I decided to start using MM as an alternative way to manage crypto assets. I’ve read concerns around sharing the recovery passphrase with MM during the account import, in the event MM were to be breached. That said, I think it would same would apply to CDC – What if CDC was breached and somehow the recovery passphrases were stolen? What’s the communities thoughts on this and do we have any white papers, KBs, etc. on the topic? Thanks!
Hi,
MetaMask does not have access to your Secret Recovery Phrase. See this article for details: https://metamask.zendesk.com/hc/en-us/articles/360060826432-What-is-a-Secret-Recovery-Phrase-and-how-to-keep-your-crypto-wallet-secure
Anytime a wallet is compromised or a Secret Recovery Phrase is stolen, it’s because there is some place that the user accidentally/unknowingly shared their SRP (secret recovery phrase), given access to their wallet, signed a malicious contract, given permissions unknowingly, their computer/mobile has been compromised in some way, etc.
Understanding security measures you can take is going to be your best bet. Many suggest getting a hardware wallet (like Trezor, Ledger, etc) so that you have an extra layer of keys. IMO this is a great move if you have any amount of funds/NFTs you want protection against.
I’m going to share some other articles which are from the KB that are helpful, and they always link to other helpful articles. The security rabbit hole is a deep one!
Remember never to share your Secret Recovery Phrase. If a person or site ever asks you for your SRP, close the window. MetaMask will never have a pop-up that asks you to enter your secret recovery phrase a 2nd time if you’re already logged into your wallet.
1 Like
This topic was automatically closed after 30 days. New replies are no longer allowed.