Every SecretSafe user account has a public "fingerprint phrase" associated with it. Your account's fingerprint phrase never changes and is composed of five random english words that appear in a specific order.
Example fingerprint phrase
The fingerprint phrase is an important security feature that assists in uniquely and securely identifying a SecretSafe user account when important encryption-related operations are performed (such as sharing). For example, when adding a new user to an organization you should ask the user to verify their fingerprint phrase via email, over the phone, in person, etc. By verifying the fingerprint phrase with the user outside of SecretSafe you ensure that end-to-end encryption is securely initiated and that the SecretSafe server you are communicating with (and your connection) has not been maliciously tampered with. If you trust the server you are communicating with (and the connection that you are using), you can choose to ignore fingerprint phrase verification.
You can find your account's fingerprint phrase using SecretSafe applications in the following locations:
- Web safe: Settings → My Account
- Desktop apps: Account → Fingerprint Phrase
- Browser extensions: Settings → Account → Fingerprint Phrase
- Mobile: Settings → Account → Fingerprint Phrase
bw get fingerprint me