I’ve noticed a dangerous trend in Sparrow Wallet tutorials: some content creators recommend skipping the password. This leaves your wallet file (.mv.db) unencrypted. If that file is accessed by a hacker, your xpub is exposed. This is a major risk because, theoretically, a quantum computer could eventually use the xpub to calculate your private key. Setting a password uses AES encryption, which is quantum-resistant. It’s an essential step for quantum-proofing, right alongside not spending your coins (which keeps your public key hidden).
Interesting point. Presumably a quantum computer could crack the encryption password too if Sparrow is not using a quantum resistant algorithm. But why make it easier for them?