🔡

What type of password should I use for my Ctrl extension ?

A strong password includes :

. a relatively large number of characters

. the use of uppercase letters

. the use of lowercase letters

. the use of numbers

. the use of special characters

. no sequences of characters repeated 3 times

⚠️ We recommend avoiding the use of existing words / names

Example of an acceptable password (minimum requirements (= 8 chars min. + no character can be repeated 3 times in a row) + use of uppercase letters, lowercase letters, numbers and special chars) : uU813R@2Pc2`

In the event of a dictionary / brute force attack, the longer and more complex your password, the more resistant it will be.

⚠️ Your password must be unique, specific to your Ctrl extension
​
​🔡 How to view a wallet seed phrase(s)

> Click on 'Settings'
> Click on 'Wallet management'
> Select on of your wallets > Click on 'Show Recovery Phrase'
> Tick 'I won't share my Recovery Phrase with ANYONE.'
> Click on 'Show Recovery Phrase'
> Enter your extension password
> Click on 'Next'

🔐 How to view a Private Key

> Click on 'Settings'

> Click on 'Wallet management'

> Select on of your wallets

> Click on the '...' associated with the account of your choice

> Click 'Show private key'

> Tick 'I won't share my Recovery Phrase with ANYONE.'

> Click on 'Next'

> Enter your extension password

> Click on 'Next'

How/Where should I save my password / seed phrase(s) / private key(s) ?

The fact that your password / seed phrase is written in plain text is a risk if it is discovered. Encrypting your password / seed phrase strengthens the security of your funds. For example, you can save your password / seed phrase in an encrypted password manager file, itself stored on several external & offline devices.

This option locks your Ctrl web browser extension. You can lock your extension from the Settings ('Lock wallet') as soon as you have finished using it.
​
Once your extension is locked, your Ctrl extension password will be required to be able to Log in.
​
If you have forgotten/lost this password, you need to click on 'Forgot password?' > Reset (you can also right-click on the extension icon > 'Options' > 'Reset extension' > 'Reset'). However, please note that this action is NOT reversible ! ⚠️

Once you've done this, you'll need to re-import your wallet seed phrase or .json backup from the onboarding process.

🔄 🔒

> Go to 'Settings'
> 'Security & Privacy'
Enabling this will will lock your extension after a set time period after inactivity.

Once your extension is locked, your Ctrl extension password will be required to be able to Log in.

If you have forgotten/lost this password, you need to click on 'Forgot password?' > Reset (you can also right-click on the extension icon > 'Options' > 'Reset extension' > 'Reset'). However, please note that this action is NOT reversible ! ⚠️

Once you've done this, you'll need to re-import your wallet seed phrase or .json backup from the onboarding process.

Once enabled, you will have to enter your password to approve transactions :
> Go to 'Settings'
> 'Security & Privacy'
​
​

❌ Revoke connections
> From the Home screen, click on the icon at the top-left of the screen
> 'Connected dApps'
​
> Click on 'Disconnect all'
OR

> Select a specific dApp
​
> Click on 'Disconnect all'
OR
> Disconnect (a) specific account(s) by clicking on associated 🔗 icons
​
​
❌ Revoke token approvals
> Go to 'Settings'
> 'Revoke token approvals'
​
OR
​

Connect your extension to chain explorers, for example :
. Ethereum : https://etherscan.io/tokenapprovalchecker
. BSC : https://bscscan.com/tokenapprovalchecker
. Polygon : https://polygonscan.com/tokenapprovalchecker
. Avalanche : https://snowtrace.io/tokenapprovalchecker
etc.
​OR
to specific dApps such as :
. 🌐 http://revoke.cash/
. 🌐 https://approved.zone/
​
Revoke token spend approval from addresses can prevent potential exploits from draining tokens from your wallet
​

To protect yourself 🛡️ against ‘Address Poisoning’ (scams which pollute transaction histories), please do not copy & paste addresses via the transaction history (‘Activity’) and blockchain explorers, but instead please register the external addresses to which you intend to transfer funds via the extension’s built-in address book.