25th Word in Nano Ledger S

[jerry0]

I thought even if the passphrase... you aren't protected if you had to open your ledger live on your laptop though?  Obviously you dont write on paper on desk that said okay 0.l btc on main wallet and the rest in hidden wallet as that would be obvious.


Okay so you say delete the accounts you want to hide... and then readd them later.  So that process is very fast to do both delete and readd?  But i thought someone said if you connect your ledger to laptop and ledger live... it cold automatically rescan all accounts... is that correct?  If so, couldn't someone rescan your ledger live themselves?


Well i haven't used electrum in a while.  Again i kept my coins there but since i got nano ledger... i didn't even want to try using it anymore because of all those issues they had.  But can you or someone else confirm this with the delete and readd accounts?

[Rath_]

So that process is very fast to do both delete and readd?

Yes, it is. It takes just a few seconds for the Ledger Live to fetch your balance from their servers.

If so, couldn't someone rescan your ledger live themselves?

Ledger Live can do that only if your device is unlocked. So, if you delete accounts associated with your hidden wallet, someone would have to know your passphrase to be able to add those accounts again in the Ledger Live.

[o_e_l_e_o]

I thought even if the passphrase... you aren't protected if you had to open your ledger live on your laptop though?  Obviously you dont write on paper on desk that said okay 0.l btc on main wallet and the rest in hidden wallet as that would be obvious.

That paper example is an analogy. If you leave a wallet file on your computer called "Super secret passphrase wallet", then it is obvious. If you leave an additional account in your Ledger Live profile with 10x more coins in it than your other account, then it is obvious. If you want a wallet to be hidden, then you have to actually hide it. You can't just set a passphrase and think "Well, my coins are completely safe, now I can be totally careless with my security".

But i thought someone said if you connect your ledger to laptop and ledger live... it cold automatically rescan all accounts... is that correct?  If so, couldn't someone rescan your ledger live themselves?

If you unlock your Ledger to your basic seed phrase wallet with no additional passphrase, and someone scans for accounts, they will find any accounts (legacy, nested segwit, or native segwit) which have been created at standard derivation paths using only your seed phrase. They will not find any wallets hidden behind passphrases.

[jerry0]

I thought even if the passphrase... you aren't protected if you had to open your ledger live on your laptop though?  Obviously you dont write on paper on desk that said okay 0.l btc on main wallet and the rest in hidden wallet as that would be obvious.

That paper example is an analogy. If you leave a wallet file on your computer called "Super secret passphrase wallet", then it is obvious. If you leave an additional account in your Ledger Live profile with 10x more coins in it than your other account, then it is obvious. If you want a wallet to be hidden, then you have to actually hide it. You can't just set a passphrase and think "Well, my coins are completely safe, now I can be totally careless with my security".

But i thought someone said if you connect your ledger to laptop and ledger live... it cold automatically rescan all accounts... is that correct?  If so, couldn't someone rescan your ledger live themselves?

If you unlock your Ledger to your basic seed phrase wallet with no additional passphrase, and someone scans for accounts, they will find any accounts (legacy, nested segwit, or native segwit) which have been created at standard derivation paths using only your seed phrase. They will not find any wallets hidden behind passphrases.

If that is the case, then what someone else said was wrong then right about needing to hide your hidden account on ledger live?  Thus say you enter your pin to the regular wallet.  You go on ledger live... you see all wallets associated with that wallet and pin.  But it doesn't show the hidden wallet right?  Example say your main wallet had 0.3 btc but your hidden wallet had 2.7 btc since you sent 90 percent of it from your main wallet to hidden wallet. 


So if you log in your nano ledger with your second pin... then access ledger live... what accounts do you see?  I assume you see all wallets even the main one right?  But if you log in with the regular wallet pin... you don't see the hidden wallet?  Or is that still visible?  Because you mention this... but someone else says they think it works another way.


Also if someone were to scan your ledger live... let say they do this when you already entered your regular pin into the wallet... could they find the hidden wallets when your nano ledger is connected to the laptop?  Also when you add accounts on ledger live... the only way to add it is if a nano ledger s is connected to it right and it scans that nano ledger s for it?  Thus its not possible for you or someone to add accounts or scan for old accounts unless the nano ledger s is connected to it right? 

[o_e_l_e_o]

But it doesn't show the hidden wallet right?

It will show your hidden account if you have added it to Ledger Live. You can open Ledger Live without your Ledger device attached and see all the accounts added to it. If you don't want it to show your hidden account when you open Ledger Live, then you need to delete that account from Ledger Live and only re-add at when you want to use it. You will need to attach your Ledger device with the passphrase enabled (either through manually entering it or through unlocking with your secondary PIN) to re-add your hidden account.

So if you log in your nano ledger with your second pin... then access ledger live... what accounts do you see?

You will see all the accounts you have added to Ledger Live at all times, regardless of what device is attached at the time. Once again, if you want to hide an account, you must delete it from Ledger Live.

Also if someone were to scan your ledger live... let say they do this when you already entered your regular pin into the wallet... could they find the hidden wallets when your nano ledger is connected to the laptop?

Not unless there is some massive flaw in your Ledger hardware device.

Also when you add accounts on ledger live... the only way to add it is if a nano ledger s is connected to it right and it scans that nano ledger s for it?  Thus its not possible for you or someone to add accounts or scan for old accounts unless the nano ledger s is connected to it right?

As far as I am aware, this is correct.

[Pmalek]

If that is the case, then what someone else said was wrong then right about needing to hide your hidden account on ledger live?  Thus say you enter your pin to the regular wallet.  You go on ledger live... you see all wallets associated with that wallet and pin.  But it doesn't show the hidden wallet right?

I was the one who said that. But as I mentioned in my second post, you need to manually delete your hidden account in the Ledger Live software. After you have done that, your hidden wallet will no longer be visible. The only way for someone to see it again, is if you login to your passphrase-protected wallet and re-add the hidden account in your portfolio. When you do that, you are back to square one. All your accounts, including the hidden account will become visible again in LL with your normal PIN or the passphrase/secondary PIN. To hide it, delete the hidden account just like you did the first time.       

So if you log in your nano ledger with your second pin... then access ledger live... what accounts do you see?  I assume you see all wallets even the main one right? 

Yes, you will see all of them. Because they are all available in your portfolio in LL. You have to manually delete those you don't want to see. ​

But if you log in with the regular wallet pin... you don't see the hidden wallet?  Or is that still visible?

You will see it if you didn't delete the account in LL. If you deleted the account, it won't be visible.

Also if someone were to scan your ledger live... let say they do this when you already entered your regular pin into the wallet... could they find the hidden wallets when your nano ledger is connected to the laptop? 

If you deleted the hidden account, they wouldn't be able to see it. 

[jerry0]

But it doesn't show the hidden wallet right?

It will show your hidden account if you have added it to Ledger Live. You can open Ledger Live without your Ledger device attached and see all the accounts added to it. If you don't want it to show your hidden account when you open Ledger Live, then you need to delete that account from Ledger Live and only re-add at when you want to use it. You will need to attach your Ledger device with the passphrase enabled (either through manually entering it or through unlocking with your secondary PIN) to re-add your hidden account.

So if you log in your nano ledger with your second pin... then access ledger live... what accounts do you see?

You will see all the accounts you have added to Ledger Live at all times, regardless of what device is attached at the time. Once again, if you want to hide an account, you must delete it from Ledger Live.

Also if someone were to scan your ledger live... let say they do this when you already entered your regular pin into the wallet... could they find the hidden wallets when your nano ledger is connected to the laptop?

Not unless there is some massive flaw in your Ledger hardware device.

Also when you add accounts on ledger live... the only way to add it is if a nano ledger s is connected to it right and it scans that nano ledger s for it?  Thus its not possible for you or someone to add accounts or scan for old accounts unless the nano ledger s is connected to it right?

As far as I am aware, this is correct.

Okay in other words... you are saying... once you delete all your accounts in ledger live.  It is impossible to re-add those accounts or any accounts unless you have a nano ledger s connected to it during the process right?   You mention this if you have a passphrase.  But in my earlier example in my other thread... where i had to restore an old seed into a replacement nano ledger s.... remember i didn't have that extra passphrase... after i entered in my seed and it showed processing and correct... I recall before that... I didn't delete any accounts in the accounts tab.  But once I deleted them.  I then re-added them and the same ones and balances showed up.  So whether passphrase or not... if you ever delete the accounts in ledger live... the only way to ever re-add any accounts in ledger live is connect a nano ledger to it right?  Thus right now, you can obviously delete the accounts in ledger live without connecting your nano ledger right?  But when you click add accounts... you need to have a nano ledger connected to it?  You say as far as i am aware, this is correct.
Can anyone here CONFIRM this part?



So for the second part.  I want to make sure i have this correct.  You have no hidden wallet... just your regular pin.  It shows all your accounts there.  You could delete it anytime.  But when you log in ledger live... it still won't be there... but if you rescan... all those accounts will show up right?



Now say you have hidden wallet with that second pin and passphrase.  You log in ledger live with that.  It shows only your hidden account/balances.  You can obviously delete it the same way as like a regular pin/wallet.  But if you click on add accounts.. then those hidden wallets will show up right? Also is the term add accounts or rescan or re-add or its the same word?  There isn't like two ways of doing it right... like add accounts and
re-add accounts?



So having the passphrase/second pin makes you have a hidden wallet so unless you reveal to someone you have that hidden wallet... they won't know unless the are aware of hidden wallets right?  Because if you had to connect your nano ledger to your laptop and enter pin... then it show say 0.3 btc in the wallet.  But if they see oh wait a minute, this person transferred 2.7 btc to another wallet weeks ago or months ago... do most know its linked and you probably have access to those btc as well?  What would they do?  Check on that transaction ticket to see if any of that btc got moved or not?  Like if it did and many transactions, then okay it got sent to exchange since those exchanges always move the btc?  But if no transactions took place, then they know you have to have a hidden wallet.  Is that correct? 



So basically if you have a hidden wallet, its nice because to the regular thief who isn't tech savy, they see 0.3 btc and thats it right?  But if they tech savy, they would look at all your entire transactions on ledger live... but not only that... check the transactions of each one to see if any of those btc got moved right?  Is the term moved?  So if they see they got moved... then okay this person doesn't have the btc anymore so he has no hidden wallet?


So basically even using electrum as watching only wallet doesn't really protect you if you use that as oppose to ledger live?  Thus you need to use a mixer l00% to move those coins?  Also, how would someone move them smartly?  Example they got 3 btc total.  They want to move say 90% or 2.7 btc to a hidden wallet.  This person should do how many transactions to the hidden wallet?  Like l0 of them etc ranging from like
0.l btc to 0.5btc to not make it look suspicious?  But if you use mixer, you can't just send the entire 2.7 btc at once?  Thus to save on sending fees?  Now obviously sending fees shouldn't mean much if you sending that much type of money.  But say you were to cashout that 2.7 btc to coinbase, well you could literally send it at once and cash out.  And if they check transaction history, they see it then got moved by coinbase right?  So whats difference between that and the mixer?

[HCP]

This is a lot complicated than it looks then.  I mean i thought the passphrase would be protecting you with your hidden wallet but if you use ledger live which i assume majority of people do... then you can't do that. 

It does protect your hidden wallet...

The fact that you say log into ledger live and click on add accounts and thats all it scan everything, how does even this passphrase even protect you much then? 

Because it doesn't work like that...


When you unlock your Ledger Nano S/X, you do it in one of three ways...

1. Normal PIN... this unlocks the "default" wallet (ie. 24 word seed)
2. Using "2nd PIN" (if enabled)... this unlocks the "hidden" wallet (ie. 24 word seed + "saved" BIP39 passphrase)
3. Using Normal PIN + "Temp Passphrase" functionality... this unlocks a "hidden" wallet (ie. 24 word seed + entered BIP39 passphrase)

Assuming you have no accounts loaded in Ledger Live (ie. new install, or you deleted everything or "Reset" Ledger Live)... when you "Scan" accounts... Ledger Live will only be able to "see" the accounts that are associated to the current "seed"... which is dependent on how you unlocked it (PIN, 2nd PIN or PIN+temp passphrase).

If you leave those accounts in Ledger Live... disconnect your device and then reconnect it and unlock it with a different method... you'll then be able to see the accounts of the previous method AND the new method.


So, if you want your "hidden" wallet to stay hidden...

1. Setup Ledger Live with your "Normal" PIN wallet/accounts
2. When you want to see your "hidden" wallet, unlock device with 2nd PIN (or normal PIN + temp passphrase), add the "hidden" accounts
3. Do whatever you need with "hidden" wallet (check balance, get receive address, send coins whatever)
4. DELETE the "hidden" wallet accounts from Ledger Live
5. Disconnect the device

Now, if someone opens your Ledger Live... they'll only see your "normal" wallet accounts.

This setup requires you to be methodical and remember to remove the hidden accounts if you ever add them... or, you could simply just completely reset Ledger Live every time you have finished using it and it will wipe everything for you.

If someone forces you to hand over PIN, when they rescan in (empty) Ledger Live, they only see the "normal" wallet accounts... your "hidden" accounts will not show.

[jerry0]

Thanks HCP for that long response.


Still not sure if its good idea to have this 25th Word or not.  I mean what you described with just deleting each time from ledger live... that seems very tempting to do.


But i also hear about people forgetting their 25th Word/passphrase as well.  But then again, you could literally type that in password manager and store it in the cloud right?  You have to say... that is probably safe to do as long as your seed phrase is in written form whether on paper in apartment/house or in multiple safe deposit boxes right?

[o_e_l_e_o]

Still not sure if its good idea to have this 25th Word or not.

The only downside is it gives you one more thing to back up. Otherwise, it gives you more security, plausible deniability, helps keep coins separate, can help improve your privacy, can help protect against brute force attacks, the list goes on. I would suggest everyone with a hardware wallet should be using multiple passphrases.

But then again, you could literally type that in password manager and store it in the cloud right?

Do you have shares in a cloud storage company? Why do you repeatedly and constantly bring up the idea of storing your wallet file, seed phrase, passphrase, whatever, in the cloud? Everyone here has told you multiple times why this is a bad idea. All the advice from every major wallet is to back things up non-electronically. The correct course of action is store your seed phrase and your passphrases physically (such as on paper or metal) but separately, so if one is stolen the thief still cannot access your coins.

No one is going to agree that storing any part of your back up on the cloud is a good idea, regardless of how many times you ask. I have a feeling you will do it anyway.

[jerry0]

Still not sure if its good idea to have this 25th Word or not.

The only downside is it gives you one more thing to back up. Otherwise, it gives you more security, plausible deniability, helps keep coins separate, can help improve your privacy, can help protect against brute force attacks, the list goes on. I would suggest everyone with a hardware wallet should be using multiple passphrases.

But then again, you could literally type that in password manager and store it in the cloud right?

Do you have shares in a cloud storage company? Why do you repeatedly and constantly bring up the idea of storing your wallet file, seed phrase, passphrase, whatever, in the cloud? Everyone here has told you multiple times why this is a bad idea. All the advice from every major wallet is to back things up non-electronically. The correct course of action is store your seed phrase and your passphrases physically (such as on paper or metal) but separately, so if one is stolen the thief still cannot access your coins.

No one is going to agree that storing any part of your back up on the cloud is a good idea, regardless of how many times you ask. I have a feeling you will do it anyway.

Wait so people who use passphrases have multiple passphrases?  So you mean they have a main wallet with their nano ledger... but also have more than one hidden wallet in it?  I thought it was like if someone had hidden wallet.. it was just one?




I get the it gives you more security.  But haven't people messed it up by having this passphrase either by screwing it up or forgetting password etc? 




I did hear people say the most things you do, the more you would get confused etc.  So someone that only has their regular nano ledger seed and their nano ledger... if they were to create a passphrase now, that would be simple.  My concern is when they start sending the big portion of their btc balance to the hidden wallet, there might be something going wrong etc.  Like its safe creating a passphrase/pin for it.  Then send tiny bit of btc to it to test.  Then once you do that, log in your nano ledger with your original pin and see your main balance.  Then unplug...log in with the other pin/password... then see your tiny balance for now... once its there.  Then unplug from laptop, and then plug back in and put in original pin to log in main wallet, then send majority to the hidden wallet right?



Also, wouldn't you need to literally copy/paste that btc address you sent to in the first test transfer?  Since when you connect to your original pin and ready to send the rest of your btc to the new hidden wallet, well you can't see the hidden wallet address since you only have just 1 nano ledger s instead of 2?  Or do most people who do this... usually have just 1 ledger nano?  Like imagine someone who have just 1 ledger nano device and then go... wait i want to create a hidden wallet and send most of my current balance there.  Seems like a silly mistake could happen when doing this with just one device or not?



Well I stored it in the cloud a while back and I didn't have issues though.  Again, I did mention i put it in password manager, so in order to get in, you need that password for that.  But you also need my cloud username and password etc.  But i know the main issue is if you get malware/keylogger, then that is very bad etc. Well I mentioned... i thought cloud seems great since any theft or fire... you are protected against.



What about people who say they store it in usb drives and encrypt it?  Isn't that bad as well since when they say this, they mean they typing the seed in wordpad or something and then encrypting their usb stick?  Since doing just this means you put your seed at risk since you are typing the seed on the keyboard?  I assume if one wants to store their seed in multiple usb sticks, either store it in password manager and then encrypt their usb stick so they have two forms of security?  Or they could type seed in wordpad and encrypt it with say axcrypt?  Then encrypt usb so still two forms of security?  But if you don't put it in the cloud and encrypt it in multiple usb flash drives, you would agree better with password manager then wordpad encrypted right?

[o_e_l_e_o]

Wait so people who use passphrases have multiple passphrases?

Not everyone, but it's a good thing to do.

I thought it was like if someone had hidden wallet.. it was just one?

You can only set up one secondary PIN with a passphrase attached, but you can use multiple passphrases but using the "set temporary" option instead.

I get the it gives you more security.  But haven't people messed it up by having this passphrase either by screwing it up or forgetting password etc?

Sure, which is why I said you must back up your passphrases.

Like its safe creating a passphrase/pin for it.  Then send tiny bit of btc to it to test.  Then once you do that, log in your nano ledger with your original pin and see your main balance.  Then unplug...log in with the other pin/password... then see your tiny balance for now... once its there.  Then unplug from laptop, and then plug back in and put in original pin to log in main wallet, then send majority to the hidden wallet right?

That is one way of doing it. Usually when I set up a new passphrase I simply enter the passphrase, open the new wallet, note down the first address, reset everything, enter the passphrase a second time, open the new wallet a second time, and check the first address matches. If it does, I'm pretty happy to start sending coins to that wallet, confident I am using the passphrase I think I am.

Also, wouldn't you need to literally copy/paste that btc address you sent to in the first test transfer?

Yes. Copy from the passphrased wallet to a text editor and double check nothing has changed, then open your main wallet and copy from the text editor in to the "send" field and again double check that nothing has changed. Once you have made your first successful test transaction, then you can simply copy the address from your main wallet's sent transaction history.

Well I stored it in the cloud a while back and I didn't have issues though.

"I've driven my whole life without a seat belt and I am still alive therefore it is safe to do this." Just because you haven't ran in to problems yet doesn't make it a good idea.

What about people who say they store it in usb drives and encrypt it?

This is only an acceptable option if you have a permanently airgapped computer with no persistent storage running a live OS using open source and secure encryption methods. Since most people cannot do this properly, then for most people it is a bad idea. I would include you in this "most people" category, since you are suggesting using a program (axcrypt) which is proprietary, closed source, and has adware bundled with it, and is therefore a very insecure choice.

[Pmalek]

Still not sure if its good idea to have this 25th Word or not.  I mean what you described with just deleting each time from ledger live... that seems very tempting to do.

Deleting an account on Ledger Live is as easy as turning the lights off before you go to bed, or locking your door when you leave your house.

But i also hear about people forgetting their 25th Word/passphrase as well. 

You are not supposed to memorize it, you are supposed to WRITE IT DOWN ON PAPER.

But then again, you could literally type that in password manager and store it in the cloud right?  You have to say... that is probably safe to do as long as your seed phrase is in written form whether on paper in apartment/house or in multiple safe deposit boxes right?

This is just sad...

I get the it gives you more security.  But haven't people messed it up by having this passphrase either by screwing it up or forgetting password etc?

Extending your seed with a passphrase isn't recommended for everyone. it's an advanced feature. People mess up and get hit by cars daily, but still the whole world enjoys having a walk. Take the required steps being suggested to you so you wont mess up.     

What about people who say they store it in usb drives and encrypt it?

USB drives, hard disks, and CDs break and fail. You are again suggesting a digital way of storing sensitive area instead of listening to years of suggestions. Don't you live in a humid region? I remember you had problems with the display on your Nano S and eventually it broke. The same can happen to your USB sticks.

[jerry0]

Okay so with usb stick etc, you say airgapped computer required, then obviously i can't do this.


Yea seems like almost everyone hates the idea of storing seed in password manager in cloud.


The extending your seed thing... i know its an advanced step but for some reason i just dont feel comfortable doing it with one device for some reason. 


Are you people storing passphrase in different location from your seed then?  Yea i know you should always write passphrase down just in case.  So its like you need to make sure this word is far away from your seed?  Then again, i got to assume people have it in their home as well with their seed but different location?


I use axcrypt to encrypt many of my documents.  That isn't safe at all?  I had no idea about open/close source but i always heard open is better. 


Yea i know usb stick, hard drive etc fails.  But the way people say keep multiple backups, it seems like ppl say just backup your seed in multiple usb sticks encrypted etc.  So it would be hard for all of those sticks to go bad... say imagine you had three of them etc.  Yea i know its digital way.. big difference is though its not uploaded to the cloud.  But of course you connect to a computer that might have malware/keylogger... then that isn't good.


I am in a hot/humid region throughout the year, thats correct.  But someone mentioned you could also put it in a airtight container with those gel packs to keep moisture out so thats a way to protect it.

[HCP]

Aaaaaaaaaand we're back to square 1.

Mate... if you want to put your seed in a cloud-based password manager... and you're comfortable with the associated risks of doing so, then go for it... millions of people do exactly the same with their logins to banks/email/websites etc... what could possibly go wrong? 

If you want to encrypt it with Axcrypt, and you're comfortable with the associated risks of doing so, then go for it...

Stop asking the same questions over and over again. They have all been answered multiple times.


We're going to say "store it offline", you say "what about USB?", people say "they fail", you say "what about using multiple ones? or what about using gel packs in an airtight container?"

Honestly, there are risks involved with EVERYTHING... you are not going to find a 100% failsafe solution to any of this.

- Human memory is "bad" and can fail
- Paper can be destroyed by fire/water
- Metal plates can be found/stolen
- Safety deposit boxes can be seized
- Online cloud storage can be hacked

You name ANY way of storing your seed and/or passphrase and I can probably name at least 5 ways that it can fail or be lost or stolen or hacked.

Just pick one that YOU are comfortable with... if that is an online password manager, then great! good for you... be happy, log out from Bitcointalk and go for a walk, touch some grass, get some fresh air... stop worrying about your seed/passphrase so much

[jerry0]

Hey HCP, yea i know almost everyone hates my idea of storing it in the cloud.  But obviously im not doing it the worst way possible... which would be unloading a document or picture unencrypted... in the cloud.... that would be probably the worst idea.  The same as if you just type it in wordpad and leave it on computer unecrypted etc. 



My method was... store it in password manager.. and upload it to cloud like dropbox/gmail.  No axcrypt.  I mentioned axcrypt because if someone types it in document... you use axcrpypt to encrypt it.  With password manager, well its already encrypted with your password manager.



Yea human memory is bad and will fail.  I got to wonder... what percentage of ppl actually remember the password in their head?  Some people say its easy if you keep repeating it everyday... that to me is beyond silly don't you agree?  I mean the seed is a damn 24 words.  I could see someone possibly doing this as use their memory if its 12 words... but double that is just ridiculous.  That to me is probably the worst way to do it even worst than storing it in the cloud unencrypted or taking a picture because you will easily forget it.


Paper can be destroyed by fire/water.  Yep.  And yea metal plates... i mean it probably looks important so it must mean something.


I didn't really even think about the safe deposit boxes can be seized until recently.  I only thought about it being drilled without owner consent by mistake or like the owner didn't pay the fee... or theft.  But i heard theft is much more rare on safe deposit boxes.


Online cloud storage... yea i know it can be hacked.



Can you give me at least 5 ways it can be fail or lost/stolen/damaged with safe deposit box though?  I could think of theft, drilled incorrectly, owner didn't pay the yearly fee, government seizure... and the bank manager/employee stealing.  So that is 5.  Is that the 5 ways you are also thinking or could you think of another reason for it?  But the main thing that you need to be concerned here is seizure... because with the other situations... they only get half your seed... not your full seed though so that isn't going to do them much with have a ledger seed right?






So let say you are not concerned about seizure.  If no concern for that, the multiple safe deposit boxes with seed broke in half in two different safety boxes probably would be best right?  Come to think of it... having a passphrase would pretty much secure it almost always here right?  Let say you type your passphrase in multiple usb sticks encrypted and even upload it in the cloud?  Then aren't you pretty safe then?



I also just thought about one last idea.  I know you going to hate it because well its an online cloud solution.  But you get a brand new computer or wiped computer... download password manager.  Enter half your seed on it.  Then upload it to dropbox or gmail.  Then you do the same thing with the other half of the seed in another password manager but do this with another dropbox/gmail of yours.  Then to make it even more secure, get a passphrase and put that in a different password manager copy.  While you are doing this, make sure this device is a brand new or wiped laptop. 



Then whenever you want to access your seed... only use this computer to or get a computer that is fully wiped... before logging into dropbox/gmail to access this in the cloud.  Obviously this is tedious and cost you more money if want an extra computer ... but wouldn't this make it pretty damn secure?  You got three different dropbox/gmail email accounts where you store the seeds broken in two and passphrase in the other.  So someone will need to hack all three of your cloud accounts... in order to access your seed.  And remember, they need to know each of your three email usernames and passwords... and of course your password manager password.  Though i probably would uses same password for all three password manager.  But they going to need to know all three different emails of yours.  Isn't this a damn tough task?  Think about it... imagine you only log into those dropbox/gmail accounts only to access your seed and you only do it on your clean machine. 



The only thing is you need to make sure you never forget your three email addresses and passwords and of course your password manager password.  That isn't that bad right?  I mean you could even write your passwords in your safe deposit boxes as well.  But they won't know what is the email connected to each of them.  And its not hard to remember three email address accounts.  And remembering your password manager password should be something you shouldn't forget if you use it for a while.


Do you see a flaw with this though? 


I would like to know has there been people who put their seed in multiple safe deposit boxes like in two of them broken in half and got their seed compromised?  I don't think i ever heard a case like this ever which make me think this is probably the way to go.

[moderator's note: consecutive posts merged]

[HCP]

Oh FFS... you just don't get it do you?

OK, I'll make it easy for you... split your seed in half, put it in a separate safety deposit boxes. Encrypt your passphrase using Axcrypt, store it on multiple USBs stored in separate airtight boxes with gel packs.

"HCP said so, so it must be safe" /s


Are you happy now?


EDIT: just in case it wasn't clear to anyone... this post was total sarcasm.

[o_e_l_e_o]

Some people say its easy if you keep repeating it everyday... that to me is beyond silly don't you agree?

The only thing is you need to make sure you never forget your three email addresses and passwords and of course your password manager password.

So remembering a seed is "beyond silly", but remembering three different email addresses and four different passwords is totally fine and secure?

Do you see a flaw with this though?

For the n^th + 1 time: Cloud. Storage. Is. Not. Safe.

I would like to know has there been people who put their seed in multiple safe deposit boxes like in two of them broken in half and got their seed compromised?  I don't think i ever heard a case like this ever which make me think this is probably the way to go.

GREAT! You've finally settled on a solution. Just go and do it.

I've got to wonder how you've been storing your seed(s) for the last 7-8 years you've been involved in bitcoin. I've also got to wonder how you manage to buy and send bitcoin at all considering you have now spent literally years complicating a process which is as simple as writing 12 words on a piece of paper and putting them somewhere safe.

[Pmalek]

The extending your seed thing... i know its an advanced step but for some reason i just dont feel comfortable doing it with one device for some reason.

No one is forcing you to do it. You are the one putting unnecessary pressure on yourself to have a passphrase while you are still struggling with the basics. 

Are you people storing passphrase in different location from your seed then?  Yea i know you should always write passphrase down just in case.  So its like you need to make sure this word is far away from your seed?

Yes, they have to be separate one from the other. There is no purpose in having a passphrase to prove an additional layer of security if that security can be compromised by finding both the seed and passphrase on the same paper.   

But the way people say keep multiple backups, it seems like ppl say just backup your seed in multiple usb sticks encrypted etc. 

No one has said or recommended that to you. But for some reason, your brain understands tips like don't store your seed online or in a digital format as keep your seed on a password manager or USB drive. 

But someone mentioned you could also put it in a airtight container with those gel packs to keep moisture out so thats a way to protect it.

Or even better, don't store your seed on a USB drive.

Yea human memory is bad and will fail.  I got to wonder... what percentage of ppl actually remember the password in their head?

For the love of God, how would HCP or anyone else possible know that?   

I also just thought about one last idea.  I know you going to hate it because well its an online cloud solution.  But you get a brand new computer or wiped computer... download password manager.  Enter half your seed on it.  Then upload it to dropbox or gmail.  Then you do the same thing with the other half of the seed in another password manager but do this with another dropbox/gmail of yours.  Then to make it even more secure, get a passphrase and put that in a different password manager copy.  While you are doing this, make sure this device is a brand new or wiped laptop.

That's the way to do it, please do that.   

The only thing is you need to make sure you never forget your three email addresses and passwords and of course your password manager password.  That isn't that bad right?

No, it's revolutionary. Why memorize just one passphrase, when you can memorize 3 email addresses and their 3 passwords + the password of your password manager.

Do you see a flaw with this though?

None, whatsoever. It's so fulfilling to see that you have adopted so much knowledge in all these years. You were just a baby when you came here, and no you are ready to take on the world. 

[jerry0]

Some people say its easy if you keep repeating it everyday... that to me is beyond silly don't you agree?

The only thing is you need to make sure you never forget your three email addresses and passwords and of course your password manager password.

So remembering a seed is "beyond silly", but remembering three different email addresses and four different passwords is totally fine and secure?

Do you see a flaw with this though?

For the n^th + 1 time: Cloud. Storage. Is. Not. Safe.

I would like to know has there been people who put their seed in multiple safe deposit boxes like in two of them broken in half and got their seed compromised?  I don't think i ever heard a case like this ever which make me think this is probably the way to go.

GREAT! You've finally settled on a solution. Just go and do it.

I've got to wonder how you've been storing your seed(s) for the last 7-8 years you've been involved in bitcoin. I've also got to wonder how you manage to buy and send bitcoin at all considering you have now spent literally years complicating a process which is as simple as writing 12 words on a piece of paper and putting them somewhere safe.

I was storing my seed first on paper... then storing it in the cloud.  Then in other location on paper.  I do however many times put it back in the cloud.  Yes for some reason, i like storing it in the cloud.  I know everyone hates this reason.  Also imagine you consistently abroad and don't really have a permanent address back home in the US, its like you are limited so to speak don't you agree.  So i stay with friends because of this when i come back home temporarily.  I carry my ledger with me when i travel, but the seed, i am not carrying it on piece of paper with me etc.  I mean imagine you lose it or for some reason customs seizes your stuff and check your stuff and say they go through your wallet and see those paper and know what it is.  They could literally write it down or take picture or something... then what?  Only way i would every bring my seed on piece of paper when traveling would be if i do a passphrase.  You agree on that right?  Would any of you here feel comfortable carrying your seed on paper when flying etc?  Imagine just getting searched for no reason etc.



I used to use electrum to send/receive.  It was very easy for me to send/receive with electrum as i found it very simple to use.  I did have issues though with like asking questions such as how to change sending fees and receiving addresses.  But i found it much simpler than ledger live.  Back then when electrum had updates, i just updated it.  Then when those phishing attempts happen, i tried to not log into electrum until i got a hardware wallet.  



Back then writing the electrum seed, i didn't think much of it because well btc wasn't worth much at all back then.  I even carried with me at times but that a while back.  Then i though... storing it in password manager is lot easier because everything is online etc.