Content pfp
Content
@
0 reply
0 recast
2 reactions

Greg pfp
Greg
@greg
What are the security differences between storing a seed phrase in the following ways: - Locked note in iCloud - Password-protected in Keychain like how Rainbow does it - largeBlob with a passkey in iOS17+ I think I understand the UX implications of each, but curious about the technical side
10 replies
5 recasts
19 reactions

Dan Romero pfp
Dan Romero
@dwr.eth
cc @cassie 1/ Keychain is a more secure part of the operating system on iOS and macOS vs. Notes is an app, likely more basic password security (likely not encrypted) Password-protected back up is likely decent encryption, but if you forget the password you're screwed.
2 replies
1 recast
3 reactions

Greg pfp
Greg
@greg
Interesting, looks like Notes passwords are encrypted but maybe not via Keychain 🤔 Then there's a different "Secure Notes" feature in the Keychain Access app, I wonder if it's using the same underlying tech https://support.apple.com/guide/keychain-access/store-confidential-information-securely-kyca2268/mac
1 reply
0 recast
0 reaction

Dan Romero pfp
Dan Romero
@dwr.eth
@cassie wdyt? TIL on Notes being e2ee separately from your iCloud data
1 reply
0 recast
0 reaction

dinislam pfp
dinislam
@dinislam.eth
it's potentially even more complicated what the difference in encryption between password-locked notes and normal notes with ADP enabled? unclear https://support.apple.com/en-us/HT202303
1 reply
0 recast
0 reaction

Cassie Heart pfp
Cassie Heart
@cassie
Notes with ADP ensures Apple cannot at any point access them. Password-locked notes are encrypted via key derivation of the pw, and Apple similarly cannot access them either. W/ ADP enabled, I believe the pw-locked notes remain encrypted w/ the same KD process, but additionally are encrypted w/ ADP when synchronized.
0 reply
0 recast
1 reaction