ICP Tutorial: Backing up and Migrating Accounts

If you are a loyal holder of ICP, you must read this article. This article is crucial for keeping your account funds!
Recently, a friend who follows IC accidentally leaked his mnemonic words, and he doesn’t know what to do. Many IC users also want to migrate their IC accounts in computers or mobile phones to new devices, or coexist on multiple devices, but they are always cautious when restoring through mnemonics, fearing that they will be leaked. So is there a better way to make migration easy and keep it safe and confidential?
The answer is, no!!!
Hahaha, I'm kidding you 🤪~ How can ICP, such an awesome technology, not help you consider these issues! After you finish reading this article, you will find that ICP is really a hidden gem waiting to be discovered!
Have you heard of Ethereum's account abstraction (EIP-4337)? In short, Ethereum has always wanted to solve a problem, that is, when a user's private key or mnemonic is lost, the account can be easily restored only through other means; or all assets under the name can be managed through an external account, but the mnemonic leak should be avoided without losing these assets!
In fact, these concepts were already integrated into the technical system of the Internet Computer when the ICP mainnet was launched. It can be said that Ethereum was at least three years behind in this regard, while ICP has realized account abstraction from the beginning! This is its uniqueness - Internet Identity!
Next, I will briefly introduce to you what Internet Identity is and how to implement account control, migration and backup.
Internet Identity, or II for short, is ICP's native identity form and is used for authentication of ICP DApps. Internet Identity uses keys to register websites and applications and authenticate. A key is a unique cryptographic public/private key pair. Internet Identity issues a new identity for each dapp that a user authenticates with, and the identity cannot be linked back to the user, so no personal data is shared with the DApp or the Internet Identity application itself. Internet Identity uses a WebAuthn API that runs in a single container that serves both the Internet Identity front-end and back-end code. When a user sends a request to the front-end code, the back-end authentication service issues a delegation on the user's behalf. This delegation is then signed with the user's key.
The interesting thing is that Dfinity has also developed an Ethereum wallet controlled by Internet Identity for Ethereum, which can be managed directly on the web: https://oisy.com/. I recommend you to give it a try!
Without further ado, go directly to the website: https://identity.ic0.app
If your browser does not have an IC account, it will display like this:
If it has already been created, it will be displayed like this:
How to create an Internet Identity account? You can directly view ICP: How to create an Internet Computer Wallet.
1. Migrate IC account to a new deviceGo to https://identity.ic0.app/ and select Add new Passkey.
Click the Copy button to copy the URL and enter it in the Chrome browser on the new device. Or you can use a normal QR code scanner to scan the code and then open it automatically in the browser (be careful not to use WeChat or Alipay to scan the code, as these two software may not be able to open the URL).
When the browser of the new device enters the link, it will prompt: Activate Passkey on this device, select Yes.
Next, you will be prompted to save the key in a certain way. If you want to save it locally, select Chrome profile.
After clicking Continue, you will be prompted to enter your fingerprint (if the device supports it) or enter a PIN password (devices that do not support fingerprints can only log in via password).
If you have a hardware device that supports Fido, such as Ledger or OneKey, you can also choose the second option: use a mobile phone/tablet or security key.
At this point, insert OneKey, it will automatically start FIDO2 registration, and you can confirm it on the device;
If you insert a Ledger, you need to install the FIDO2 plug-in on the Ledger, then enter the plug-in and confirm it.
After that, a Verification Code will be displayed on the screen. What is this verification code for? You need to log in to https://identity.ic0.app/ on the original device again, wait for verification, and then enter the verification code displayed on the new device on the old device. (This step is to let your old device recognize the new device. You must pay attention to this step!!! Be sure to prevent others from using the verification code to phishing your account!!!)
In this way, your account migration is successful! You can use two devices to log in to your account in the future. Have you found that account migration does not involve mnemonic recovery at all? ? Hahahaha😂
2. How to back up your account mnemonicsAs mentioned at the beginning, IC has supported account abstraction since its design, so the IC account and your fund wallet address are not strongly bound. The IC account mnemonic is only used to restore the account, which is completely different from the Ethereum account system. That is, the ICP account mnemonic is not used to restore your wallet address!
Therefore, Internet Identity can actually change the mnemonic phrase at will!
1. Back up your mnemonics
If your account has never backed up the mnemonic, you will be prompted to back up the mnemonic when you enter II for the first time. At this time, you can actively back up the mnemonic and click Create Recovery Pharase.
Alternatively, you can click Remind me later and manually Enable Recovery Phrase, which will also back up your mnemonics. Next, you need to take out a piece of paper and write down your Identity number and 24 mnemonics. (Note that the Identity number is very important).
2. Reset the mnemonic
If your mnemonic has been accidentally leaked, you can reset it using the Reset button. The process is the same as backing up the mnemonic.
In addition, the Lock function refers to locking the mnemonic. In this case, the mnemonic cannot be reset at will. The purpose of this is to prevent other devices from modifying the mnemonic, but the disadvantage is that your mnemonic may never be reset. (Since I have not used it, I will not go into the details of the operation)
Finally, I hope you can read this article patiently. Account security is the premise of fund security. Only when the account security is guaranteed can you be qualified to talk about profits. Pay attention to ICP and ICBlocksir to bring you more cutting-edge IC technologies!