How can we expect "average Joe" to remember passphrases to his Bitcoins?

[bitbunnny]

No one has said that using new technologies is always easy and efortless. But to some extent you have to adjust yourself and also have some basic knowledge, if not some advanced and specific ones. Nothing will just fall of the sky so average Joe also needs to learn how to note the passphrase if he can't memorize it.

[DoublerHunter]

Passphrase is created to be backed up and not to memorize or remember it, we should be write those passphrase into a clean sheet of paper and keep it into the safest place that we know so we don't need to bother our self in remembering the passphrase of our wallet and to be easily recover our funds when our wallet password is lost.

[aoluain]

No one has said that using new technologies is always easy and efortless. But to some extent you have to adjust yourself and also have some basic knowledge, if not some advanced and specific ones. Nothing will just fall of the sky so average Joe also needs to learn how to note the passphrase if he can't memorize it.

i agree with this, there has to be basic knowledge of password, passphrase creation and storage.

I can understand if someone is messy or disorganised that the systems which should normally be put in place
are not or left until another time, this creates problems.

you could actually have a specific system for creating passwords for everything you do online,
email, banking etc. which are all related or on a specific theme like your favorite actress or actor for example.
[obviously not using the same format for everything!!!]

there are simple solutions to password creation etc. to help YOU remember.

Discipline is the first step!

[G400]

Some of the options:

Method 1:
Have the seed saved in a safe: on 3 different mediums: paper, usb, cd.

Method 2:
Use password manager with Yubikey and 20+ char random password
Store it there

Method 3:
Have the seed words split in 3.
Part1 Part2 Part3. Find 3 trusted relatives or whoever, and at first one store: Part1, Part2, at the second one: Part2, Part3, at the third party: Part1 Part3.

Method4
Store it on airgaped machine.


Whatever happens to one of those parties, remaining two can be used to reconstruct the seed, and no single person can do it themselves.

[ikilledcobain]

I think as biometric security becomes better and more common place it will have a part in solving this problem. I do think the OP brings up a good point, though. It doesn't take much to scare the 'average joe' off.

[youdamushi]

But you don't give a dam...

You just have to write it down somewhere and remember where it is!
Don't tell me it's too complicated xD

[bartolo]

Passphrase is created to be backed up and not to memorize or remember it, we should be write those passphrase into a clean sheet of paper and keep it into the safest place that we know so we don't need to bother our self in remembering the passphrase of our wallet and to be easily recover our funds when our wallet password is lost.

Even if you are able to memorize it you can forget it in any moment or anything can happen to you. People can write it in a paper and can make a copy in a txt file and keep it in a pendrive or a cd.

[tobacco123]

This is not a good idea... as the price of bitcoin goes up, robbers might start robbing you hand/arm just to get the passphrase. I think average Joe should stick to the online wallets which offer passphrase recovery services.

Embed an encrypted passive rfid chip in "Joe" or his dog that contains the passphrase. Then take a hundred unencrypted rfid chips with the password to the encrypted embedded rfid chips, and scatter them in a field somewhere. If Joe forgets the passphrase all he has to do is go to the location where he scattered the other chips. Apparently rfid has a 3 foot range so it shouldn't be hard to find one of the hundreds of rfid tags he scattered previously.  Once found he will have the password to his embedded chip, so he can then unencrypt the passphrase held in the embedded chip in his body, and recover it. Something tells me I just made that way more convoluted than necessary  

edit: okay, new, even worse idea.. embed 4 rfid tags... one in each hand and one in each foot. Only the rfid tag in your right foot is unencrypted. It contains the password to unencrypt the rfid tag in your left foot... which contains the password to unencrypt the rfid tag in your left hand.. which contains the password to unencrypt the rfid tag in your right hand which.. you got it.. contains the passphrase to your wallet. So you go clockwise with the rfid detector.. right foot (unencrypted), left foot, left hand, right hand and passphrase.

[Junko]

Solution for the "below average Joe": tattoo mirror image of password/passphrase/private key/whatever to left and right upper chest and either butt cheek in tiny text and camouflage within another tattoo. Multiple places in case of injury or medical procedure.

[monsanto]

Solution for the "below average Joe": tattoo mirror image of password/passphrase/private key/whatever to left and right upper chest and either butt cheek in tiny text and camouflage within another tattoo. Multiple places in case of injury or medical procedure.

They could put half of it on the bottom of one foot, and half on the bottom of another foot. Or they could do a multisig with feet from 2 different people. Problem with this approach is you have to get a new tattoo every time you change a password.

This is not a good idea... as the price of bitcoin goes up, robbers might start robbing you hand/arm just to get the passphrase. I think average Joe should stick to the online wallets which offer passphrase recovery services.

I don't know if this would be a problem since a robber would have to know you are using rfid tags, and also they'd have to know where they are located on your body. Actually, they could conceivably find them with x-ray machines. I'm sure rfid tags would show up on an x-ray, so you may have a point.

[maku]

Solution for the "below average Joe": tattoo mirror image of password/passphrase/private key/whatever to left and right upper chest and either butt cheek in tiny text and camouflage within another tattoo. Multiple places in case of injury or medical procedure.

Interesting idea but IMO a tattoo is a bit overboard solution. Maybe it is worth when you either like tattoos in general, or have enormous amount of Bitcoin stored.
There is always a possibility that someone will learn about your tattoo and kidnap you just to read it and stole your coins. Why risk yourself like that?

I think as biometric security becomes better and more common place it will have a part in solving this problem. I do think the OP brings up a good point, though. It doesn't take much to scare the 'average joe' off.

The problem with this is trusting external company to manage your bio-security. Would you store your fingerprints online where someone could access it steal you biometric data?

[naidray]

It's something which seems crucial to me for reaching mass adoption (in addition to scalabilty of course...).
Already on this forum there is a shitload of people losing their Bitcoins by forgetting passphrases, the private keys, the dat file etc...
So I would like to know what technological solutions could be proposed for this problem.

To make a comparison, a lot of people are forgetting their credit card code (even if it's only 4 digits...) or losing the card and the centralized solution to this is the bank providing new card/code.

Which decentralized solutions to this problems could you think of?

Simple solution for average Joes..
Don't use bitcoin, if you can't remember password, passphrase, private keys or dat file.
Don't use c. card, if you can't remember pin.

Maybe in future we will get finger print, retina scan, face detection etc etc in the bitcoin tech.

PIN codes were first created around the idea that even a rerated person could remember them, so the “average joe” that you are talking about could at least remember a 4-digit code, hell even a monkey could remember a pin code, as for the bitcoin there are similar ways, I personally use an online wallet like Xapo for example where e you only have to enter a password one time and from than you could use only a pin code to make things easier.

[chaser15]

Bitcoin is not the only thing that using such passwords or any security features. We have lots of things that we need passphrases so prior with the usage of bitcoin, we have some knowledge now that we must take care of the passwords we are making.

Aside from that, average Joes can't be called "Average" if they didn't know how to remember their passphares. They will be tagged now as "Newbie" joes since they didn't know the one of the basic thing that's a must on the internet.

[R2-D2R2]

I tattooed it under my foot , its not going anywhere

[Junko]

Solution for the "below average Joe": tattoo mirror image of password/passphrase/private key/whatever to left and right upper chest and either butt cheek in tiny text and camouflage within another tattoo. Multiple places in case of injury or medical procedure.

Interesting idea but IMO a tattoo is a bit overboard solution. Maybe it is worth when you either like tattoos in general, or have enormous amount of Bitcoin stored.
There is always a possibility that someone will learn about your tattoo and kidnap you just to read it and stole your coins. Why risk yourself like that?

Well, the question is dealing with average Joes losing or forgetting their secret bitcoin infos, not to address preventing themselves from getting kidnapped for their bitcoins. Kidnapping for bitcoins is a whole other question and scenario. If someone who wants your bitcoins wants to kidnap you or a loved one, it doesn't matter where you keep your password/passphrase/private keys if you think about it. They aren't going to care, they are going to want you to give them up one way or another.

I tattooed it under my foot , its not going anywhere

Nice, just don't go coal walking or step on any landmines. And take care that you don't get diabetes and have to have your foot amputated. 

[SaShiRaJaVu]

PIN codes were first created around the idea that even a rerated person could remember them, so the “average joe” that you are talking about could at least remember a 4-digit code, hell even a monkey could remember a pin code, as for the bitcoin there are similar ways, I personally use an online wallet like Xapo for example where e you only have to enter a password one time and from than you could use only a pin code to make things easier.

The problem is,if you are not using the pin or a simple password for an extended period of time,it is possible that you will be forgetting the password as you are simply not using it.It is a natural thing and that is what is happening to most of the people,they are not using the passphrase often and if you are rarely using the password then the chances of forgetting it are higher and when it comes to bitcoin if you forget those there is no way in hell you could recover those unless you save those details elsewhere.

[monsanto]

This is not a good idea... as the price of bitcoin goes up, robbers might start robbing you hand/arm just to get the passphrase. I think average Joe should stick to the online wallets which offer passphrase recovery services.

Embed an encrypted passive rfid chip in "Joe" or his dog that contains the passphrase. Then take a hundred unencrypted rfid chips with the password to the encrypted embedded rfid chips, and scatter them in a field somewhere. If Joe forgets the passphrase all he has to do is go to the location where he scattered the other chips. Apparently rfid has a 3 foot range so it shouldn't be hard to find one of the hundreds of rfid tags he scattered previously.  Once found he will have the password to his embedded chip, so he can then unencrypt the passphrase held in the embedded chip in his body, and recover it. Something tells me I just made that way more convoluted than necessary  

edit: okay, new, even worse idea.. embed 4 rfid tags... one in each hand and one in each foot. Only the rfid tag in your right foot is unencrypted. It contains the password to unencrypt the rfid tag in your left foot... which contains the password to unencrypt the rfid tag in your left hand.. which contains the password to unencrypt the rfid tag in your right hand which.. you got it.. contains the passphrase to your wallet. So you go clockwise with the rfid detector.. right foot (unencrypted), left foot, left hand, right hand and passphrase.

I still like my original idea of scattering, or hiding, cheap passive rfid tags with the password/phrase on them.  You could go to some remote area and scatter around and under rocks several hundred of these. 



Or you could use the flat kind. You encode it with your passphrase then go to several libraries and check out your favorite books. Glue an rfid inside the binding of the book. It will already have an rfid from the library so even if someone finds it they won't think much of it. Or if you are paranoid you could put half on one book and half on a different book. Use several libraries and maybe 5 books from each, then return the books.  Now the only things you have to remember are the location of the libraries and a few of your favorite books. 

[iamTom123]

If they can't remember their password, AND don't have a seed or private keys, AND don't have a backup file prior to encryption then they probably don't deserve to use Bitcoin.
The simplest (but not greatest, due to obvious side effects) of all solutions would be simply to just not encrypt your wallet.

Until such time that there can be a way to manage the long passphrase, we should be taking notes of those and make sure we put them in a safe place somewhere. No need to rely on our memory since it can be impossible as we are already overloaded with information. Put the note in a vault...now is there an online vault somewhere that can be safe?

[lighpulsar07]

Simple solution:
- do not encrypt wallet.
- write down your password on a piece of paper and hide it somewhere safe. (uh another problem, he cannot remember where did he kept the paper)
- have password hints
- use all the letters in the alphabet as password or use your name in reverse as a password.

It is not a secure solution ,you must always encrypt your wallet but you can always save your password and pass phrase in a note pad which is not that difficult and keep in a safe location,never use password hints and easy ones since you are dealing with money and make sure you put in a very good password so that no one is able to crack it easily.

I agree, you should make counter measures for yourself to avoid getting locked or losing bitcoins. if you are forgetful and you can't remember the password/passphrase, just make a back up file of your password/ passphrase and store it in flash drives, external hard disks or in google drive (just make sure that your account is protected) and, don't use same password you used in your wallet and lastly, make a back up your wallet.dat just in case of data corruption.

[bitcoin_user]

I've got an idea based on how the human memory works:

For the memory, recognition is way easier than recall : for example, when you're speaking a foreign language, it's a lot more difficult to write the Japanese kanji for "love" (it's "愛") than to recognize it among other candidates. Or it's easier to understand some words of Japanese than to produce them yourself. Or in other words, speaking is always more difficult than understanding.
And secondly, the brain "loves" visual mode, way more than language/word mode.

So:

Imagine a steganographical image of a room for example. The steganography is not used to hide the code, but only because the brain likes pictures, not words. the code is inside a very small portion of the code, on which Average-Joe must click. there are lots of elements in the room picture (or landscape or city street etc) so that it's not easy for him to "know" beforehand what the cue is. But if he sees it, he recognizes it. Always based on the fact that recognition is superior to recall.
To increase the protection, the image must be large enough, and even using 3 or 4 different images like this (it's a bit like a Re-captcha actually).