|
Okay so do most people just enter a passphrase then and don't deal with the 2 pins to those who do the 25th passphrase?
Oh wait, even if you put a passphrase, when you connect to ledger, it will just ask you for your regular pin right? Because you only need to enter that passphrase when you enter your entire 24 word seed? I was confused here.
I thought the 2nd pin was for the second wallet which is created... which would be like the smaller balance wallet...
So when you create a 2nd pin, that is your big balance wallet? But when you create a 2nd pin, your balance there is 0 right? So you would send 1.8 btc to this wallet? Let's assuming 2 btc to make it simple.
When you enter your original pin, you would then see 0.2 btc?
Also when you send btc from one wallet to another, you are paying a fee right like as if you are sending btc to someone else? Or is this just like a btc transfer between your wallets and there is no fee... like similar to how you have a checking and savings account with your bank?
Okay so when you delete the hidden account in ledger live... then readd it whenever you want. I assume you only do this when checking the balance only right... then just delete it and now you only see the smaller balance one?
|
|
|
|
But how do you know there is 30 million bitcoin addresses with balance on them? Where did you find this information out? Loyce has generated a list of all addresses with a balance from Blockchair's data dumps. There are 30 million entries. See: List of all Bitcoin addresses with a balanceSo you telling me some seeds would include seeds that repeat itself more than twice? Yes. There is no rule against words being repeated. then say the word is OVER. I'm not sure if OVER is a word in the word list or not. So wouldn't OVER written 12 or 24 times be a possible seed? The word "over" is indeed in the BIP39 list. However, the word over repeated 12 times is not a valid seed phrase, because the final word of each BIP39 phrase contains a checksum within it, and the checksum would be incorrect in this case. However, the phrase over over over over over over over over over over over ostrich Is perfectly valid. Or if you want to go with 24 words, the valid phrase would be: over over over over over over over over over over over over over over over over over over over over over over over nothing First off... this is possible for electrum or nano ledger s to generate this seed right? Because if so, wouldn't you not want this seed since it repeats itself every word except Dog? Yes, it is entirely possible to generate this seed phrase. I do agree though, that if my wallet generated a seed phrase with 11 repeating words, I'd probably create another one. Okay didn't know there were that much addresses with a balance. Okay so OVER is a word... again i had no idea it was or not... but you say having OVER written like this over over over over over over over over over over over ostrich over over over over over over over over over over over over over over over over over over over over over over over nothing Is actually valid... that is crazy. But if it was someone who just created a wallet, wouldn't they probably not think that much of it though... but it looks weird? I gotta assume ppl who when they got their seed... if it repeated once or twice, they probably get a new seed? Well im surprised how someone can't just hit a 12 word seed then... I would thought it wouldn't take that much time to hit even one. But you sure nobody has found a balance this way though? I have to assume some do but its only if they got a portion of the seed? I mean if someone found a bitcoin address this way, wouldn't it be not safe for them to say hey i found a working seed though? |
|
|
|
but when a computer does it... can someone explain how that works? It creates a combination, checks that it is valid, and if it is then goes through the process of turning that combination of words in to usually either a master public key which it can compare against one you have entered, or in to an address which it compare against one you have entered or the blockchain for any previous transactions. So you would see on the screen... it typing those word combinations and pressing enter each time... then move on to the next word etc? I mean, you could write a program to do this if you wanted, but given that it could likely check tens of thousands combinations a second, then there really is no point. You mean out of twelve words right? So how much is limit for the twenty four word seed? The same. If you are missing 4 words then there are 2048 4 possible combinations, regardless of how many total words there. I mean theres tons of addresses out there so its like how could you not hit one Because there are this many possible valid 12 word seeds: 340,282,366,920,938,463,463,374,607,431,768,211,456 And there only approximately 30 million bitcoin addresses with balance on them. Divide those two numbers and you get a roughly 1 in 11 million trillion trillion chance of finding a collision. (Now, this is not quite accurate since any seed can generate potentially billions of addresses, but you get the idea.) I had no idea there was this much seeds possible out of just 12 word seeds. But how do you know there is 30 million bitcoin addresses with balance on them? Where did you find this information out? So you telling me on average, one address has around 0.6 btc in each wallet? That seems way too high don't you think? Obviously there are wallets with say 1000 btc in it and some with much less etc... but isn't like 95% of bitcoin addresses contain 1 or less btc and its more like 80% contain 0.5 btc or less or something like that? Well take a look at those combinations. I do know that a seed that repeat itself. So you telling me some seeds would include seeds that repeat itself more than twice? Here is the issue though. Wouldn't that mean with all those combinations... then say the word is OVER. I'm not sure if OVER is a word in the word list or not. So wouldn't OVER written 12 or 24 times be a possible seed? Imagine when someone generates a seed with their nano ledger s or electrum... ley say it was electrum... and the seed was like Over Over Dog Over Over Over Over Over Over Over Over Over First off... this is possible for electrum or nano ledger s to generate this seed right? Because if so, wouldn't you not want this seed since it repeats itself every word except Dog? Like if you know about seeds and generate a new seed and a word shows up say 6 times in a 24 word seed... surely you would reject it? I mean I certainly wouldn't want a seed that repeats itself this many times right? So with all those combinations of just 12 word seeds, what percentage of them uses the same word once? Twice? Three times? Imagine 6 times? Surely you wouldn't feel safe with that seed right? |
|
|
|
|
I think 4 words is the limit of what could be called "easily" brute forced (and even then, it's not that easy). 5 words is potentially possibly, but only with a significant amount of time, money, and resources.
You mean out of twelve words right? So how much is limit for the twenty four word seed?
Well my thoughts are with just a twelve word seed... if you keep entering different combinations... why would it be hard to hit just one? Because its not like okay theres 9999999999999999 combinations and you need to hit exactly one. I mean theres tons of addresses out there so its like how could you not hit one.. does that make sense with my logic? I mean with all the possible combination of seeds... does anyone know what percentage of them contain btc? Like imagine you hit a twelve word phrase but then it shows 0 btc... but you hit the phrase correctly right? But if you enter wrong seed, it shows error?
|
|
|
|
So i know brute force means like you try all the combinations..
1. But its a computer entering each one etc over and over right? And not like a person doing it manually right? Now with brute force, is it a program that does it or is it a computer?
 Theoretically, both is called bruteforcing. But if you'd want to try to bruteforce a mnemonic (or a password or whatever), i'd recommend you use a computer for that. ~snip~
Your 12 word mnemonic is secure. 4-5 words can be bruteforced quite easily currently. But you shouldn't think about it, since you shouldn't expose any words of your mnemonic at all. Better keep it completely secure than to think about how many words you could expose and still be safe. Well if you do it manually, you are basically typing it yourself which is time consuming... but when a computer does it... can someone explain how that works? So you would see on the screen... it typing those word combinations and pressing enter each time... then move on to the next word etc? You can do this with a computer you have or you need to buy special equipment for it? |
|
|
|
|
HCP where did you get that chart from? I never seen it.
But using that chart, it would be bad which is why you see I'm always freaked out when something happens. The likelihood of a thief I would say is possible.
I mean unless you live in a luxury condo highrise where there is security to even get in... then i would say the likelihood is rare... don't you agree? Like im not sure where you are located but I think you said the US. But imagine you live like in the high rise condos with security... say in las vegas or LA or places like that where security is extremely tight... where you can't even get in the building without checking in at the front desk... then to me... the chance of you seed getting stolen would be almost impossible. I mean those high rises are built to even protect well against fires and floods right? Now would you agree if you live in one those places, you don't really have to worry about a thief?
|
|
|
|
|
My bigger concern is someone finding the seed. But yes the physical/extortion thing is very important.
But if you set a 25th Word, do you still need to set up 2 pins though? For me, the bigger security here is a 25th Word so if someone has my full seed... they still need the 25th Word.
Now if you set up 2 pins, well the one you create from now is going to be the hidden wallet or real wallet? I was confused watching the video of it but the one with your savings in it... that is the hidden wallet? The one you would show to a thief would be the spending wallet? So the pin i have now... that has all my coins. But the new pin that i create, after its done... it has no coins in it right? Thus i need to move a tiny bit of coins from my wallet to this small coin wallet... is that correct? So you need to like manually transfer the btc to it right? So say you have 2 btc in your main wallet just to make it simple, you probably transfer like 0.2 to it?
So now you have 1.8 btc in your main wallet... and 0.2 btc in your second wallet right? So then everytime you connect the nano ledger s to your laptop, it first ask for your passphrase. You enter that. Then it ask for your pin. Now you have choice of entering your original pin which has most of your savings... or you choose the other pin which has a small amount of your savings right? Now here is where im a bit confused. So whichever pin you enter... you still need to use ledger live to send. But isn't the issue here ledger live would show your coins in both pin wallets though? So if you enter the smaller saving wallet... when you go to your accounts in ledger live, it would show all your wallets? I have to assume it would only show the smaller wallet right? The same when you log into the bigger saving wallet... it show only the bigger saving wallet and that 1.8 btc only?
Has anyone here done this to their already nano ledger s with their full seed? I would feel much more comfortable doing this if say i was using a brand new ledger nano s to try... or if i had another nano ledger s to try this on... thus I would create new seed on new nano ledger and then put passphrase and two pins... then send tiny amount of btc from my nano ledger s to it... then test it on another wallet so if mistake, no big deal.
But its very hard to make a mistake here or not? I do notice it says for advanced users only... but has anyone had a case where they mess this up? Because im thinking for the passphrase if i do it... i cannot make it so complicated with numbers and making it a simple phrase. Thoughts on this?
|
|
|
|
The "best way" do to this, would be to go to ledger.com and check their FAQ on how to set it up.
Or google it, there are tons of tutorials available.
Considering the way jerry0 approaches things like this, I would advise him not to play with something so sensitive, because after all, this feature is for more experienced users who don’t need a week to insert 24 words into their new hardware wallet. After all, in addition to additional seed protection, this method is important for those who want to protect themselves in the event of a physical attack. Set up a passphrase to add a layer of security to your crypto assets. This option is only recommended for advanced users. Carefully read this article before setting up a passphrase. The recovery phrase and passphrase functionalities enable a range of security setups. You may use them to design the security strategy that meets your personal situation. Please do not overcomplicate things, the best security setup is one that you master and can execute with confidence. Yea when I do things, I am very careful with it. So with this... im a bit hesistant because say i type in the 25th Word, well i have to make sure its correct and look at it few times. Also i can't make it way too long otherwise it would be me looking at it over and over again. But would a passphrase like the ones i mentioned above be decent though? I obviously need to make sure its easy to remember. But if you put a very simple passphrase like the word motorola to make it simple, would it be easy for someone to brute force it assuming they have the whole word list but just missing the passphrase? Or would someone think wait a minute... this might not even be the seed after typing all the words? I assume most ppl dont know about this 25th Word right? Thing is had I set this up sooner like originally, I would feel much more safer in a way. But in that example with the guy using moon as his passphrase, how safe would his seed be if someone found his entire seed but do not know about his passphrase as moon? I definitely want this passphrase in addition... but concerned i might mess something up in the process... but then again its hard right? Because you need to type this passphrase twice to confirm it... then it shows you the passphrase before you click okay... so as long as you make sure you remember it... then you are fine right? Like had i done this originally when i first got the nano ledger s... i would feel much better because I did it correctly... as oppose to now... doing it on an already used ledger. |
|
|
|
|
Okay so do most ppl also have two pins then?
I want to do the 25th Word with my current seed at the moment. Best way to do this? Do i want two pins or not?
|
|
|
|
Depends a lot on the size of the container and how often you open it (breaking the airtight seal). One should probably be enough for a relatively extended period if the container you get is about the size of the original ledger box, has decent seals and you don't open it often. If the box is bigger, you might want to consider 2. They're cheap enough, so you can probably afford to replace the pack(s) every couple of months. But it's more to do with how often you open the container. Every time you open it, you're basically replacing all the "dry" air inside with moist, humid air again. I'd probably be considering changing the packs after opening the container 3 or 4 times. If I didn't open the container at all, I'd probably consider changing them after a year. Also, you can "refresh" silica packs by baking in an oven at a very low temp like 120C-150C for 30-60 minutes to dry them out so you can re-use them (and you can microwave the "paper" packet ones for like 3-5 minutes on a medium setting). ... I want to make sure my ledger stays cool for half a year.
Silica gel doesn't regulate temperature. They're for moisture control. It'll help keep the humidity in your container under control and keep the device "dry", but it won't do anything for the temperature. Hey thanks. Okay so does that mean if say every few days i open it say, every two or three days, i need to replace it with a new one each time? Because im ordering a huge pack of these. So if someone was to use it every single day though and opening it everyday, you going to change it every few days right? Like you not going to use a new one each day right? I don't plan to not touch it at all for a few months like last time, i mean i will definitely connect it to my laptop probably at least once a week etc. Those come in huge packs... pack of 50 or hundred.... |
|
|
|
HCP or anyone else, im going to order the silica gel right now. How often do you need to replace them and how many do you need to put at once? They seem to sell packs of 50 and hundred or more. Like do i need to put at least a few of them in an airtight box and replace them with a few ones every month or so? I won't need it for anything else but just this so curious how many I need if say I want to make sure my ledger stays cool for half a year. |
|
|
|
|
So I heard a while back you could add a 25th word or phrase to your nano ledger s. I also heard this could be done in electrum with an additional word.
I'm curious but has anyone here done this? I looked at ledger site and apparently there are very little limitations to it... said it could be mix of letters, numbers and characters... and max is 100 characters. It could be capital or lowercase as well?
I had thought the last word you add had to be from that 2000+ word list which wouldn't even make it that secure since if someone has your seed, they could type the last word for every single word in the word list and get there.
Now this seems unbelievable because wouldn't this provide you as much security as you can? So let say someone has access to your whole seed on nano ledger s. If you put in another word, aren't they basically screwed them almost unless you pick a poor password?
Example imagine your word/paraphrase was like
dogwenttotheotherside
catwenttoeatsomechipsagain9
ieatchipswithsoda
Now if someone has your seed, and then need to crack the last word... wouldn't that be very hard?
Now could I actually add a 25th Word right now to my nano ledger s? But im concerned about making a mistake though... but its simple right? Or I would need a completely new seed to do this?
Because if I could... then wouldn't your security be very strong then even if someone found your seed? Obviously you need to make sure you remember your last word.
|
|
|
|
I always felt safe is bad idea because isn't that the first place a thief would look besides it in the open and the table/drawers? So hide the safe. Bolt it to some concrete underneath your floorboards. No thief is going to find it unless they demolish your house. Now if you hide it in a notebook or in the open, but its like hidden in words or things like that, well a thief wouldn't even check that wouldn't you agree? Why wouldn't they? I assume in this scenario the thief knows that they are looking for a bitcoin seed phrase. Words circled in a book or a list of words in a notebook is going to be entirely obvious. You say the code is trivial, but how would they even figure it out? I mean it could mean a password that is in code form or something. Unless that thief knows what it is... wouldn't that be good idea? A thief who is looking for a seed phrase and finds a list of 24 items will almost immediately realize what they are looking at, even if they aren't "words" as such. A half decent computer will be able to break any simple cipher such as an Caeser cipher or Vigenère cipher almost immediately. What do you mean store it in protect format and encrypt it? You mean like in a document and encrypt it with axcrypt or bitlocker? But what you mean encryption key on paper separately? I dont get the paper part.
I mean encrypt the seed phrase and store the encrypted file or text. Whatever key you used to encrypt it should then be stored on paper separately, otherwise you are relying entirely on your memory for your back up. Well I don't think thieves would be targeting bitcoin... dont you think? I mean most thiefs are looking for cash and valuables. Unless they know a specific place has btc, then wouldnt you agree unless its targeted, then a notebook with the words would be safe? Well i dont mean circling words... that would be obvious. But i mean you have a ton of words and sentences but you know exactly what page each one is on... you write it down somewhere or store it online. Also what percent of thieves do you think would even think much if they see words circled? I dont think that many would know about it. Well if a thief knows about crypto, yes obviously they will realize what it is. But would you say even half of thieves know about crypto and the seed? Im sure most ppl know or heard about crypto but you think most know a word seed is where ppl store it? Well if you encrypt the seed phrase and store it in encrypted file or text... yes that is safe. Now you saying if you store it in usb or something not connected to internet right? But if you print it out... well isn't that the same thing as writing it down on paper? Well relying on memory for seed is obviously bad idea. Some ppl say they remember it. Now i could imagine a 12 word seed wouldn't be that hard to remember... but still easy to forget. Now if you talk about a 24 word seed... that is insane.. dont you agree? Now also something else. I read electrum allows you to put another word to the seed and so does nano ledger s. But do ppl do that or not? The thing now is the most important question... if you put a 13th word seed for electrum or a 25th word seed for nano ledger s... does that last word has to be from that 2000+ word list or not? If NOT... then wouldn't it make sense to always do that? Because if you do... i mean how could someone figure that last word out? But what are the requirements for the last word? It has to be letters right? So could it be like dogwenttotheoutsideagain If so... wouldn't this be the safest way to do this? Since if you somehow expose your electrum or nano ledger seed... that person still need your last word? I mean you could make it like catwenttoplaywiththefrog right? Now if that last word has to be one of the word list, then obviously that isn't going to be that effective. |
|
|
|
|
Another thing. But all wallets like nano ledger, electrum, armory, coinomi, use the same word list right? Well what about wallets like myetherwallet, waves, and other types of wallets? I can't imagine its all the same word list right? So theres a separate word list for different wallets? Then again i know most of those wallets might not even have wallets and use my ether wallet right? But is there is so many wallets generated... how could someone even attempting say ten thousand different combinations not even generate a hit?
Surely someone has found crypto this way right? I mean i dont know exactly how many combinations there are... but its not like okay you need to hit exactly one of these combinations... theres so many combinations of seed words.
Also does anyone have a clue how many seeds are generated in total for electrum or nano ledger s? I thought with so many wallets out there... even if you brute force... how could you not hit one of them... or is my logic incorrect here? Its not like okay I can try it only few times then it locks and you can't try anymore like when you attempt too many passwords for your email if you are wrong.
|
|
|
|
|
So i know brute force means like you try all the combinations..
1. But its a computer entering each one etc over and over right? And not like a person doing it manually right? Now with brute force, is it a program that does it or is it a computer?
Now the electrum seed is 12 words. The nano ledger is 24 words. I know other wallets have 12 as well and others have 24 in general
2. If say someone has all the words for each electrum and nano ledger s... is your seed basically compromised even if one doesn't know the order of each one? I gotta assume electrum could easily be done by manually typing each word and combination right? But with the nano ledger s, a lot more time but thats probably done in days? And its a program that will brute force it? Thus you see on the computer and it would auto type all the words and enter each time... then rinse and repeat? Or is that not how brute force works?
3. How many words being exposed for electrum and nano ledger s would you consider your seed a bit compromised? Obviously if you give 1-2 words out for electrum or nano ledger s... that is still very safe right? But obviously electrum is not as safe because less words. If someone has your first 6 words of electrum or the last 6 words... how long would it take to brute force that? What about ledger with 12 words... say someone found one half of your 24 word seed?
4. Order is much less important than the words right? Like is it better to have exposed 6 words of your 24 word seed as oppose to having say 3 words straight of your 24 word seed?
5. I always felt the 12 word seed in electrum wasn't safe because I thought hey only 12 words and the word list is only over 2000 words or so. I thought to myself, well imagine I just go to recovery seed in electrum and just trial and error all the words... surely I would make one hit ... but this is basically impossible right? Because ppl I assume with brute force program could type the combinations of words for them in electrum? Thus imagine it type each manually by looking at the word list while it would be doing the same but machine doing it and faster... is that right? I thought well if it keeps entering words... wouldn't it eventually find a match? Or is there a period where after you type in say 50 combinations and it doesn't work... it can't enter more words until a certain time period? Like imagine you try to log into your email account with password and you are wrong three times then it won't let you log in for another hour or so etc... but no issue like that with brute force?
|
|
|
|
Also i thought about something else. What about writing it in a notebook with your other things. It is much safer to have your seed phrase securely stored somewhere that other people are not going to find it, rather than have it stored out in the open in a notebook for example, and rely on the fact that someone might not recognize it for what it is because it is somewhat disguised or hidden in among other words/sentences/data/etc. I thought of something else like imagine you use a code or something. Like imagine instead of letters for each word, you use a code... like A means C, B means D.... etc like a code. The issue is if you forget the code... well it shouldn't be that hard as you move two spots... then wouldn't that be good? Because its not even words right Such a simple encoding method is completely trivial to break and adds essentially zero additional security. If you want to store your seed in a protect format then you should encrypt it, and you should back up the encryption key on paper separately. The issue here is a thief would check everywhere so even if you hide it, isn't it still chance they can find it? Like you mean a hiding spot and not something hidden like a safe right? I always felt safe is bad idea because isn't that the first place a thief would look besides it in the open and the table/drawers? Now if you hide it in a notebook or in the open, but its like hidden in words or things like that, well a thief wouldn't even check that wouldn't you agree? You say the code is trivial, but how would they even figure it out? I mean it could mean a password that is in code form or something. Unless that thief knows what it is... wouldn't that be good idea? What do you mean store it in protect format and encrypt it? You mean like in a document and encrypt it with axcrypt or bitlocker? But what you mean encryption key on paper separately? I dont get the paper part. |
|
|
|
https://www.investopedia.com/news/how-winklevoss-twins-store-their-crypto-fortune/So the winkelvoss store them throughout safety deposit boxes throughout the US. So in that article, its a paper wallet in each one? It says a printout of their private keys ... so does that mean like them writing the seed in paper or like a paper seed? So wouldn't this be very safe? Thus imagine they split the seed into two with two banks? But of course they make a copy of each. So wouldn't that mean like it take four banks for one seed? Thus imagine they have ten wallets, they they get forty safe deposit boxes throughout the US? I thought one idea was to have two safety deposit boxes.. where you split it into two pieces of paper. That seem to be what the winkelvoss does but obviously they do it much more complex. Also i thought about something else. What about writing it in a notebook with your other things. I mean if you look at the notebook with nothing there, well aren't they not going to scroll the notebook right? The biggest issue I felt is theft or natural disaster. And people who say use crytosteel... i mean is it easy to hide it? I thought of something else like imagine you use a code or something. Like imagine instead of letters for each word, you use a code... like A means C, B means D.... etc like a code. The issue is if you forget the code... well it shouldn't be that hard as you move two spots... then wouldn't that be good? Because its not even words right
|
|
|
|
https://www.investopedia.com/news/how-winklevoss-twins-store-their-crypto-fortune/So the winkelvoss store them throughout safety deposit boxes throughout the US. So in that article, its a paper wallet in each one? It says a printout of their private keys ... so does that mean like them writing the seed in paper or like a paper seed? So wouldn't this be very safe? Thus imagine they split the seed into two with two banks? But of course they make a copy of each. So wouldn't that mean like it take four banks for one seed? Thus imagine they have ten wallets, they they get forty safe deposit boxes throughout the US? I thought one idea was to have two safety deposit boxes.. where you split it into two pieces of paper. Would you recommend this?
|
|
|
|
|
Some of the points do make sense though.
|
|
|
|
Correct, it's just a generic "you can add accounts now if you want to" type message whenever you install any apps to the device.
If the accounts you want to see were already added to Ledger Live, they will not need to be added again unless you either manually delete the account(s) from the Portfolio, or you delete all the application data for Ledger Live (available in the settings).
Okay thanks... but when you restore a seed... you should always delete all those accounts first right? Then add each one individually? When i restored my seed not long ago, I recall we deleted all the accounts there right? Then I added each account manually. So basically only do that when restoring a seed... but no need when firmware update right? Do you know why the identifier showed a very long line though? It was a few lines... i was surprised b/c i thought it was just one line. Yea i notice the firmware when i did the update, it gave me a few extra kb of space. Btw, how many apps can you store now on the nano ledger ? Is it only when you run out of kb? Because it seem like bitcoin uses the most kb.... like ten times as much as every other app? Bitcoin seem to use over 40kb but bch and bitcoin gold and others uses like 4kb or so? And the total space is like over 152kb now but before update it was like 144kb? |
|
|
|
|
Show Posts
