If your keys become compromised and your need to change it use this guide as an outline. Please be careful in every step as you might lose access to your account otherwise. This guide comes with no warranty.
Hint: If you don’t care about your existing account, or are unsure about switching keys, you can create a new account on a secure wallet and transfer all funds from the old account.
If you have Cloud login:
https://github.com/bitshares/bitshares-ui/wiki/Cloud-Wallet-Login-and-changing-password
If you have local wallet:
- Import your existing bin file into bitshares.org, or any other secure wallet. If you do not have a backup, download one from your old compromised wallet (you should not be prompted to enter your password). Alternatively, create a new local wallet and import all the keys that you would like to switch (in default setting that would be the active, owner and memo key)
- To create a new set of keys, enter your account name and any random password (it is just used to generate the keys) at
https://paperwallet.bitshares.eu/ - Switch the active key
- Store public and corresponding private active keys showing in the paperwallet securely
- Add the public active key to your accounts active permission at
https://wallet.bitshares.org/#/account/youraccountname/permissions
To do that, enter the public active key and Weight “1” under “Enter account name/key and weight”, then click add and then click Save. If you have non-default setup of permissions (e.g. multi-sig) with multiple keys and a threshold that is not 1, please do the proper adjustment. - Add the private active key to your local wallet
https://wallet.bitshares.org/#/settings/restore
Select “Import a private key” and follow the instructions - Confirm that the active key now appears in blue font at
https://wallet.bitshares.org/#/account/youraccountname/permissions
and that you can see the private active key when clicking on it. - Remove the old active key from the active permissions and click Save
- Reload and confirm that only the new active owner key is listed in the active permissions
- If your compromised wallet also contained the owner key, repeat step 3) for the owner key. The same holds for the memo key, although not critical as it only allows to sign messages in your. Beware that switching the memo key means that you wont be able to read your old memo messages.
- After you are done switching your keys I would recommend doing a backup of the new local wallet. Additionally, I would recommend creating another local wallet that will be used for everyday activities and only put in the private active key and the private memo key, and not the owner key. Use the wallet with the owner keys only for account recovery.