I’m looking for a bit of clarity on the correct way to backup a wallet. Is it enough to have only the encrypted cloud backup or is it also recommended to store it physically? Does having more than one increase risk of exposure?
Also, if using a cloud backup I noticed that there’s no visible file on the host website. However the Tokenized app does seem to recognize that one exist, or maybe that’s just an indication that the action was once performed. 1) Which of these is true? And 2) If the device is lost, what is the process for recovery with the cloud backup?
Thanks for reaching out and happy new year!
We recommend keeping a copy of the recovery phrase in safe place, but I personally use the cloud storage options (both GDrive and iCloud Keychain) for redundancy and conveinence. For the most security sensitive accounts/people, the cloud backups might not be the ideal option, as it does slightly increase the risk of exposure as Google and Apple are involved in that process and manage the infrastructure. We think they are very reliable companies, but we obviously don’t control what they do in the future.
For GDrive, we use a technique that hides the file from the UI, but it is there. With iCloud we use Keychain. If the device is lost and you have a cloud backup, then you will just need to log in to your GDrive or iCloud account (prompted in the Tokenized mobile app) to restore you account. Alternatively, you can use the recovery phrase if you don’t have a cloud backup.
The cloud backup is just a decryption key for your encrypted wallet(s) that we store on our servers for you. However, you will need your Tokenized password and username in order to be able to get your hands on the encrypted wallet, The recovery phrase can be used to generate your root keys and recover your wallet independent of our platform.
Does that make sense? Happy to answer any additional questions.