Bitshares Key Modification Guide: Changing Account Keys and Passwords

Understanding Bitshares Account Security

Bitshares provides robust tools for managing account security through key modifications. This guide explores how to update account keys and change passwords in account mode while maintaining optimal security practices.

Key Modification Capabilities

The Bitshares wallet allows users to modify:

• Funds permissions (controls asset transfers)
• Account permissions (governs account operations)
• Memo keys (for encrypted messages)
• Account mode passwords (web-based access credential)

Step-by-Step Key Modification Process

Account Mode Password Changes

1. Navigate to "Account Mode Login" settings
2. Set a new password (minimum 12 characters)

3. The system generates three new keys:

   • Funds key
   • Account key
   • Memo key
4. Verify key functionality using the "Use" button
5. Click "Save Changes" and confirm with your password

👉 Learn more about Bitshares security features

Critical Security Considerations

When modifying keys:

• Never remove all keys - This permanently disables the account
• Weight/threshold settings - Configure carefully as incorrect settings may lock you out permanently
• Multi-signature accounts - Requires coordinated access from multiple parties

Pro Tip: Always maintain backup access to at least one authorized key or account to prevent lockout scenarios.

Technical Implementation Details

Key Data Structure

Bitshares accounts store permissions in JSON format with three control methods:

1. Account-based authorization
2. Key-based authorization
3. Address-based authorization

Memo keys remain singular due to encryption requirements between parties.

Code-Level Implementation

Key modifications occur through the account_update_operation which:

1. Accepts new owner/active permission configurations
2. Processes straightforward value assignments
3. Requires manual cleanup of old keys after additions

👉 Advanced Bitshares development resources

Best Practices for Key Management

1. Always maintain redundancy - Keep at least one backup authorization method
2. Test changes carefully - Verify new keys before removing old ones
3. Document modifications - Track all key changes and weight adjustments
4. Consider recovery scenarios - Plan for potential lockout situations

Frequently Asked Questions

Can I recover an account if I remove all keys?

No. Accounts become permanently inaccessible without at least one valid authorization method.

How often should I rotate my keys?

Regular key rotation (every 6-12 months) is recommended for high-security accounts, but balance this with the risk of configuration errors.

What's the difference between owner and active permissions?

Owner permissions control account ownership changes, while active permissions handle daily operations. Owner keys should be kept more secure.

Can I automate key rotation?

Yes, through custom scripts using the Bitshares API, but manual verification is strongly recommended for security.

How do multi-signature accounts affect key changes?

Multi-sig accounts require all configured parties to authorize key modifications according to the established threshold rules.

Conclusion

Bitshares provides flexible key management capabilities that balance security with operational needs. By understanding both the wallet interface and underlying technical implementation, users can confidently maintain secure account access while adapting to changing security requirements.