Cryptocurrency users and business figures alike are reacting with suspicion to a bizarre new security feature unveiled by US exchange Coinbase this week.
Back Up Your Funds With ‘Just A Password’
In a blog post February 12, Coinbase announced traders and wallet holders could now store a back-up of their private keys using iCloud or on Google Drive.
“You will only have to remember a password, that you decide, in order to recover your funds,” the company explained.
If you lose your device or get signed out of the app, you can easily regain access to your funds with the combination of your personal cloud account (iCloud or Google Drive) and your password.
The aim of the feature is ostensibly to provide users with peace of mind, in the event of device loss or theft, reducing the chances of wallet or exchange account compromise.
“The private keys generated and stored on your mobile device are the only way to access your funds on the blockchain,” Coinbase continued.
Owners of ‘user-controlled wallets’ like Coinbase Wallet sometimes lose their devices or fail to backup their 12 word recovery phrase in a safe place, thus losing their funds forever.
No Faith In User Risk Management
The move immediately sparked curiosity. Conventional wisdom in cryptocurrency circles has always warned against storing sensitive information on the cloud – weak passwords and data management have sparked a plethora of hacking attempts, some of which succeeded.
Jesse Powell, CEO of fellow US exchange Kraken, singled out the poor track record of cloud storage as a telltale sign the Coinbase option could ultimately do more harm than good for users.
“I am not a fan of training users on bad security. Cloud storage, while convenient, is constantly compromised, especially with all the SIM porting,” he wrote on Twitter, referring to hackers gaining entry to exchange accounts by fooling mobile providers into switching a victim’s phone number to their own device.
99% chance the people who would unwittingly use this do not have passwords strong enough to withstand professional cracking.
I don't understand, how do you misunderstand your target audience so bad?
— The Crypto Dog? (@TheCryptoDog) February 12, 2019
Coinbase users appeared similarly unconvinced, the company receiving a raft of criticism on social media.
What do you think about Coinbase’s cloud storage option for private keys? Let us know in the comments below!
Images courtesy of Shutterstock
