Creating separate Internet Identities for apps and coins

This is my first crypto cycle where I am invested in actual crypto using wallets.

I understand that you need to log into trusted sites using your wallet otherwise you can lose everything.

I have a lot in my Internet Identity wallet. But, I’m also using it for Taggr and OpenChat. Now that I think about it, is that bad practice?

Should I create a separate Internet Identity for logging into apps such as Taggr or OpenChat or other lesser known apps and have another identity for holding my ICP and other coins?

And since I already use the same identity for my coins and for Taggr and OpenChat, is there a way to transfer my logins from those two apps to a new identity?

Internet Identity is essentially just a sign in device.

Similar to how a Ledger would work. Each site would create a local wallet that does not have access to any funds held inside that II. You do not need to create a new II for each dapp you wish to use.

However best practice is to only sign into dapps that are known and trusted. Do not rush to be the first to use a dapp but if you do I normally use a second II that has little to nothing inside it just in case something is malicious.

1 Like

Do you mean that you have tokens in the NNS?

Best practice is to separate how you log in to the place where your tokens are stored from how you log in to other apps. If someone steals your login, everything is at risk.

1 Like

Yes, I have tokens on my NNS.

Ok, I figured I should separate the identities.

So, is there a way for me to move my Taggr and OpenChat logins to another identity? Or will have to move my tokens instead?

And what about if I was staking ICP? Can that be moved to a new identity as well?

It the coming months you’ll be able to change the identity you use to sign in to OpenChat.


Good to know, thanks!

Quick question,

If I have my tokens on the NNS and log into other dapps (lets say ICPswap for now)

If a hacker somehow gets the login credentials to the dapp does that mean they also are able to log into the nns with those same credentials?

If so I also have a yubikey that acts as a failsafe login if I lose my seedphrase. Will they be able to add themselves to trusted devices and steal the funds out of the nns?

No you cannot move your Taggr or OpenChat logins to another identity, you will have to move your tokens. But each app can build a feature to help you migrate to another identity.

No you cannot move your staked ICP.

Keep in mind if you lose the Internet Identity to your NNS account (the one with staked ICP or a new one you create for your liquid tokens), or that Internet Identity is stolen, you lose everything in your NNS account.

You should consider the NFID Vault smart wallet that supports multi-factor approvals if security is a concern.

It depends what you mean by “login credentials”.

  • If by “login credential” you mean the delegation that ICPswap gets when you sign in, then no the hacker cannot use that delegation to access your NNS account
  • If by “login credential” you mean your Internet Identity, then yes the hacker can use that to access your NNS account

Judging by your last question about the yubikey, I assume you meant your “login credential” is your Internet Identity. If the attacker gains access to any of your trusted devices, then yes they will be able to add themselves as a trusted device and steal the funds out of your NNS account.

As I mentioned in my previous comment, you should consider the NFID Vault smart wallet if security is a concern. Adding multi-factor security will secure your assets against such attackers.