Bitcoin Forum

When creating a new bitcoin wallet, the network generates our seed phrase for us which we are expected to back up and protect, and i do not think anybody memorizes their seed phrase as it was not formed by them and will be hard to remember.
1. So i want to know is it possible for me to create my own personal seed phrase to make it easy for me to remember it and maybe i may not have to write it down.
2. What wallet can i do it with, or will any wallet support me to make my own seed phrase.
3. Has anybody done something like that and what was the experience, is it risky?

The best is to let your wallet generate the seed phrase, the seed phrase is generated through series of processes which will make you generating yours off hand not possible as it will most likely not a valid seed phrase.

Seed phrase are called mnemonic but it is as best not to even try to trust on your memory, you may forget it at anytime, there are other reasons that this is not recommended at all (I mean memorizing seed phrase generated by HD wallet). Having like two or three backups is the best, having it in different locations.

No, not possible. Although, you can generate your seed phrase yourself but not in a way you will have to be the one that will choose your own seed phrase12 to 24 words. And instead of generating seed phrase from scratch by tossing a coin and writing down the binaries, it is better to use a reputed wallet that can do it for you and also generate the corresponding keys and addresses for you.

To set the record 100% straight: the network is not generating your seed phrase...

The network doesn't know you exist, your wallet does not have to contact the network to generate a seed, it generates the seed by itself... You can (and should) even do this on an airgapped offline machine, so you're sure the network doesn't know your seed!

Theoretically you could potentially pick your own (bip39) seed phrase, except the checksum... So you could potentially pick the seed by hand and use (or write) a small tool to know which checksum needs to be added... However, this is a horrible idear... Really... The human mind isn't good at randomness. If you pick a seed phrase by hand, you can rest assured others will have the same idear sooner or later, and you'll lose your funds!

You can create many seed phrases from your wallet (let's use Electrum), until you find one that works well for you to remember. This way, you still have a properly generated random seed phrase that won't easily be guessed by someone else, and you can end up with words that are easier for you to remember. It's tricky though: after not using it for a wile, chances are you forget some words.

Yes, it is possible. No, you shouldn't do it. If it is easy to remember, then it is easy to break.

You can't do this with any wallet because of the checksum requirement. I'm not going to link to sites or tools which will let you do this because it's such a bad idea.

It is incredibly risky. You will be significantly reducing the entropy of your seed phrase and leaving your wallet and all your coins vulnerable to theft. Further, memorizing the seed phrase is an almost guaranteed way to lock yourself out of your wallet in the future.

There is a good reason that every half decent BIP39 wallet generates seed phrases for you and tells you to write them down on paper. Trying to come up with your own solution always ends with problems.

I am very sure someone can be using wallet but not concerned about the seed phrase. This is what I realized about myself, what I did recited daily when I was young till now I did not forget. When I got to like 16 years, I memorized some contents and I recited it daily for like a year, after some months gone without reciting it again, my memory failed me, today now after many years passed, I bearly know a single word from the whole contents now. Seed phrase is not even what we can be reciting. Someone can think he has known it and never recite it again, the person will later forgot it but thinking he knows it until it become an issue of coin loss. Like you meant, it is tricky.

My first post will be completely useless if someone can create his own seed phrase with his own words, and I will remove it. I know someone can generate seed phrase from scratch, but it is possible for the person to specifically choose his own 12 to 24 words himself? I think that is what Z-tight meant.

Absolutely. All the words do is encode entropy. You can absolutely pick your own 11 or 23 words, if you then have a method of calculating the correct checksum for those words and using that to pick one of the valid 12th or 24th words. You can even just pick your own 12 or 24 words and have a seed phrase with an invalid checksum, as there is nothing stopping you from using a seed phrase with an invalid checksum to generate a wallet except your wallet software not liking it. The problem is that human beings are not random at all. Any words picked manually by someone will be exponentially less secure than seed phrases encoded from a proper source of entropy.

We have seen literally tens of thousands of examples of brainwallets and other human sources of so called "entropy" being hacked and having all their coins stolen. Anyone who tries to create their own "entropy" in this way will lose their coins.

Have you just tried writing out the phrase a few times (8-20)? That's worked for me to be able to remember some of mine (I obviously have them written down too as the main backup).

It's possible to create your own seed phrase, but I don't suggest using easy to remember phrases that can reduce your security and make it easier for someone else to break it down.
Best way for generating your own seed words is using dices to achieve true randomness, something our brain is not doing very well, and than just calculate the last word.
My suggestion is that you don't trust your brain memory long term because it's not reliable, so it's better to write down seed words and keep in in multiple location safe places as backup.

Most wallets are supporting BIP39 seed words so all of them will be supported including Electrum and hardware wallets.
Electrum is using their own system but it can import BIP39 seed phrases.

It can be risky if done incorrectly and I already explained it why above.

When I see how many people have written down their seed on paper and then found themselves in trouble after a few years because they realized they had mixed up the words to the point that only some special tool could (theoretically) help them, then I find it hard to understand that someone is trying to store such information in their head. Some people can't remember their 4-digit bank card PIN, let alone 12 or 24 words.



If you want a challenge, you can try to fit the words you get with Electrum into the song you're going to write - and then memorize the song verse by verse. Of course be careful not to sing loudly in the shower or in a public place, someone might like the song ;)

My lyrics is always nice,
be good and check it always twice.

I like coffee, but also a tea,
drive to my home and visit me.

Unfortunately, your sample song is much easier than the real words Electrum produces.
Try to make a song with this:

That's not the point, I just wanted to give an idea to OP how he can try to memorize his seed if he really wants to. In case I dedicate a little more time, I could write a song with the words you mentioned in your post. Not my masterpiece, but without a lot of time invested.

In antique city where the industry has not existed for a long time,
anxiety could pluck with pliers as hard as a walnut.

Unlock my urban matrix resurrection, help me be myself,
join me on the ivory coast, share the oyster with me,

enlist for the journey of a lifetime.

But memorizing the lyrics will also be difficult to remember the word position of the phrase that we have. For me this is very impossible, maybe I still need a clue to be able to understand the exact position ^{this corresponds to my low memory}.

unless I use it with a mix of local languages, maybe it will be easier to remember, because every different language on lryris is a phrase. as far as, the local language is not English it should be work.

Some people do memorize the randomly generated seeds, it's entirely possible. It's just not a good idea in general to rely on your memory, it can fail in the long run. You can keep your seed in memory for weeks or months, and then suddenly realize that you forgot a large part of it when you try to repeat it.

The best way to protect your seed is create many backups, both physical and digital (USB sticks, CD, SD cards, etc.) and have multiple trusted places for storing them.

The problem isn't only the memorizing step, the biggest problem is not forgetting it after some time passed. Even if you create a poem like what @Lucius skillfully did, you have to recite it everyday if you don't want to forget the details otherwise in a couple of years you'll start doubting the details and a couple of words missing could easily make it impossible to recover the funds.

Here's the problem with that, though. The following words in your song are also on the BIP39 word list:


So you you memorize that song, then you now have 25 possible words and you are trying to pick 12 of them. This gives you 2.5*10¹⁵ possible combinations, which is a number very similar to another one I was discussing in another thread just yesterday, which would be impossible to brute force: https://bitcointalk.org/index.php?topic=5386805.msg59326897#msg59326897. In short, you've lost your coins.

The problem isn't even necessarily long term forgetfulness as is being discussed above. There are definitely people reading this who will think "Well, I'll just recite it every single day for the rest of my life and I'll never forget it". 1 in 6 people have a stroke at some point in their life. 70 million people a year suffer a traumatic brain injury. 10 million people a year develop dementia. Seizures. Aneurysms. Infections. All of these things can hit anyone, of any age, at any time, with zero warning, and lead to memory loss.

Thank you o_e_l_e_o for clarity on the whole issue, in finality it is a terrible idea to try something like that, like relying on our brain or memory as back up for our seed phrase. I do not want to start another thread, so what do you think: i want to back up my seed through seed splitting and keeping each of them safe. From what i understand, there is no perfect way to store your seed, though some methods will be stronger than others, what can easily be the best way to keep your seed phrase secured. Thank you o_e_l_e_o.

This is certainly preferable to trying to commit it to memory, but I don't like splitting seeds up either. The main problem is that it probably doesn't achieve what you want it to achieve, which is that if someone compromises one part of your seed phrase they cannot steal your coins. If you split up a 12 word seed phrase in to a 2-of-3 system, then each share has 8 words, meaning only 4 words need to be brute forced which is easily doable. If you split up a 12 word seed phrase so that each share only has 4 words, then you need to create at a minimum 6 shares (but preferably 9) and hide them all separately but securely, which will be a significant challenge.

If you want a set up where an attacker would need to compromise more than one back up to be able to steal your coins, then the preferred solutions would be to either use a multi-sig set up with the individual seed phrases backed up separately, or to use an additional strong passphrase(s) with your seed phrase, again backed up separately.

It's a bad idea anyway, but I just wanted to show our AI that it's possible to do something like that, in a very short time. If the whole thing were approached more seriously and with more time, the extra words from the BIP39 word list could be avoided, so that there would be no doubts in the case of backup recovery.

The way I did it would even be good if someone found that backup and figured out what it was about, but couldn’t so easily figure out the word combination. The song can have an additional backup so that each verse is marked with a number with the first letter of the word that is important to us.

1. AI (antique industry)
2. APW (anxiety pluck walnut)
3. UUMM (unlock urban matrix myself)
4. IO (ivory oyster)
5. E (enlist)

I disagree.

I don't think using brain to remember seed phrases is a good approach because we can not put all our money into our brain memory. We can not control what will happen with our life, brain, memory so we should have backup solution in case our brain is broken or member lost partially and in bad case, lost memory on the wallet seed phrases.

In case we just have memory lost, we lose our Bitcoin. In case we unfortunately pass away, our loved ones can not inherit our Bitcoin.

The best option someone can have in order to remember or memorized he or her seed phrase, is exactly what you just portray, because theirs no way someone can store a seed phrase in the brain for long duration and remember exactly the seed points, helping yourself and also keeping it secured is through documentation of seed phrase through putting it down one after the other.

I've been working on a way to protect the seed phrase, as I see it as the weakest link in the practice of crypto investing. I will start a thread on it, as soon as I can. :)

I am excited to hear you are working on ways of protecting seed phrases, i would love to read your thread on it, and i hope it will help a lot of us. Thank you.

I hope so. A few days ago, I got the news in the Coinmarketcap newsletter that a kid had drugged his stepdad, got his seed words, and stole his crypto. Almost killed him in the process.
That got me thinking that in the land of "encrypted", the seed words are there, just waiting for somebody to steal them.
But then I'm not a cryptographer, and many of us aren't, so I'm trying to come up with a method anybody can use. Hopefully I will have it finished soon. :)

I don't mean to discourage you, but we already have a method anybody can use: Write down your seed phrase by hand and store it somewhere secret and secure. If you want additional protection so the compromise of your seed phrase will not lead to loss of your coins, then use one of the standardized and tried and tested methods such as an additional passphrase or multi-sig.

Every single time I have seen people try to come up with their own solution on these forums they either overlook something and leave their coins vulnerable, or they come up with something too complex to remember and lock themselves out of their own wallets.

My assumption is that people who successfully recover coins from their own made-up storage system don't post about it. I think we can call it "failure bias".

I know you don't. In any case, additional information is always welcomed. 8)
My problem with seed words is if they're found, all you need to do is read them. I'm sure there are other methods we (newbies) don't know about. I'm just trying to come up with a method to encrypt your seed words that doesn't require one to be an expert, that may not be as secure as other methods are, but it's more accessible to those of us who don't know what we're talking about.  ;D


That's what's keeping me. You can go as complex and convoluted as you want, but afterwards you have to remember what you did.

For me i think if it is not as secured as writing it down and securing it which has to be the best way if you have followed our discussion from the beginning of this thread and just as o_e_l_e_o has reiterated in his last post, then don't you think it is better not to try it in the first place?

From what i have learnt in this thread, your seed phrase should be secured and not accessible, if it is just merely accessible to you, it can be to another who will steal your funds, that was my initial error of trying to make it accessible by keeping it in memory, but as others have said it is a terrible idea. I thought your proposed thread would bring together standard and established methods of seed phrase protection.

Good point, but we also see plenty of people talking about their own schemes before they use them, which turn out to be deeply flawed (much like this thread, for example).

Passphrases and multi-sig, as I mentioned before.

Then just encrypt it normally. Encrypting it with open source software using a well known algorithm such as AES-256 means you will always be able to recover it, you don't need to remember what weird unique thing you did, and it will be exponentially more secure than any system you come up with yourself.

The fact is writing them down (on paper, metal, whatever) offers no security at all. If the would be robber knows about crypto and seed words and he's looking for them, what do you think he'd be looking for, when he opens your safe, or when he finds the list, wherever you may have hidden it? Security is not about hiding something and hoping nobody will find it: it's about making it impossible (or as hard as you can) for them to use it. Then you hide it in your safe, and put it in other places, in case your place goes up in smoke. But the real security should be in your head, not in a safe.

O_e_l_e_o: my point is I don't know those algorithms, and I don't know how to encrypt the words with them. The best I can do (which I use for my passwords) is to encode the phrase in base 64, but that's about it, and I'm aware it's not encryption. So if I can use a way to somehow obfuscate those words (let's say, pig latin, to put a stupid example), it's not gonna be as secure as it could be, but it will still be more secure than leaving my words laying in a safe for anybody to find them.

It's not supposed to. The security comes from keeping it physically secure, just as you do with important documents, cash, precious metals, jewelry, electronic devices, etc.

Then hide it better. There are 100 places I could hide a piece of paper in my house where a thief would never find without demolishing the entire house, even one who was specifically looking for said piece of paper. Drill a hole in your wall, slot it inside, and then cover the hole and paint over it, for example. Inside a piece of furniture. Under your floor boards.

Then use multi-sig or passphrases.

There are open source standards and open source software to do this for you. You also don't know how to turn your seed phrase in to private keys and rely on software to do this for you.

An attacker who is specifically looking for your seed phrase will not be fooled by base 64 or pig latin.

I would rather say to go the way as it is intended to be which is get the randomly generated seed phrases from the wallet and keep it secured on offline storage with three to four backups which is more easy to do so and safe.You need to first have all the combinations for seed phrases and difficult part is to make it in a combination which you can remember and is not easy to break.The human mind is prone to errors and beleive me there is no scope of error in this work as you could loose funds easily.

If you mix up some words in future and it has pointed out that some other words are also used as mnemonic phrase which is more confusing so it must be avoided at any cost.A little error could cause big deficiency so we need to be safe in this matter.

O_e_l_e_o: alright, I'll drop it!  ;D No extra security for seed words. I'm just gonna reply to the points you  made, because they picked my interest. But I'm not starting a thread on it.


That's the problem. The security of your whole system ultimately relies on the physical security of your seed words. Now, 99% of robberies are crimes of opportunity. Does it make sense to only rely on physical security when you have other options, especially when you can add those options to it?


Yeah, I watched that one, in a "Burn Notice" episode. He hid a credit card under a door hinge. Everybody knows it now. The floorboards thing has been shown in a gazillion movies and series, same with the "inside the walls" thing.


You keep pounding on multi-sig. I've been looking everywhere since last October, and couldn't find anything on how to use multi-sig. In any case, if you know multi-sig, chances are would be robbers also know about it, and sooner or later they will figure a way to crack it.


Yeah, I'm sure there are plenty of them, but I don't know them. That's the problem.
In any case, if they're there is because somebody else knows about them.


Maybe. Maybe 999999 out of a million won't, and one will. In any case, the idea was to use something like base 64 together with another method.

Anyways, I'm not doing the thread. One of the reasons I posted is because I wanted feedback from guys like you, that know a whole lot about this stuff than me. Thank you for taking the time.  :)

If you create a 2 out of 3 multisig wallet, create 2 copy's of each seed phrase and hide them in 6 completely different houses (or banksafes), there is nothing a robber can do... He would need to rob 2 completely different houses in order to "crack" it.

But why don't you just extend your seed with a passphrase (this has already been said)
https://en.bitcoin.it/wiki/Seed_phrase
just search for "extension word".

The function of the password is delaying the thiefs just long enough so you can move your funds out.... Sure, they can brute force an extension word, but as long as they cannot brute force it in the timeframe you'll need to empty out your wallet, it's fine.

Kinda expensive... You just have to buy 6 houses to protect your seeds...  :o


I think I can do much better than that with just a few camping tricks combined. You take your seed words and write them backwards, combine them (letter by letter) with a known phrase, encode them in base 64 and write them in a grid, going vertically from bottom to top and from right to left. That's definitely gonna delay them a minute or two.
I did search "extension word". Got a bunch of links about Windows file extensions, and one from Merriam-Webster... ::)


Hopefully, the function of any security measure is to make an attack so difficult it's not worth the effort. A password would be the bare minimum in terms of security, and it implies you know you're being attacked, and you're in a position to transfer your funds elsewhere. In any case it's much better than hiding your plain seed words under the mattress, but it's far from efficient.

--snip--

I meanth searching for the term "extension word" in the page i posted a link to: https://en.bitcoin.it/wiki/Seed_phrase
The idear behind bitcoin is being your own bank. You're free to do whatever you want to do, it's your money after all. We're not going to stop you, but we still want to give you some advice... It's up to you wether you take it or not (i, for one, won't be offended if you decide not to follow any advice i give you).

This being said, i really don't know which aspect of an extension word would be harder than a complete self-invented encoding scheme. It would be best if you used a unique, long, random passphrase (from a security point of view), but you might aswell pick a password you use quite often since the only function of the extension word (or passphrase, both terms are used as a synonym quite often) is to slow a brute force attack down for a couple of days untill you moved your funds out of your wallet. The upside of using a password like that is that you probably don't have to write it down, it's already commited to your long term memory.

The big difference is: an extension word is supported and described by the community, by (hardware) wallet vendors, by software wallets.... If you forget about bitcoin and stumble upon your seed phrase in 10 years, odds are you'll still be able to remember the password you use all the time compared to remembering what kind of shennanigans you did in order to encode your seed phrase.

But like i said: the only we can offer is advice. It's up to you wether you take it or not!

Good luck!

Oops, sorry, I'll try it out. :-[
I understand, and I do appreciate (honestly) the input. There's no telling how much I have learned from you guys since I joined. Right now I'm not disagreeing with you: I'm just brainstorming.


I'll get back to you on Monday on that one.  ;)

You should anyway. More discussion regarding security is never a bad thing. Plus you'll get more opinions rather than just listening to me.

If that is your threat model, then encrypting your seed phrase using a proper encryption algorithm will be exponentially more secure than anything you come up with yourself.

It's pretty straightforward when you use a piece of software which will set it all up for you, such as Electrum. You can set it up so a thief would need to compromise 2, 3, or even more different seed phrases or wallets to be able to compromise your coins.

I'm not sure I follow your logic here. You don't know how to turn a seed phrase in to a wallet either (and in fact, it cannot be done with using software to do it for you since it would be impossible to manually calculate thousands of hashes). What is the problem with using open source software to encrypt your seed phrase? Yes, everyone knows about the existence of AES-256. That doesn't make it insecure.

You shouldn't be storing the only copy of your seed phrase in your house anyway. One back in the same location as your wallets is no back up at all. Fire, flood, natural disaster, theft, whatever, and you lose your wallet and your only back up at the same time.

I'm afraid that's just simply wrong. Nothing you come up with yourself is going to be stronger than a strong passphrase being combined with your seed phrase in the PBKDF2 function. Further, the number of mistakes you could make in your set up is huge, the potential for forgetting what you have done and not being able to reverse it is huge, and it gives no plausible deniability as you get with passphrases. There is a reason that passphrases are an accepted standard across pretty much all wallets.

Well, I won't, but I will... kinda. I'm thinking of a different approach. Stay tuned... ;D
Either way, "just listening to you" (and many others) has been great so far.