[Enhance User Experience] Automatically fill all blank when paste the complete recovery phrase.

[yangby-cryptape]

Description

Recently, I have tried many wallets.

I found that most of them have a good feature: when a user pastes a complete secret recovery phrase into the wallet, all corresponding blank will be filled automatically.

But in Neuron, I have to paste each word into the corresponding blank one by one.

Comparison

Click HERE to the the comparison.

• MetaMask

  

• Neuron

  

Another Issue

Neuron doesn't hide the secret recovery phrase after input.

[yanguoyu]

For better safety, we remove the copy-and-paste phrase seeds. If you copy your phrase seeds once, other unsafety apps may read your clipboard. So it's better to enter phrase seed words one by one.

[yangby-cryptape]

For better safety ...

Although you blame the problem on security, but Neuron doesn't hide words after them been input.

If you copy your phrase seeds once, other unsafety apps may read your clipboard. So it's better to enter phrase seed words one by one.

• If Neuron wants to avoid password leak via the clipboard, Neuron should disable copy rather than disable paste.

• Neuron doesn't allow copy-and-past, but how does Neuron avoid users to try that?

  So, it's very likely that the password is already in clipboard.

  So, disable copy-and-pas is just meaningless.

[yangby-cryptape]

If Neuron really wants to disable password leak via clipboard, don't use input fields.

A better solution is:

• Display a picture with 26 English alphabets.
• Let user click English alphabets to input words.
• Base on the BIP-0039: no word could be the prefix of another word, whitespace is not required.
  Neuron can match the user inputs to find the word, there should be only one matched.
  But, provide a button to input whitespace is also reasonable.
• The picture should be generated each time, and the 26 English alphabets should be in the different coordinates of the picture every time: for security.

👉 If users don't see any input field, they won't try to copy-and-paste.

p.s. Since Neuron so cares about security 👍, I guess I could expect this feature finished in the next 2 or 3 releases 😉; so excited, I can't wait for that.

[Keith-CY]

If Neuron wants to avoid password leak via the clipboard, Neuron should disable copy rather than disable paste.

Agreed, please have a consideration @Danie0918

The suggestion at #3115 (comment) is a bit further.

I would suggest optimization as follows

1. Disable the copy function of the mnemonics;
2. Fill words into each field when the wallet is imported by pasting mnemonics;
3. Display options along with characters being inputted, e.g. https://developer.mozilla.org/en-US/docs/Web/HTML/Element/datalist
4. Leave some fields empty(not all fields empty) when a user inputs the mnemonics a second time for confirmation. By doing so, users have to write down all words but only need to type some of them.