The wallet password backup is the encrypted version of the password generated by an encryption algorithm. It can be used to reset the wallet password when the user forgets it. It is similar to a private key in terms of format , which is a long, irregular string of characters. CoinTR does not save the user's seed phrase or password. The " wallet password backup" is an important way to retrieve a wallet account when the password is forgotten. Please make sure to create a backup when setting up the wallet.
The wallet password you set is used to encrypt the wallet's private key, which is done on the client-side. The server can only obtain the encrypted private key, while the client only saves the secret key, and the user backs up the password. Therefore, to decrypt the private key, both the secret key and the encrypted private key need to be provided, along with the user's password. This means that no one else can read it except for you.
Even if malicious software intercepts the password backup, it would still require the client-side SecretKey to decrypt the wallet password, and it would also need to hack into your CoinTR account to access and steal your wallet assets. Therefore, backing up the wallet password is significantly more secure than directly saving plaintext seed phrases or private keys.
End-to-end encryption: all encryption and decryption operations during the wallet creation process are done on the client-side, and the content transmission is encrypted end-to-end. This ensures that others can not obtain any of your account data during the transmission.
AES encryption: your wallet password is encrypted using AES encryption algorithm. Even if the backup is leaked, it can't decrypt your wallet password plaintext. This effectively avoids the problem of account asset loss due to seed phrases/private keys being stolen.
Secure random numbers: encryption keys and random numbers are generated using encryption-secure pseudo-random number generators.
ECDH key exchange: ECC algorithm is used in combination with DH to negotiate a key, and exchange parties can negotiate a key without sharing any secrets, and obtain a symmetric Sharekey to serve the AES encryption and decryption service.