Best Place To Store Your Seed?

[dkbit98]

I have some good ideas for hiding steel plates but I am not going to say it here obviously, and it's much better to know where not to hide your backup seed words either on paper or on steel plate.
You are certainly not going to frame your steel plate and put it on some visible place like your living room wall, and someone is usually going to look first in your home safe if you have it or in your drawers or closets, and under the bed so that are not a good places to hide anything.

List of the places burglars usually look first:

- Bedroom
- Closets
- Under the mattress
- Suitcases
- Drawers
- Safes
- Refrigerator
- Vases
- Toilet tank
...

[o_e_l_e_o]

How is a stainless steel plate that good of an idea?

Because it is very resistant to fire, corrosion, water damage, acid, chemicals, explosions, and a bunch of other things which would destroy a paper back up.

But i mean don't you agree your seed being on this plate as oppose to say in a notebook would draw a lot less attention?

If your entire security set up relies on your back up not drawing attention because it is written in a notebook rather on a steel plate, then that is effectively security through obscurity and is a bad idea all round.

Also i gotta wonder... wouldn't another location be assuming you live in a house... and have a basement... you put it in safe on the ground underneath your basement?  Or that is horrible idea if natural disaster happens?

That's a great idea, I would think. A fire-proof safe bolted to your foundations and hidden underneath a hatch on your basement floor will be protected from most natural disasters and impenetrable to most thieves.

[Dabs]

Hey jerry .... how is your physical security? Can you survive a $5 wrench attack? That's another thing you need to think of.

(Yes, it's feeding the paranoia, but it's a real world risk as well.)

[20kevin20]

If you have a garden, create a small DIY steel plate and bury it into the ground. Maybe plant something over it if you want to be sure you'd notice anyone tampering with it.

How safe is this method? All methods have pros and cons. There's no perfect one. Otherwise, everyone would follow it. But I'd personally not go and put my trust into a third party. Instead, I'd just choose the less popular option of storing my seed and try my best not to mess it up.

Another idea might be creating a DIY metal seed capsule, drilling a large enough hole in one of your walls, placing the capsule in it and covering the hole & adding paint over it to make it look as if you've either never touched it or it was just a retouch. These two ideas are some of which I've like never really heard around.

But again, remember there are cons for all methods. And speaking from my own experience, the more paranoid and perfectionist you are, the more suspicious and obvious your hiding spot may be..

[Dabs]

Have you guys seen John Wick? He hides his gold coins and guns in the basement, buried under cement / concrete.

[bob123]

Have you guys seen John Wick? He hides his gold coins and guns in the basement, buried under cement / concrete.

So.. are you saying jerry0 should do the same?

But the important question is... how can he access his weapons fast enough if someone is breaking in trying to steal his mnemonic code?!?! 

[Dabs]

Have you guys seen John Wick? He hides his gold coins and guns in the basement, buried under cement / concrete.

So.. are you saying jerry0 should do the same?

But the important question is... how can he access his weapons fast enough if someone is breaking in trying to steal his mnemonic code?!?!  

You're John Wick, of course you have a daily sidearm on your person at the time someone is breaking in, plus all the hand-to-hand unarmed martial arts skillz. They're not getting at your buried seed code unless they get to the basement before you do, but they're busy being owned.

What you don't have is a bazooka / RPG to fire back at the bad guy who just blew up your house.. but first, you need a dog.

[jerry0]

The more I think about it... I still feed best places are


Multiple US safety bank deposit boxes.  Thus break it into two pieces and have multiple bank deposit boxes in case. 


Storing your seed in lastpass/keepass and then storing it in the cloud.  Have there been cases of seeds getting exposed this way?  I do know lot of ppl say they store it on dropbox/gmail etc but many seem to say they do it on wordpad and don't encrypt it.  So if you make sure your laptop is free of malware/virus/keylogger... type the seed in your lastpass/keepass then put it in the cloud, like dropbox and gmail... the only way for someone to get into it would be


Hack into your gmail/dropbox account.


But they still need your master password for lastpass/keepass to get in. 


And you don't have to be concern about natural disasters or physical theft as long as of course you remember your dropbox/gmail password and your lastpass/keepass password.


I mean one other thing you could do is have two dropbox/gmail and break the seed in half.  So someone would need both account username and passwords and know the two different passwords for the two different lastpass/keepass password.  So wouldn't that be more than enough if you want to store it in the cloud?  The biggest concern here is you need to make sure your own computer never gets malware/keylogger/virus.


Any cases of people getting hacked but they store it on cloud but encrypt the document or lastpass/keepass?

[PrimeNumber7]

Storing your seed in lastpass/keepass and then storing it in the cloud. 

See this explination as to why it is not a good idea to store your backups in the cloud.

I think you are probably more likely to end up locked out of your backup than having your coin stolen, but that is really a distinction without a difference. If your KeePass password is too complex, you may not remember it years from now, if it is too simple, it will not provide substantial additional protection in the event a malicious actor is able to obtain the encrypted file.

At the end of the day, it is your seed, and you can do what you want.

[o_e_l_e_o]

Multiple US safety bank deposit boxes.  Thus break it into two pieces and have multiple bank deposit boxes in case.

Sure, do this if you want. Wherever you back it up, be aware that only having a single back up is a bad idea. Since people generally rare check on the integrity of their back ups, if you only have one and it becomes damaged, destroyed, stolen, etc., then often people only realize their back up has failed when they need to access it in an emergency.

Storing your seed in lastpass/keepass and then storing it in the cloud.  Have there been cases of seeds getting exposed this way?

This is a terrible idea, and this has been explained to you multiple times before. By entering your seed phrase in to a password manager, then it is first exposed to your computer in plaintext and therefore there is the potential for it to be stolen. After you've stored it in a password manager, the seed phrase could still exist on your computer in plaintext and be stolen later. Cloud storage is frequently hacked. Your password manager file is now going to be duplicated across an unknown number of servers in an unknown number of countries which can be accessed by an unknown number of people. You are trusting the password manager not to have a flaw or bug in it. You are trusting the process of uploading and downloading it from the internet, and you are trusting the internet connection you are using. If the password is long enough to be secure, there is a significant chance you will forget it without backing it up on paper (and if that's the case, then why not just cut out all this additional risk and back up your seed phrase on paper). If the password is short enough that you won't forget it, then it isn't secure. The list goes on.

And yes, there are countless cases of people storing their seed phrases on some kind of account or hosted server and having their coins stolen.

There is a reason every good wallet tells you to write your seed phrase down on paper and not to store it digitally. I don't know why you keep bringing this up. If you want to go against all advice then we can't stop you, but you can't say you haven't been warned.

[Dabs]

Splitting or breaking a seed into more than one piece is a bad idea. Again, form your own opinions. If you lose one, you lose it all. If you are using multiple bank boxes, store the entire seed in each one, as duplicate or backup. Not split.

Multi-sig is a different matter. There are plenty of Multi-sig services out there, Casa, Unchained Capital, Caravan, or even your own DIY method.

[jerry0]

How is splitting the seed bad?  If someone get access to the whole seed and know what it might be, then they have your coins.  If you split the seed in half, they need to find the other half.


Also i mean, make two copies of each seed split in half.  Thoughts on that?


Multiple deposit boxes.  Well imagine having four of the boxes.  Then you write seed twice and split each of them.  So if anything happens to one safety deposit box, well you have access still because you got backup copy in another safety deposit box.  If you put whole seed in one box... what if it gets broke into or things like a bank employee or employees try to open the deposit box?  Well you wouldn't even know if it was accessed.  Yes i know there is lot of security needed for them to do this but who knows what goes on.  Imagine an employee and the manager there have a hunch one of their clients has lot of crypto.  Then they go and check the deposit box to find the whole seed there.  Then aren't the person screwed?  Now if they open it and find half a seed, they still need to go to that person's other safety deposit box etc.

[Dabs]

How is splitting the seed bad?  If someone get access to the whole seed and know what it might be, then they have your coins.  If you split the seed in half, they need to find the other half.


Also i mean, make two copies of each seed split in half.  Thoughts on that?


Multiple deposit boxes.  Well imagine having four of the boxes.  Then you write seed twice and split each of them.  So if anything happens to one safety deposit box, well you have access still because you got backup copy in another safety deposit box.  If you put whole seed in one box... what if it gets broke into or things like a bank employee or employees try to open the deposit box?  Well you wouldn't even know if it was accessed.  Yes i know there is lot of security needed for them to do this but who knows what goes on.  Imagine an employee and the manager there have a hunch one of their clients has lot of crypto.  Then they go and check the deposit box to find the whole seed there.  Then aren't the person screwed?  Now if they open it and find half a seed, they still need to go to that person's other safety deposit box etc.

Don't store anything in that bank if you don't trust them. Splitting seeds is a bad idea because you set yourself up to lose access to all your coins on that seed, if you can't recover both.

This is just an opinion, you may or may not agree with it, but generally it's been said by more than several prominent OG bitcoiners other than myself that it's a bad idea.

Pick a bank you can trust won't open your box without your key or without your death certificate or something. Banks will drill them open if you die and your heirs go to them.

What kind of house do you live in? Perhaps you can just keep one copy there, buried somewhere, waterproof and fireproof and all that. Another location would be a backup.


If you really want to split seeds, for example, Ian Coleman's BIP39 seed thingy has it set up you can split the words into 3 parts, use any 2 parts to form the whole seed. Then you'd only need 3 boxes, if any one explodes on you, you'll still have 2.

https://iancoleman.io/bip39/

So as an example, for a 3 word seed: display express food.

Card 1: display express XXXX
Card 2: XXXX express food
Card 3: display XXXX food

For 12 words: place exit track clean predict oblige enroll hospital city near evolve spring

Card 1: place XXXX XXXX clean predict oblige XXXX XXXX city near evolve spring
Card 2: XXXX exit track clean XXXX oblige enroll hospital city XXXX evolve XXXX
Card 3: place exit track XXXX predict XXXX enroll hospital XXXX near XXXX spring

For 24 words: fence unlock work theme bird fatal reject country deliver retreat opera conduct pride antenna avoid regular utility spare orbit soon funny illness mix online

Card 1: fence unlock work XXXX bird fatal reject country deliver retreat XXXX XXXX XXXX antenna XXXX regular utility spare orbit soon XXXX XXXX mix XXXX
Card 2: fence XXXX XXXX theme XXXX XXXX reject XXXX XXXX XXXX opera conduct pride antenna avoid regular utility spare orbit soon funny illness XXXX online
Card 3: XXXX unlock work theme bird fatal XXXX country deliver retreat opera conduct pride XXXX avoid XXXX XXXX XXXX XXXX XXXX funny illness mix online

Time to hack with only one card: 3830854 years.


Others recommend Shamir's Secret Sharing Scheme.

I'd rather you just go make a multi-sig wallet if you were trying to do that.

[o_e_l_e_o]

Splitting seeds is a bad idea because you set yourself up to lose access to all your coins on that seed, if you can't recover both.

Splitting seeds is a bad idea if done carelessly, as is any back up method. If you do it properly then it can be both very secure and very safe, although admittedly it is much harder to do properly than just backing up a seed normally. As with any back up, only having one back up is a recipe for disaster. If you split your seed in to parts, then you need at least 2 copies of each part, all in separate locations.

If you really want to split seeds, for example, Ian Coleman's BIP39 seed thingy has it set up you can split the words into 3 parts, use any 2 parts to form the whole seed. Then you'd only need 3 boxes, if any one explodes on you, you'll still have 2.

Better to use a Shamir's scheme or similar, where you can set up any m-of-n you like, and where knowledge of any less than m parts reveals nothing about your secret. Splitting a 12 word seed in to 3 parts using Ian Coleman's method is a bad idea, since one card gives 8 out 12 words, meaning the remaining can be brute forced.

I'd rather you just go make a multi-sig wallet if you were trying to do that.

Multi-sig doesn't address the same problem as seed splitting. It is not feasible to store your 3 multi-sig keys in 3 different bank vaults, go and retrieve two of them every time you want to make a transaction, and return them securely after you are finished. And that's without tying yourself in to the larger transaction sizes and higher fees that you get with multi-sig.

[dkbit98]

Problem with Shamir Secret Sharing is that there is unavoidable single point of failure, and alternative as multisg doesn't have single point of failure.
If you have 2-of-3 multisig and you lose one of them this will not result in losing your coins, and you can verify security for multisig, something you can't do with Shamir Secret Sharing.
Only issues I see with multisig is more complexity, it is visible onchain and there are higher transaction fees (until taproot activation).

[o_e_l_e_o]

Problem with Shamir Secret Sharing is that there is unavoidable single point of failure, and alternative as multisg doesn't have single point of failure.

Can you elaborate? If I set up a 2-of-3 secret sharing scheme, where is the single point of failure? If I lose one of my shares, I can still recover my seed from the other 2 shares. Although as I said above, you should always have two back ups of everything, so a 2-of-3 scheme would necessitate 6 separate back ups, and so you could lose between 3 and 4 shares

[dkbit98]

Can you elaborate? If I set up a 2-of-3 secret sharing scheme, where is the single point of failure? If I lose one of my shares, I can still recover my seed from the other 2 shares. Although as I said above, you should always have two back ups of everything, so a 2-of-3 scheme would necessitate 6 separate back ups, and so you could lose between 3 and 4 shares

You are using single device for creating Secret Shamir splitting and again you use single device for signing of transaction, and that device can be compromised and single point of failure.
There is also an issue with No Share Revocation and No Standard Implementation as another single points of failure.
That doesn't mean Secret Shamir is all bad, but I think we should be aware of this issue.

Jameson Lopp explained it much better with more details in his blog post:
https://blog.keys.casa/shamirs-secret-sharing-security-shortcomings/

[jerry0]

How is splitting the seed bad?  If someone get access to the whole seed and know what it might be, then they have your coins.  If you split the seed in half, they need to find the other half.


Also i mean, make two copies of each seed split in half.  Thoughts on that?


Multiple deposit boxes.  Well imagine having four of the boxes.  Then you write seed twice and split each of them.  So if anything happens to one safety deposit box, well you have access still because you got backup copy in another safety deposit box.  If you put whole seed in one box... what if it gets broke into or things like a bank employee or employees try to open the deposit box?  Well you wouldn't even know if it was accessed.  Yes i know there is lot of security needed for them to do this but who knows what goes on.  Imagine an employee and the manager there have a hunch one of their clients has lot of crypto.  Then they go and check the deposit box to find the whole seed there.  Then aren't the person screwed?  Now if they open it and find half a seed, they still need to go to that person's other safety deposit box etc.

Don't store anything in that bank if you don't trust them. Splitting seeds is a bad idea because you set yourself up to lose access to all your coins on that seed, if you can't recover both.

This is just an opinion, you may or may not agree with it, but generally it's been said by more than several prominent OG bitcoiners other than myself that it's a bad idea.

Pick a bank you can trust won't open your box without your key or without your death certificate or something. Banks will drill them open if you die and your heirs go to them.

What kind of house do you live in? Perhaps you can just keep one copy there, buried somewhere, waterproof and fireproof and all that. Another location would be a backup.


If you really want to split seeds, for example, Ian Coleman's BIP39 seed thingy has it set up you can split the words into 3 parts, use any 2 parts to form the whole seed. Then you'd only need 3 boxes, if any one explodes on you, you'll still have 2.

https://iancoleman.io/bip39/

So as an example, for a 3 word seed: display express food.

Card 1: display express XXXX
Card 2: XXXX express food
Card 3: display XXXX food

For 12 words: place exit track clean predict oblige enroll hospital city near evolve spring

Card 1: place XXXX XXXX clean predict oblige XXXX XXXX city near evolve spring
Card 2: XXXX exit track clean XXXX oblige enroll hospital city XXXX evolve XXXX
Card 3: place exit track XXXX predict XXXX enroll hospital XXXX near XXXX spring

ForThe owner of this website (www.flyertalk.com) has banned the autonomous system number (ASN) your IP address is in (24940) from accessing this website.: fence unlock work theme bird fatal reject country deliver retreat opera conduct pride antenna avoid regular utility spare orbit soon funny illness mix online

Card 1: fence unlock work XXXX bird fatal reject country deliver retreat XXXX XXXX XXXX antenna XXXX regular utility spare orbit soon XXXX XXXX mix XXXX
Card 2: fence XXXX XXXX theme XXXX XXXX reject XXXX XXXX XXXX opera conduct pride antenna avoid regular utility spare orbit soon funny illness XXXX online
Card 3: XXXX unlock work theme bird fatal XXXX country deliver retreat opera conduct pride XXXX avoid XXXX XXXX XXXX XXXX XXXX funny illness mix online

Time to hack with only one card: 3830854 years.


Others recommend Shamir's Secret Sharing Scheme.

I'd rather you just go make a multi-sig wallet if you were trying to do that.

Bit confused with this.  So say you have the nano ledger s and thus the long seed.  You write those words on three different cards right and make sure its in safe place?  So even if one of them is lost/stolen... you are still good since you have the other two cards?  Thus if you have three safe deposit boxes at three different banks, this is what you could do?


What about writing it this way and keeping it in your desk drawer though and putting it in three different spots.  Is that what you suggest vs just writing the full seed and putting it in desk?


Now... what about writing each of these cards in a different lastpass/keepass and putting each card in a different gmail/dropbox? 

[Pmalek]

Now... what about writing each of these cards in a different lastpass/keepass and putting each card in a different gmail/dropbox? 

You are not supposed to store any sensitive information like that on online servers. It doesn't matter if it's Dropbox, Google Drive, or Gmail as you mentioned. You overcomplicate things to such an extent that you forget the basics. Don't store anything that can lead to you losing your funds or the access to your funds in a digital format anywhere online!

[o_e_l_e_o]

Thus if you have three safe deposit boxes at three different banks, this is what you could do?

No. Splitting your seed using Ian Coleman's method is very insecure and not recommended, as I explained above. The discovery of one of the cards is enough to brute force the remaining unknown words.

Now... what about writing each of these cards in a different lastpass/keepass and putting each card in a different gmail/dropbox?

Why do you keep asking this question? No matter how many times you ask it, the response you get will always be the same. You should not store your seed phrase online, regardless of what you think you have done to protect it. You seem hell bent on doing this, and it seems like you are waiting for someone, anyone, to say "Sure, that seems like an OK idea" so you can justify it to yourself.

If you want to do it, we can't stop you, but you are putting your coins at risk.