Encrypt/Decrypt Mnemonic SeedType:
"Encrypt" requires a mnemonic seed in "1." and encrypts it with the key in "8.", placing the result in "9."
"Decrypt" requires an encrypted seed in "9." and key in "8.", and places the result in "1." Select your method in dropdown menu.
Technical details: in the "Old (Keccak)" method, the key was hashed with 10,000 rounds of keccak, then xor'ed with the hex seed to encode as an encrypted mnemonic.
I have left the old capability in place in case anyone has already used it and needs to decrypt their seed; it should not be used going forward.
However, the resulting encrypted mnemonic will most likely not be a well-formed private key and thus might be expected to be encrypted by an attacker.
Note MyMonero seeds are not private keys and thus are only compatible with this method (selecting the "CN Add" method with a MyMonero seed will cause it to use this one).
In the "CN Add" method, the key is hashed with CryptoNight, then interpreted as a private key/scalar and added to the hex seed. The resulting mnemonic looks exactly the same as an unencrypted one.
Ice Cold Storage, One-Time-Use 2FA Account
Combines two public spend keys into one, creating a combined public address. Originally imagined here; this version is somewhat simplified.
To generate: on computer A, generate a regular account. Copy *only* the public address over to computer B to box 11. Enter a 2FA key in box 10 and click "Compute 2FA Address".
The two-factor-authentication key can be any text, including another 25-word mnemonic. It is hashed with CryptoNight similar to encrypting the mnemonic in the above section,
but is used to create new spend key pair instead. The public keys are combined to create the 2FA account.
Users A & B should securely store their half of the information (mnemonic/key) until redemption is desired.
To redeem: user A places their mnemonic in box 13, user B places their 2FA key in 11. After pressing "Derive Keys", the real Spend Key and View Key will be displayed and can be used
along with the address from 12 to restore a non-deterministic wallet in simplewallet. This is a key difference compared to encrypting the seed.
A watch-only wallet can also be created with the view key and the 2FA address in simplewallet to watch for incoming payments.
A zipped archive of this site's pages with dependencies is here or on Github. SHA256 Hash: <984ad27b3759b09532dc95ad09d59fd8918cfd0bfc51f53e4dd6371eb321b6f7>.
Also in the repo is a GPG signature with verification instructions.