Doubt on passwords

#1

Every new browser I access blockstack, I enter the same process:

  1. provide secret magic key;
  2. create password.

Is that the way blockstack works? I have to create a different password for each device I access?

1 Like
#2

You don’t have to create a new password – the password itself is only used locally, so technically you could use the same or a new password: it’s up to you.

IIRC it’s only used to encrypt your master private key, and that’s it.

#3

If you are entering the “Magic Recovery Code” to authenticate in new browsers, then the password you enter must correspond with the password you originally set when registering for your Blockstack ID. Otherwise, you’ll get an error saying that either the code or password entered are incorrect.

If you enter the “Secret Recovery Key”, however, then you can set whatever password you’d like, as @MichaelFedora indicates. The password you set in that context doesn’t get entered anytime later on. For example, if you were to later sign in with your “Magic Recovery Rode” per above, you’d still use the original password from registration – not the one you later set when using the “Secret Recovery Key”,.

This is all a bit confusing so we’re looking to clarify the user experience. This issue contains some of the relevant discussion: https://github.com/blockstack/blockstack-browser/issues/1749