🔡

What type of password should I use for my Ctrl extension and/or my backup file ?

A strong password includes :

. a relatively large number of characters

. the use of uppercase letters

. the use of lowercase letters

. the use of numbers

. the use of special characters

. no sequences of characters repeated 3 times

⚠️ We recommend avoiding the use of existing words / names

Example of an acceptable password (minimum requirements (= 8 chars min. + no character can be repeated 3 times in a row) + use of uppercase letters, lowercase letters, numbers and special chars) : uU813R@2Pc2`

In the event of a dictionary / brute force attack, the longer and more complex your password, the more resistant it will be.

⚠️ Your password must be unique, specific to your Ctrl extension
​
​🔡 How to view a wallet seed phrase

> Open your Ctrl extension

> From the Ctrl Home screen, click on the upper-left button related to the current account selected

> Click on the 'Manage' button

> Click on the 👁️ icon (if you only have one wallet) or on the '...' associated with the wallet of your choice *and select the 'Show secret phrase' option*

> Enter the local password of your Ctrl extension

🔐 How to view a Private Key

> Open your Ctrl extension

> From the Ctrl Home screen, click on the upper-left button related to the current account selected

> Click on the 'Manage' button

> Click on the key icon 🔑 associated with the account of your choice

> Enter the local password of your Ctrl extension

How/Where should I save my password / seed phrase(s) / private key(s) ?

The fact that your password / seed phrase is written in plain text is a risk if it is discovered. Encrypting your password / seed phrase strengthens the security of your funds. For example, you can save your password / seed phrase in an encrypted password manager file, itself stored on several external & offline devices.
​
​How to create a .json backup

> Open your Ctrl extension
> Click on 'Settings'
> Click on 'Wallet management'
> Enter the local password of your extension
OR
> Check 'Export with a new password'
> Enter the current password of your extension
> Enter a new password twice
> 'Submit'

This option locks your Ctrl web browser extension. You can lock your extension from the Settings as soon as you have finished using it.
​
Once your extension is locked, your Ctrl extension password will be required to be able to Log in.
​
If you have forgotten/lost this password, you need to click on Forgot your password > Reset wallet (you can also right-click on the extension icon > Options > Clear all storage and refresh). However, please note that this action is NOT reversible ! ⚠️

Once you've done this, you'll need to re-import your wallet seed phrase or .json backup from the onboarding process.

🔄 🔒

Once this option is enabled (from the Settings), your Ctrl extension will automatically lock after 8 minutes of inactivity.

Once your extension is locked, your Ctrl extension password will be required to be able to Log in.

If you have forgotten/lost your password, you will need to click on the 'Restore using recovery code' option.

. To restore your password, please enter your Ctrl recovery code (or phrase).

. Enter a new password twice

. Read the terms of use and tick the box if you accept them.

. Click on the 'Import' button

Once this option is enabled (from the Settings), your Ctrl Wallet extension will ask the local password of the extension to confirm each blockchain interaction.
​

​ONBOARDING PROCESS
> Download & install the Ctrl extension from the Google Chrome Store webpage (https://chrome.google.com/webstore/detail/xdefi-wallet/hmeobnfnfcmdkdcmlblgagmfpfboieaf?hl=en&authuser=0-)
> Open your Ctrl extension
> Click on 'Let's get started'
> Click on 'Connect Hardware Wallet'
> Click on 'Create Ctrl Wallet'
> Enter a local password for your Ctrl extension and confirm this password
(⚠️ 12 characters or longer)
(⚠️ No sequence of characters repeated 3 times)
> Read and agree to the Terms and conditions if satisfied
> Click on the 'Next' button
> Connect your LEDGER device to your Desktop/Laptop
> Enter the PIN code of your LEDGER device
> Still from your LEDGER device, enter in the blockchain app previously downloaded and installed via LEDGER Live
> From the Ctrl webpage now open and dedicated to the LEDGER process, click on the 'Next' button
> Select the right chain
> Select a derivation path
> Click on the 'Connect' button
> Scroll down the list of scanned address to scan more addresses
> Select 1 or several scanned addresses
> Click on the 'Unlock Selected' button
> Repeat the process to add more addresses or check this other method (link) if it concerns the same chain and derivation path
> Make Ctrl your default browser wallet via radio button (By turning this option on, Ctrl will take priority (when > > possible) over other wallet extensions (e.g. MetaMask) you may have installed in your browser when connecting to web applications.This option is easily accessible from the wallet menu in case you change your mind!)
> Click on the 'Next' button
> To pin the Ctrl extension to your web browser, click on the puzzle icon of the web browser extension manager and click on the pushpin associated with Ctrl
> Open the Ctrl extension (click on the icon at the top-right of your web browser
> Read and close the welcome prompt
> Prioritise Ctrl from the Settings
To add more addresses, follow the process below or check this other method (:discord: . https://discord.com/channels/826110375639646228/954698900730687518/1072663989064040450) if it concerns the same chain and derivation path
​FROM THE EXTENSION INTERFACES
> Open your Ctrl extension
> Click on the 'Settings' button at the bottom of the Home screen
> Click on 'Wallet management'
> Select the 'Import wallet' option
> Select the 'Connect to hardware wallet' option
> Connect your LEDGER device to your Desktop/Laptop
> Enter the PIN code of your LEDGER device
> Still from your LEDGER device, enter in the blockchain app previously downloaded and installed via LEDGER Live
> From the Ctrl webpage now open and dedicated to the LEDGER process, click on the 'Next' button
> Select the right chain
> Select a derivation path
> Click on the 'Connect' button
> Scroll down the list of scanned address to scan more addresses
> Select 1 or several scanned addresses
> Click on the 'Unlock Selected' button
> Repeat the process to add more addresses or check this other method

> Connect your LEDGER device to your Desktop/Laptop
Enter the PIN code of your LEDGER device
Open LEDGER Live
> Open the LEDGER Live Manager
> Allow LEDGER Live Manager from your LEDGER device
> In the LEDGER Live Manager, search the App' named Fido U2F & install it
ℹ️ We have chosen Binance in our example
> Go to the Security settings and click on the 'Enable' button associated to the 'Security Key' option
> Read the 'Safety Tip' prompt and click on 'Continue' if you approve
> Click on the yellow 'Activate Yubikey' button
> Click on 'OK'
> Click on 'OK' again
> Connect your LEDGER device to your Desktop/Laptop.
> Enter your PIN code
> Still from your LEDGER device , open the Fido U2F app'
> Confirm the registration from your LEDGER device
> Enter a 'Security Key Label'
> Click on the yellow 'Next' button
> Enter the 'E-mail verification code
> Enter the 'Authenticator Code'
> Click on the yellow 'Submit' button
> Click now on the yellow 'Go to security management' button
ℹ️ You can now manage the different options (Withdraw & API / Log in / Reset password) where an interaction with your LEDGER device will be requested.
ℹ️ Note that the activation / deactivation of an option from the Binance web interface also requires a manual confirmation from your LEDGER device
ℹ️ You can also delete your LEDGER device (your Authenticator Code will be required)
​

From the Ctrl Home screen, click on the 'Dapps' button visible in the upper-right corner
Click on the pencil icon to 'Manage' your favourite dApps
Click on one of the dApps visited while holding down the left mouse button and move the mouse to drag and drop (releasing the left mouse button) the dApp to the desired location
Click on the little ❌ icon associated to a dApp to delete it from your favourites
Click on 'Done' when satisfied
+
Click on 'Connections'
Select a dApp in the list which has active connections
Select a wallet
Click on the little ❌ icon associated with an account to revoke a permission
Click on the the icon associated with an account to establish a connection
​

Token approvals
. Ethereum : https://etherscan.io/tokenapprovalchecker
. Polygon : https://polygonscan.com/tokenapprovalchecker
. BSC : https://bscscan.com/tokenapprovalchecker
. Avalanche : https://snowtrace.io/tokenapprovalchecker
. Fantom : https://ftmscan.com/tokenapprovalchecker
​
. 🌐 http://revoke.cash/
. 🌐 https://approved.zone/
​
Revoke token spend approval from addresses can prevent potential exploits from draining tokens from your wallet
​

> Open your Ctrl extension
> From the Ctrl Home screen, click on the upper-left button related to the current account selected
> Click on the 'Manage' button
> Click on the '...' associated with on of your wallets
> Select the 'Show secret phrase' option
> Save your seed phrase
> From the same interface, click on the Back up icon to back up all wallets
> Enter a password that will be used to decrypt the file (By default, enter the local password of your extension. Note that you can set up a customized password by ticking the 'Export with a new password' option and by entering and confirming your customized password.
ℹ️ You can also backup all your wallets via the Settings > Wallet management interface
OR
Right click on the Ctrl icon > Options > Download JSON backup
​

To protect yourself 🛡️ against ‘Address Poisoning’ (scams which pollute transaction histories), please do not copy & paste addresses via the transaction history (‘Activity’) and blockchain explorers, but instead please register the external addresses to which you intend to transfer funds via the extension’s built-in address book.
​
Website article : 🌐 . https://www.xdefi.io/article/protect-yourself-vs-address-poisoning