Secret key, private key, secret seed, private seed: we use those terms interchangeably on StellarX. Keep your secret key to yourself.
Stellar relies on public key cryptography, so every account has a public key and a secret key. The public key is safe to share. The private key, however, gives you access to your account, so you should never share it with anyone. It’s kind of like the combination to a lock: anyone who knows your account’s private key can control your account.
StellarX cannot access your secret key: by default, your Stellar secret key is cached encrypted in your browser with a per-session key stored on our server. When you need to sign a transaction, your authenticated session is used to fetch the decryption key from the server, your Stellar secret key is decrypted in your browser, used to sign the transaction, and the decryption key + unencrypted Stellar secret key are discarded. The cached, encrypted Stellar secret key is never transmitted to our server, preventing us from accessing it.
To reveal your secret key, go to your profile, click “Show secret seed” at the bottom, and enter your password when prompted. Just make sure no one’s creeping over your shoulder when you do.