Are Ledger Nano seeds secure?

[Lionel]

Brainwallets are not secure,  at least if they have a relatively short seed , like 12 words.
What about Ledger ones that have 24 words?

[1714932285]

1714932285

[1714932285]

1714932285

[1714932285]

1714932285

[1714932285]

1714932285

[1714932285]

1714932285

[TryNinja]

What makes the brain wallets insecure isn't really the number of words. It's more about the fact that humans are bad at creating entropy. You may think your seed is "random" and "secure" enough, but it could be an easily brute-forced phrase.

Still, 24 words should be "safer" than 12 words.

there is 256 bits of input entropy for a 24-word seed, meaning that there are 2^256

possible 24-word seeds. This means that in order for the brute-forcer to have a 50% chance of finding your seed, they would need to check 2^256 ÷ 2 keys.

I did the math a while ago... The list is 2048 words. 2048^24 =

29,642,775,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 (rounded because I'm lazy)

Best of luck figuring that one out..

[gentlemand]

I've never heard of one single case of a Ledger seed, or any properly generated seed, being guessed, other than people who buy them from Ebay with an official looking seed prefilled on a card ready to be swept by the seller as soon as it's loaded.

[Lucius]

Lionel, you get answer from TryNinja regarding a possible hacking / guessing of 24 words for seed. But that's not all about security for Nano S seed, there is a option to add one more word to your seed, and this is called passphrase security. In that way you can further protect yours coins, even if someone get your seed they will need passphrase. For that reason is not good idea to save both in same place.

I think the weakest link in security of seed is the user himself.

[mk4]

I think the weakest link in security of seed is the user himself.

This. The security of the seeds depends more on how you actually store your seed. If you store it offline on a piece of paper that's locked up somewhere(or digitally through a properly executed air-gapped device), then you're good. As opposed to storing your seed on a text file/word file/notes app/etc, then there's a good chance you're going to get screwed over in the future.

[HCP]

Brainwallets are not secure,  at least if they have a relatively short seed , like 12 words.
What about Ledger ones that have 24 words?

What a lot of people fail to grasp... is that the wallets that utilise seed mnemonics (aka 12/24 words), do not start by generating words.

They start by using a (pseudo) random number generator to create a very large random number... this large random number is then converted into words by following the BIP39 process. (Note that Electrum follows a slightly different method for converting to words, but the underlying theory is the same... large random number -> words).

This is completely opposite to a "brainwallet" where the words are chosen first... and the number is generated from the words. As was already stated, creating your own brainwallet words generally leads to very poor entropy because humans are terrible at creating "random" things.

So, by starting with a random number, then converting to words... you retain the "entropy" to safeguard your coins.