What's the chances like that someone recovery seeds into someone else' account?

[yat97]

I was thinking, for those people who have recovery seeds of only like 12 words or something. What would be the chance that someone who is just non-stop trying to recovery seed into another active wallet that they could be successful? It's just 12 words, not sure the math here. I assume it's really really really low... but how low? How likely? Someone who might be trying to do that, might not be after any wallet in particular, but just any wallet with crypto. I recently accessed my wallet from another computer. I assumed I was gonna also need my password I created on the previous computer but apparently not. I just typed in my recovery seed and just like that I was in. So... idk, just wondering, I'm using exodus right now, just wondering are there any wallets that also let you set a password upon recovering? Idk, I plan on switching to a 24 word seed so that should really decrease the chance. I set it to 12 words just because I thought there is no way someone can guess the seed AND the password.

[1715565993]

1715565993

[ranochigo]

Assuming that you're using a BIP39 word list, the number of possible permutation is 2048^12. Which is about 5.444x10^39. The actual security of the keys comes down to about 128bits, after excluding the checksum at the end. If you can bruteforce a million keys a second, it will take you approximately 1.7262811 x 10^26 years to finish the key space or 8.6314055 x 10^25 years for half of the key space.

Using a longer seed phrase is possible and will definitely lower the risk even more. It will just be a hassle to store such a long seed phrase while providing a little extra security.

[mk4]

Assuming that you're using a BIP39 word list, the number of possible permutation is 2048^12. Which is about 5.444x10^39. The actual security of the keys comes down to about 128bits, after excluding the checksum at the end. If you can bruteforce a million keys a second, it will take you approximately 1.7262811 x 10^26 years to finish the key space or 8.6314055 x 10^25 years for half of the key space.

In nooby words, pretty much the chances are next to impossible that we might as well say that it's impossible. If landing upon a set of recovery seed for a wallet that has funds in it wasn't super hard, people would be making mass wallet generators in the hopes of snagging some coins; but it's simple not a viable strategy.

[pooya87]

It is not about it being "12 words" but about what those words represent.
In BIP39 scheme those words each represent 11 bits of entropy with the last one also having a checksum. That means when you have 12 words you actually have a 128 bit entropy with 128 bit security. Your private keys which are 256 bit numbers also have 128 bit security.
In Electrum those 12 words represent a slightly higher entropy size of 132 bits.

So the answer is the chances are the same as guessing someone else's private key.

However if those words represented something else, such as a brainwallet where user selects words randomly on their own then the security would have been very different and much weaker.

[o_e_l_e_o]

Using a longer seed phrase is possible and will definitely lower the risk even more.

Note that using a seed phrase of more than 12 words doesn't actually improve the security of your coins or your private keys, it only improves the security of your seed phrase. Given that the secp256k1 curve that bitcoin uses produces keys of 256 bits in length with 128 bits of security, then using a seed phrase with greater than 128 bits of security doesn't change the fact that the private keys it derives will still have 128 bits of security.

Put it this way OP: Even if every single one of the 8 billion people on the planet were trying 1 billion different 12 word combinations every second (with no duplicates) and did this for 1 billion years, they would only have checked 0.07% of all possible combinations. It is impossible.

[panganib999]

It is not about it being "12 words" but about what those words represent.
In BIP39 scheme those words each represent 11 bits of entropy with the last one also having a checksum. That means when you have 12 words you actually have a 128 bit entropy with 128 bit security. Your private keys which are 256 bit numbers also have 128 bit security.
In Electrum those 12 words represent a slightly higher entropy size of 132 bits.

So the answer is the chances are the same as guessing someone else's private key.

However if those words represented something else, such as a brainwallet where user selects words randomly on their own then the security would have been very different and much weaker.

I agree. The chances are very low to have the same recovery seed phrase for others because as we all know there are a lot of words in our books right now and I think the probability of guessing the seed phrase is very low. And I've heard nothing news about it and I think the possibility is definitely very impossible. This kind of security for me is a very good one because it can gives us enough secure and dafe funds as long as we do not have some copies that might leak to someone else because in that situation it will definitely can access by others and can change your password that might lead to lost of assests and funds.

[yat97]

Okay thank you all for the replies, that def helped me not really worry about it. And especially thanks for breaking it down to nooby terms because math was never my strong suit lol.

Just gotta remind myself "Funds are Safu"