Why adding / generating & confirming "Secret Numbers" is not user friendly

Confirming your secret numbers is time consuming and hard. Why?

When importing or generating your account, you may have to enter (or confirm) your Secret Numbers. This is a time consuming and annoying process. We agree. WHY!?

We created the Secret Numbers to replace the existing secrets like mnemonic words and the family seed (s... code), because it's equally secure and a lot less prone to errors.

The common formats for XRPL account secrets are:

• Family Seed, eg. sh1HiK7SwjS1VxFdXi7qeMHRedrYX

• Mnemonic, eg. car banana apple road ...

These formats are prone to typos and are not that user friendly. Using numbers means it's language (spoken, written) agnostic as well. They may be especially intimidating for the public that's relatively new to cryptocurrencies / blockchain technology.

A secret now looks like:

554872 394230 209376 323698
140250 387423 652803 258676

For compatibility with existing clients, this library supports exporting the family seed for a generated / entered "Secret Number"-set as well.

Entering Secret Numbers

When entering Secret Numbers, Xaman starts with a random digit, each time, forcing you to go to the right digit with a Plus and Minus key, then to go to the next field.

We do this so:

1. A compromised keyboard cannot "sniff" the numbers you are entering

2. Someone looking over your shoulder can't follow it based on the position of your finger when tapping

It's just way more secure. We think the one time annoying entering is a good trade-off for a lot more security.

This leaves an open question.

If Xaman is the only app that uses Secret Numbers how are accounts created in Xaman migrated to other apps?

There is a tool to convert Xaman Secret Numbers into a standard XRP seed that is explained here.