|
HCP to confirm... say your passphrase was georgelikesjuice59
Someone has access to your seed. But when they type it in.. it shows a tiny amount of coins there as the hidden wallet with most of the coins is in the passphrase wallet. But that person, if they think you have more coins in the hidden wallet with that passphrase, it would take them 241 days to brute force that passphrase? But you said they have to rent those servers you mentioned so how much would that cost them?
But could they already have the equipment for that?
|
|
|
|
|
Also do others here using the 25th Word ? I gotta assume like less than 20 percent of ppl probably use it ... many don't even know about it right?
|
|
|
|
|
Just thought about something else. What about the nano ledger s box? Because well if someone finds it, and know what it is, they know you have a wallet?
Also so would you all say its better to do the 25th word or not? Do most here choose this? Because if you put that word somewhere else in your home... well you could write that word anywhere or put it somewhere else and its hard for anyone to tell thats the word right?
|
|
|
|
One thing that I find not good about this is from reading the instructions on this... is one of the methods, they won't confirm the 25th word on the screen... is that correct? Or do both methods not show your 25th word passphrase?
For the third time... When you setup the "temporary passphrase", you type it in... THEN IT IS DISPLAYED ON THE SCREEN AND YOU ARE ASKED TO CONFIRM ITYou can then, if you want, set up a 2nd pin... if you then use the 2nd PIN, you don't need to enter the passphrase to see your passphrase wallet, it just automatically goes there. They also mentioned... if you were to use the password recovery app in ledger and enter your 24 word seed, you cannot put the 25th word passphrase to confirm both the seed and the passphrase is correct RIGHT? Whereas if you dont have that passphrase, you can enter your 24 word seed and it would show it with a check mark. You don't find bad?
All the check app does is check that the 24 word seed mnemonic that you enter, generates the SAME seed that is stored in the device. Also, ANY passphrase that you enter, is technically "valid" and will successfully create a wallet... PassWord1 PASSWord1 pAsswoRd1 1dorwssap fklsadgeqrwtio3489t3yjeklthnakjbgvkjmnq34t7238y5346y45uy/W$t All of those are "valid" passphrases and will successfully generate a wallet (with a valid seed mnemonic)... so quite what you expect the recovery app to be able to check with seed+passphrase I don't know?  The passphrase is not stored in the device, so there is simply nothing to check regarding passphrases with the recovery check app. Why can't they just make it where adding the 25th word passphrase would mean your main wallet is there.
Essentially, the 2nd PIN is exactly that method... put in 24 word seed mnemonic, add "Temporary Passphrase/25th word", set 2nd PIN.... Then, ALWAYS log in with 2nd PIN as if it was ordinary PIN... and there you go, you ALWAYS log in with 24 words+passphrase.... you just don't need to enter the passphrase. The reason it wasn't the default option was that BIP39 passphrases are OPTIONAL (and not all wallets even support using them)... and also because entering a "decent" sized passphrase back in the "old days" took a LONG time and was very tedious if it had 10+ chars and used UPPER/lower/numb3r5/symb@!s etc. which would mean either: 1. it would just be a pain in the arse to unlock the device and see your wallet or 2. users would choose stupidly easy to enter passphrases (which kind of defeats the purpose of having the passphrase in the first place) Hey thanks all that clarification. So you don't feel the need for this right? So you agree I should do the second pin method then? |
|
|
|
Imagine they found several seeds that were 12 or 6 words... then they go to other deposit boxes in other banks and then find other word seeds like that... they could then combine all of them to see if its a possible match. You don't think they would try that? So lets say some criminals do manage to break in a bank vault in which you own a safety deposit box, and do break in to your safety deposit box which contains half your seed. A very unlikely scenario to start with, but not impossible. How long is it going to take for you to be notified of this? It will be all over the news and the bank is going to be pretty quick to contact the affected customers. You will presumably immediately move all your funds to a new address when you do find out. So, the criminals have a very limited window in which to break in to another bank (which just so happens to be the correct bank), break in to the safety deposit boxes (and just so happen to find your one), and combine your seed phrase, all while being actively hunted by the police and while bank security has probably been ramped up following the first attack. How likely do you think such an attack is? As HCP says, you are going down an endless rabbit hole of "What if?" scenarios. But doing that to a master password for keepass... dont you think that is very hard? Once someone has downloaded your encrypted database to their own local machine, then can attempt to bruteforce it at a rate of potentially millions of possible passwords per second. It's only going to be hard if your password is long and random. wouldn't you agree this method of putting seed in keepass/lastpass and uploading it to gmail/dropbox is safe? No. I store absolutely zero sensitive information on the cloud or email servers, even in encrypted formats. There are far too many unknown variables as I mentioned above, and you are placing complete trust in the third party provider. Okay that make sense if deposit box broken into, it would be over the news and there would be time to move the coins. So in a way, it seems like that probably is the ideal place to put your seeds broken into two places? I gotta imagine if you have the two seeds in two different states, that probably would be more than good enough right? Okay so someone say hack into my gmail/dropbox and has my keepass program. They need to bruteforce it. So let say the master password was something like georgelikesjuice59? Would you say something like that would be easily brute force? What about like Viziofrodo9ball Im randomly using words and some numbers. But for storing it online... you say lot of things could happen. But would you say the bigger chance is they brute force your keepass? Or you laptop getting malware? Because I always felt if you put it in keepass and store it in gmail or dropbox... malware/keylogger on laptop is the biggest issue so you need to be careful with your laptop. |
|
|
|
It's just a never-ending conversation... you keep asking "what if? what if? what if?"... it's been explained over and over and over ad nauseum. If you're comfortable encrypting it and putting it on a cloud device because you trust the encryption software and cloud storage, and you're more concerned about physical theft and burglars breaking into your house and stealing a piece of paper, then just do it. There are just as many issues with storing it on paper (fire/flood/theft risk) as there are with storing stuff online (accounts/passwords compromised, faulty encryption systems etc)... NOTHING is perfect. Just pick a method and go with it. Otherwise we'll be here in another 12 months saying the same things while you ask if moats full of pirahana's are better at keeping away cryptocurrency thieves than moats full of laser-beam wearing sharks  Well yes everything has risk. But the biggest risk I feel with the online encryption method is if your laptop get keylogged/malware. So there is of course that. |
|
|
|
|
HCP thanks for clarifying that. Yes ledger word choice is very confusing with the temporary passphrase.
So with those two choices, which one would you suggest me then? I assume you never bothered with this right?
One thing that I find not good about this is from reading the instructions on this... is one of the methods, they won't confirm the 25th word on the screen... is that correct? Or do both methods not show your 25th word passphrase?
They also mentioned... if you were to use the password recovery app in ledger and enter your 24 word seed, you cannot put the 25th word passphrase to confirm both the seed and the passphrase is correct RIGHT? Whereas if you dont have that passphrase, you can enter your 24 word seed and it would show it with a check mark. You don't find bad?
I read someone else mentioned they don't like the way ledger set this up. They said... why can't nano ledger set it up where you have to put in a 25th word passphrase in addition to the seed... and thats it? So everytime you plug in your nano ledger s... well its normal putting in your pin. But if you were to restore your seed on a new nano ledger s... then yo have to put your 24 word seed and the 25th word passphrase in order to access your wallet. Wouldn't you agree that would be the more popular way? Because that is why i got confused the whole time. I thought why would there be another hidden wallet because of the 25th word passphrase? Why can't they just make it where adding the 25th word passphrase would mean your main wallet is there. Does that make sense?
So basically whichever method you use... method one or two... you still going to have to transfer btc since you are transferring from your main wallet to the hidden wallet (wallet with majority coins) right?
|
|
|
|
I like to know if anyone here has stored their seed online this way, uploading it to the cloud but of course encrypt it with axcrypt/keepass etc... and had no issues with it?
This is a meaningless question. It's like asking if anyone has driven without a seatbelt but is still alive to tell the tale. Just because an individual's method has not been compromised yet does not make it a safe method. There are 100 possible things that could go wrong with that method, from accounts being hacked, passwords being bruteforced, employees of the cloud hosting company accessing files, uploads being intercepted, vulnerabilities in the storage, vulnerabilities in the encryption, seed phrase being leaked before being encrypted, the list goes on. None of these vulnerabilities are even possible with a seed phrase being written down on paper. Okay the gmail or dropbox box account getting hacked/bruteforced is not that hard I say. But doing that to a master password for keepass... dont you think that is very hard? The one issue I see with this... entering the seed in keepass and uploading it to gmail or dropbox... would be... if your laptop got malware/keylogged. Because if it does, then that other person could see everytime you type. Buf if you make sure you care careful with your laptop and don't get malware/keylogger, wouldn't you agree this method of putting seed in keepass/lastpass and uploading it to gmail/dropbox is safe? Thus the danger is mostly don't get malware on your laptop because then all bets are off? |
|
|
|
I mean imagine having 2 safe deposit boxes in 2 different banks but say they were just a short few blocks walk from each other... surely you wouldn't feel that comfortable right?
There's being security conscious, which is obviously a good thing, and then there is just being paranoid. What scenario are you imagining here? A team of criminals first track you to find out how much crypto you are holding and identify your back up mechanisms, then hack in to the databases of two different banks to identify which safe deposit boxes are yours, then simultaneously break in to two bank vaults and drill in to your boxes to reconstruct your seed phrase? If that if your risk model, then I'm pretty sure the geographical locations of the two banks you use is irrelevant. I meant criminals getting into safe deposit boxes... then finding cash/jewelry valuables in many of them. Then some of them have the seed. Imagine they found several seeds that were 12 or 6 words... then they go to other deposit boxes in other banks and then find other word seeds like that... they could then combine all of them to see if its a possible match. You don't think they would try that? Or even someone putting the entire 24 word phrase there. You have to assume there are some people might even put the entire 24 word seed in a deposit box right? |
|
|
|
|
Well for the average person who isn't rich and at best middle class or even less than that, is basically storing it in your home in few pieces still generally the best way? I see so many ppl say they just write it on paper or notebook and store it in a drawer. But im sure thieves now know more about bitcoin with how mainstream it has gotten... so its like if you put it at home, like a safe under your basement probably the best?
Someone mentioned writing it in their walls in their home... I don't even know what to say about that.
But in general, would you say better to write it on piece of paper or in a notebook would you say better HCP? I still feel a notebook, assuming you have other things written there... its like ppl aren't going to go through your notebook if you know what i mean. Do you agree on this? Also those ledger seed cards that is supplied to you... don't you agree that probably is the worst place to write your seed in especially if you keep the seed in your house? I mean it would basically tell people what it is. Now of course if you put it in a deposit box, no big deal I don't think.
I'm curious but has anyone here stored their seed online... but encrypted it and then somehow it got compromised? All the cases I hear where they store it online and got compromised, well obviously they aren't encrypting it.
Example you store it in a document, but encrypt it with axcrypt or whatever program... then somehow it got compromised? Or you encrypt the document with axcrypt, store in your email... but your email got compromised and somehow they got your axcrypt password?
Or the method I mentioned many times.
Type your see in keepass/lastpass. Then upload it to gmail/dropbox. Someone would need to first get into your email... but then also need your keepass master password in order to access it. So wouldn't those two layers of security be safe? The first of email like gmail or dropbox is obviously not that secure as emails can be hacked... but them getting your master password certainly would be very tough?
I like to know if anyone here has stored their seed online this way, uploading it to the cloud but of course encrypt it with axcrypt/keepass etc... and had no issues with it?
|
|
|
|
|
Okay i have might heard that term risk matrix maybe... but the other term i didn't hear.
Safe deposit boxes tend to be safe. But I heard of few cases where burglars drilled in into it. Also, when there are bank robberies, how safe are the customer deposit boxes though? But then again, if you have one bank deposit on one bank... the other say much farther way, that is generally safe right? I mean imagine having 2 safe deposit boxes in 2 different banks but say they were just a short few blocks walk from each other... surely you wouldn't feel that comfortable right?
I mean the way the winklewoss twins do it... im assuming based on the article, they have the seeds in safe deposit boxes throughout the US. So i gotta imagine many he has them in many states right? Thus to spread their risk so to speak? Now if someone has a ton of money, im sure their safe deposit boxes would be in multiple states right?
|
|
|
|
You are completely misunderstanding how the passphrase system works with the Ledger Nano S... By default, when you create a seed, it is already using a "default" passphrase of "mnemonic". It is literally using that string as your passphrase if you leave it empty/don't use one. When you add you own custom "passphrase", it simply appends your custom word to the string "mnemonic"... so, if you chose the passphrase "georgeisfat", behind the scenes, the device is actually using the passphrase "mnemonicgeorgeisfat". Now, the seed stored in your device does not change, regardless of whether you use a passphrase or not... So, when you unlock your device, it is deriving private keys/addresses using seed+"mnemonic". What happens when you set a "temporary passphrase" (or assign one to a 2nd PIN), is that the device will simply derive a different set of private keys, as the "stored seed+passphrase" combination has changed. With a temporary passphrase, as soon as you unplug the device, the temporary passphrase is lost and the device will go back to using seed+"mnemonic" to derive your private keys/addresses again. If you're using a 2nd PIN, when you unlock the device using PIN#2, the device will then start deriving private keys/addresses using seed+"mnemonicPassphraseProtectedBy2ndPIN"... again, when you unplug the device, it will revert back to the default (assuming you unlock with PIN#1 again). Also, you don't type the passphrase in twice... you type it in ONCE and it asks you to confirm it on the screen. And if your device were to "malfuction" during the process, it wouldn't matter, because: a. You wouldn't be able to send coins to the "wrong" or unknown addresses, as the device malfunctioned before you could derive any private keys/addresses  and 2. You could just start the process all over again (using same device and/or new device with same seed+passphrase) You are worrying about nothing!Instead of asking all these questions, simply experiment with your device. Plug it in, unlock it, go into "Settings -> Security -> Passphrase -> (scroll right 3 times) -> Set up Passphrase -> Set temporary" and try adding a temporary passphrase. After a while of "processing", you'll get a "passphrase set" message. You can then try adding a new Bitcoin account in Ledger Live (make sure you use a unique name like 'BTC Passphrase Test') and you'll see it has no balance and different receive addresses etc... if you unplug the device and plug it back it, it'll automatically go back to using your original seed+"mnemonic" again like the temporary passphrase never existed. And Ledger Live will try and stop you from receiving to wrong "account" as well... if you unplug the device, then unlock it and DON'T set the passphrase and then go into 'BTC Passphrase Test' account and try and click "receive", you'll get an error like this:  It has detected that the private keys/addresses that the device is trying to derive, do not match the private keys/addresses for the account you're trying to use!  HCP, you know how I am before experimenting something... I need to make sure i know what im doing for sure before i attempt it. So the 25th passphrase. Say its georgeisfat... after you enter it. It ask you to enter it again then it show you the passphrase georgeisfat to confirm right? In my example, I do not want to have like a hidden wallet or anything like that as it will complicate things. And also its been said you going to have to send coins from one wallet to another like a regular transaction, so I don't want to do that. I had thought you could just send coins from one wallet to another like instantly like if you were moving funds from the same checking account to savings account online. You say With a temporary passphrase, as soon as you unplug the device, the temporary passphrase is lost and the device will go back to using seed+"mnemonic" to derive your private keys/addresses again.
So everytime you connect the nano ledger to the laptop after that, it will only ask you for your pin like normal and you have the option of typing the original pin or the new pin you created. And it will do that everytime right?
But say something happens to your nano ledger s and it doesn't work. You then get a new nano ledger s. You then type in your old 24 word seed... but you need to also type that passphrase georgeisfat as the 25th word in order to unlock your coins... is that correct?Also that would mean the first time you add the passphrase of georgeisfat...... you could then go to password recovery app on your nano ledger s... type in the 24 word seed to confirm it.. but you also need to add in the 25th word in order to verify your seed and passphrase is correct on the specific nano ledger right? My confusing came when why you mention passphrase and temporary passphrase? Do you mean the 25th word would be your passphrase but you could also add a 2nd pin which would then serve as your temporary passphrase? So you would be either using a passphrase which is your 25th word ... or passphrase and temporary passphrase which is your 25th word and the 2nd pin you choose as a 2nd wallet? |
|
|
|
To be sure I will avoid storing seeds on personal computers and e-mail, because both places are easily accessible to hackers.
I prefer the traditional way by writing the seeds on a piece of paper and storing them in a safe place. As was done by Winklevoss
twins which keeps the seeds in deposit boxes in the bank, it is a safe way so that they cannot be stolen. And don't keep the seeds
in one place, we have to keep the seeds in 2-3 places just in case.
Are you sure safe deposit boxes can't be stolen? I heard cases of this. But if you have the seed in multiple banks... that is much safer. But then again, imagine one of your seeds was in a bank... and the other seed is in another bank... but say its only a short few minute walk to the other one. Surely you wouldn't want that right and want them in farther locations? So wouldn't you need four bank safety boxes then for one seed? Thus split it into two... and two copies? That would mean like if someone wants to have two seeds... imagine two nano ledger s or trezor... wouldn't they need to have 8 safety deposit boxes to do this? I mean if you think about the winklevoss's, i gotta assume they probably have probably at least 20 safety deposit boxes throughout the US right? That way its 2 copies each and 2 different locations... so that would be like having 5 different seeds? |
|
|
|
Yours is just a few a possibilities, but the possibility is endless, I prefer doing it in two to three ways, the first one is through a bank vault, there are banks that offer this kind of service to their client at a discounted yearly subscription, this is what John Wick on the part of the movie, the second is burying the vault where the private seed is, to a secret floor of your house, it's safe from flood and fire and it's an old tradition of keeping your treasure.
Well you split your seed into two pieces right? So you would put it in four different banks since it would then have two copies each right? If you put it in a vault to a secret floor in your house, are you putting your entire seed there? Or just half of it? Also if someone isn't in your house, they can't suddenly get down there right? Like for some reason, im imagining some ppl next to you or tunnel people going underground and finding it... that is still possible right? |
|
|
|
|
Okay didn't know there was a risk assessment table, I never heard of it.
Well I mean the odds of happening is normal I say... I say this for anyone that doesn't live in any high rise with security or gated place. You don't agree on this? If you live in a house, theft could happen. I mean... look at those hollywood homes those celebrities have that gotten burglarized by thieves. And those are homes with gated community and security. For some reason you always hear how the cameras went off when this happens.
Well I think almost everyone is vulnerable to theft, doesn't matter if its cash/jewelry or anything else... but of course much more cash etc. So thats why i wanted to know what is the best way to store your seed in general. I always thought having two safe deposit boxes was the best option. But you have heard of deposit boxes being taken though. But then again, what do most ppl do in general for this. Most ppl here seem to say oh just put it on paper and leave it in a drawer. But im sure there has been cases where a fire or natural disaster happens and then theres that.
|
|
|
|
|
People who say write it in notebook, do you put it in open? Drawer?
Now do have other things written in the notebook as well? That to me is very important because if you only write it in notebook and nothing else, don't you agree that isn't safe if someone has access to it?
Also if its on paper and in your house? Which would you say is safer?
Writing it in those cards ledger gives you and you hide it somewhere?
Or
Just write it down in a notebook?
Because it seems like notebook is less suspicious don't you think?
|
|
|
|
Yea when I do things, I am very careful with it. So with this... im a bit hesistant because say i type in the 25th Word, well i have to make sure its correct and look at it few times. Also i can't make it way too long otherwise it would be me looking at it over and over again.
No offense, but there is a big difference between being cautious and being paranoid. I quoted a passage from the Ledger site that tells you very clearly what exactly it is about, and for whom this feature is intended. If you think you need that extra protection then just do it, so how complicated is it to add one word or PIN to an existing seed? But would a passphrase like the ones i mentioned above be decent though? I obviously need to make sure its easy to remember. But if you put a very simple passphrase like the word motorola to make it simple, would it be easy for someone to brute force it assuming they have the whole word list but just missing the passphrase? Or would someone think wait a minute... this might not even be the seed after typing all the words? I assume most ppl dont know about this 25th Word right? Thing is had I set this up sooner like originally, I would feel much more safer in a way.
It is never wise to rely only on your memory, what if an accident happens to you and you lose your memory? Passphrase should be such that it cannot be brute force easily, therefore you will write it down on a piece of paper and save a few copies separately from your seed. I definitely want this passphrase in addition... but concerned i might mess something up in the process...
The thing is pretty simple, you just need to follow the tutorial from the Ledger site - but if you are not sure what you are doing it is quite normal that you can mess something up. I'm concerned when I add that one word, somehow it would mess up and then if i enter my whole seed again.. then the passphrase, it would reject it. Because I don't have a another nano ledger s to test this on. Because if I did, I would do that right now. But if i were to add the pass phrase now... lets just make it simple and say the passphrase is georgeisfat I type it twice and confirm it. Now i unplug and plug my ledger back in. I need to first enter the passphrase... then my pin right? So once it accepts the passphrase, then the pin... well then now there is no concern since you have your seed and that passphrase just written down right? Because my thinking was this... okay you put a passphrase to it. Then you log in and it works and then the pin and it works. Now... my first thing was... I should go to password recovery app on the nano ledger and type in my seed... then type in the passphrase to confirm it works. This would be absolutely not necessary right? But if you were to test your recovery seed a bit after this, you would need to put the seed only... or also the seed and passphrase? My big concern was something like this.... you create a passphrase. Type it twice to confirm. Then it shows you the passphrase and either the ledger s malfunctions somewhere during the process... so you don't even have the chance to log into your ledger with your passphrase and pin to test. Does that make sense? Yes that sounds like ridiculous paranoia but I had my nano ledger s go dim months ago and then went bad and it didn't turn on anymore. So imagine it suddenly went bad during this process. When you get a new nano ledger s, you not sure if it confirmed the passphrase or not etc or it malfunction during the processing/confirmation part.
Most importantly... when i set up the nano ledger s years ago, I did wrote my seed few times and was careful writing it down. But I never did a test of the seed to confirm it worked. So you could imagine how it was like when the ledger didn't work anymore. And I was also in another country at the time... and my seed was another.
So thats why im very paranoid about this especially when my ledger stopped working. I mean... wouldn't you worry in my situation? Thats why i do things very carefully as in paranoia because of this. Like imagine I do this process while my coins are still there and something like this happens. Yes i know i have my seed with me... but if a malfunction happens... well is my seed enough? Or will it need the passphrase? But it has to be either of these two and can't be anything else right? Because i worry a malfunction could make something happen that has never happened where the seed... or the seed and that passphrase not work. |
|
|
|
I mean... would you say all of these passphrases would be relatively save even if your whole 24 word seed was known by someone?
Not exposing your mnemonic code should be your priority. Because if they enter it without the 25th passphrase, wouldn't they most likely think the seed is incorrect?
No, the mnemonic code without the passphrase is still a "working" mnemonic code and therefore will create a "normal" wallet. What a specific person you are thinking of will believe when restoring from your seed without a password, ... we don't know. But if they could figure out... okay there is a 25th passphrase, would those passphrases I posted above be safe against brute force?
Google "password security" and similar terms. There are even a few threads here. Check them out. Basically, it is a password. So everything which applies to a "normal" password, applies to this passphrase. Yea i know not exposing the seed is the number one priority. But if a thief somehow gets it... then you don't have protection against it if you write it down like one of those cards. So if they restore the wallet with the passphrase, it will create a normal wallet... but will it show your coins there or not? I thought if the enter the seed without the passphrase, it won't work like its not a match. The issue is the passphrase ppl say do not forget it. So you can't make something ridiculous with lot of numbers/letters and characters. Sure you can write it down... i mean you should write it down in case your memory forgets, but don't you agree it shouldn't be a ridiculous word though where you sometimes might forget it? But a passphrase like say frogger or dutch is probably a horrible passphrase... but something like doglikeshistreats catplaydog georgeisfat I mean.. those are pretty simple to remember... and better than frogger or dutch right? Yes i know about the stronger the password the better, but this is something in case you forget. So its like whats the best security for all this? Have your seed written down and broken in a few pieces. Then have that 25th Word in your house as well but write it somewhere a lot different. I mean imagine a notebook that could be a journal but say you know exactly what page that word is on etc. Wouldn't that be a good idea? Again yes I know not exposing the seed is the most important thing. But I feel like unless you live in a very secured place with security... think like a high rise in the trump towers or something like that... then i feel like theres almost always a risk. I mean... look at those hollywood celebrities that live in their homes in los angeles and hollywood etc and there are burglaries there. I mean... those places are rich and gated but somehow these things still happen. |
|
|
|
|
Anyone thinks it hits higher? I saw it went higher but now alts are coming back.
|
|
|
|
|
What would be the safest/best option then? HCP... do you have any input on this? I assume you don't do this?
Because having a 25th Word seems like a very good idea. I mean you could write it down somewhere else like in a notebook and it could be a regular word along with mixing other words. Say your 25th Word was like
frogisgreen
iliketoswim
windowsandapple
Or something even more simple like
moon
smoke
hollywood
I mean... would you say all of these passphrases would be relatively save even if your whole 24 word seed was known by someone? Because if they enter it without the 25th passphrase, wouldn't they most likely think the seed is incorrect? But if they could figure out... okay there is a 25th passphrase, would those passphrases I posted above be safe against brute force? Obviously the last few words aren't that safe... but I certainly don't think adding numbers and capitalizing certain letters is good because you could easily forget that right.
I really want to do the 25th passphrase now because of this. Now have most of you done this after having your 24 word seed for a while? If i had an extra nano ledger s... I would test this... I sort of don't want to try it on my nano ledger s now because of messing up. But its hard to mess this up right? Because when you enter a passphrase... you need to type it twice... then the screen makes you confirm... that is the word... so its hard to make a mistake here right? Thats why I wouldn't want to make the passphrase a long word of words because of this.
Now if you were to immediately use password recovery app on your nano ledger s... you could enter your entire 24 word seed ... then type in the 25th word passphrase just to confirm right? If so... that would make me feel much more comfortable on adding this 25th word passphrase.
|
|
|
|
|
Show Posts
