress.it/en/faq.html

[1713951158]

1713951158

[1713951158]

1713951158

[1713951158]

1713951158

[1713951158]

1713951158

[1713951158]

1713951158

[HCP]

GreenAddress and Blockchain.info are web-based, online wallets... hence why you must have an internet connection to be able to use them.

As for your query regarding GreenAddress security... You essentially have two ways of logging into your account:

1. By using your "mnemonic" to login.
2. By setting up a PIN and using the PIN to login.

With Option 1 (from the FAQ):
- Your private keys are not stored. They are derived on demand from your mnemonics as a seed to a BIP32 hierarchical wallet.
- Your mnemonics and private keys are never sent to the server. The server receives the public key and chaincode for generated addresses only.

Essentially, you input the mnemonic on your browser, but all the conversion to seed and master public key and chaincode etc are done locally, the server never sees your mnemonic.

With Option 2 (from the FAQ):
- Your mnemonics are encrypted and stored locally only when PIN login is enabled (See below).
- When you create a PIN, a random 256 bit AES password is created and used to encrypt your mnemonics and store them on your device in encrypted form. This password is sent to the server and destroyed on the client.

Again, the server has NO knowledge of your mnemonic. All it has is a "random 256 bit AES password" that is the key to decrypt the encrypted mnemonic stored on your device.

Does this mean that the server can get my password?

It holds the "random 256bit AES password", but does NOT have your encrypted mnemonic.

How can a wallet decrypt password without knowing the password?

It can't, you have to supply PIN to server, server gives your local device the password so it can decrypt the mnemonic... if you don't have PIN, you can't get password and can only access the wallet by logging in using mnemonic.


I would be happy if someone explained how PIN/password encryption & decryption works because my information is very scarce.
[/quote]
You setup the PIN, it creates the "random 256bit AES password", then encrypts your mnemonic on your device... the PIN and password are then sent to the sever... and destroyed on your device. So all you have is the encrypted mnemonic.

When you want to access the wallet, you send correct PIN to GreenAddress Server, if correct, Server sends the "random 256bit AES password" back to your computer to decrypt your encrypted mnemonic... mnemonic is then used to convert to seed and generate master public key and chaincode which GreenAddress uses to determine addresses but DOES NOT give access to private keys to the server!.

[hugeblack]

You setup the PIN, it creates the "random 256bit AES password", then encrypts your mnemonic on your device... the PIN and password are then sent to the sever...

This means that the server can access/see my password/PIN, correct?Can they use it to decrypt my encrypted mnemonic?
can Hack Tools decrypt my encrypted mnemonic without know PIN/Password? something like https://www.reddit.com/r/Bitcoin/comments/86p8ic/will_a_software_patch_that_gets_flagged_as/
How did blockchain.info wallet give me access to my master seed without saving my password?

[mobnepal]

This means that the server can access/see my password/PIN, correct?Can they use it to decrypt my encrypted mnemonic?
can Hack Tools decrypt my encrypted mnemonic without know PIN/Password? something like https://www.reddit.com/r/Bitcoin/comments/86p8ic/will_a_software_patch_that_gets_flagged_as/
How did blockchain.info wallet give me access to my master seed without saving my password?

Server can't access your password if it is cryptographicaly hashed (https://www.wired.com/2016/06/hacker-lexicon-password-hashing/), most of the sites which care about their users security will only store hashed form of password so that in the event of hack, hackers can't get users password which user might be using in other sites too.

In the case of blockchain.info, they store our encrypted wallet file in their server and our hashed password in their database. When we will enter our correct identifier (identifies our encrypted wallet file in their server) and password, again our pass will be hashed and compared with our record on database if it matches than server will decrypt our wallet file with our password in client side. Their nodes will be used to make transactions....
You can read yourself here https://blockchain.info/wallet/how-it-works


About greenaddress, I don't have much idea as I am only using blockchain.info as web wallet.

[warningsigns]

I'm not a fan of the idea of putting PINs or mnemonics on any online platform to access my account. It just seems so vulnerable to third party attacks, even if the wallet's hosting site claims to use world-class encryption systems and other state of the art tokenization or data cloaking tools to thwart exposure of the information being transmitted to the server.

Banks do use this system. When I access my online banking app, it asks for my user name and a password plus a PIN for sensitive payment operations. They claim it is secure because the information is "tokenized" while it is transmitted to the bank's servers. Banks being indispensable to most of us, refusing to use their app might mean inconvenient trips to their branch and ATMs so I have to live with the app thing. Plus they have mandatory deposit guarantees and behind the scenes 24/7 security staff monitoring transactions which is not something you can expect when using online crypto wallets.

I do like Green's multisig security feature, especially the way it stops thieves from raiding your wallet by knowing just your PIN or password:

Your main GreenAddress account is a 2of2 account. This means that two signatures are required to validate any transaction: one from you, and one from us. We sign your transaction only if it complies with the limits you have enabled, and only when you provide two-factor authentication. This means that a potential coin thief has to first access your wallet and then also hack into your two-factor authentication in order to try to steal your coins.

A 2of3 account requires two out of three signatures, where the third signature is from a backup key known only to you. This gives you the security benefits of a 2of2 account, while still allowing you to move your coins in the event that the GreenAddress service is unavailable.

[HCP]

You setup the PIN, it creates the "random 256bit AES password", then encrypts your mnemonic on your device... the PIN and password are then sent to the sever...

This means that the server can access/see my password/PIN, correct?

They're generating the "random 256bit AES password" and storing it on their servers, so theoretically, yes... they can "see" your password. I'm unsure if the PIN is stored directly, or if they hash it in some way and just compare a hash of the PIN entered with the stored hash before sending the password back to you.

Can they use it to decrypt my encrypted mnemonic?

Only if they have a copy of your encrypted mnemonic... which they (claim they) don't. The encryption and storage is supposed to be fully contained to your local device. None of this information is supposed to be passed back to the server... I'm sure an audit of the source code (and/or monitoring of traffic) can confirm this.

can Hack Tools decrypt my encrypted mnemonic without know PIN/Password? something like https://www.reddit.com/r/Bitcoin/comments/86p8ic/will_a_software_patch_that_gets_flagged_as/

Given that the mnemonics are encrypted with a 256bit AES key, I very much doubt that hack tools will be able to directly crack it... If they could, the internet would pretty much be broken

The most likely scenario for malware would be to keylog your PIN, and send a copy of the encrypted mnemonic to a hacker.... or maybe intercept the password returned from the server and send a copy of the encrypted mnemonic.

How did blockchain.info wallet give me access to my master seed without saving my password?

B.info? This discussion and description of the PIN/Password system is specific to GreenAddress... B.info works on a totally different system.

According to their FAQs:

Unfortunately, we're unable to help you re-gain access to your wallet if you've lost or forgotten your password. This is because we don't have access to your wallet or your wallet password.

I believe they store an "encrypted" backup copy of your wallet on their server... when you login, it sends the wallet payload back to your browser and it is decrypted using the password etc. locally on your device...

Then, when you request to view the master seed, while it looks like the server is showing you the master seed, that is all happening client side... ie. it is simply code in your browser showing you the decrypted wallet seed information from the wallet data in your browser.

B.info have NO idea what your password and/or seed actually are... refer here: https://blockchain.info/wallet/how-it-works