Blockchain wallet minimum password length in 2013

[the joint]

Does anyone know the following:

1) Did Blockchain wallet have a minimum character password length requirement in 2013?  (I believe it’s 10 words now.)

2) Was the 12-word recovery phrase mandatory in 2013?

3) If so, were these 12 words given to you, or did the user have the ability to choose them?

Thanks!

[hosseinimr93]

The 12-word seed phrase (which is BIP39) is given to users after their upgrade in 2016.
Wallets created before that upgrade didn't have that kind of recovery phrase. Instead, they had a recovery phrase including 16-17 words that isn't supported by any other wallet.

3) If so, were these 12 words given to you, or did the user have the ability to choose them?

The seed phrase is generated by the wallet.

[the joint]

The 12-word seed phrase (which is BIP39) is given to users after their upgrade in 2016.
Wallets created before that upgrade didn't have that kind of recovery phrase. Instead, they had a recovery phrase including 16-17 words that isn't supported by any other wallet.

3) If so, were these 12 words given to you, or did the user have the ability to choose them?

The seed phrase is generated by the wallet.

Super helpful, thank you.

Any idea about the minimum password length by chance?

[OmegaStarScream]

Super helpful, thank you.

Any idea about the minimum password length by chance?

I found this:

As of January of 2018, Blockchain.info enforces the following requirements on new accounts:

- Passwords must be at least 10 characters long
- Certain strings (“1234567890”, “abcdefghij”, the same letter repeated 10 times) are not allowed

This appears to be largely the same set of criteria that the company required in January of 2012, when they wrote: “We require a password of at least 10 characters in length to ensure that even if our database is compromised your wallet will remain secure.”

At the risk of stating the obvious, this means that whatever password you chose for your Blockchain wallet is at least 10 characters long.

Update: However, in February of 2021 we discovered a 2017 Blockchain password that was only 9 characters long. So, if your Blockchain password was created earlier than January of 2018, a shorter password length is possible.

Try to email Dave from WalletRecoveryServices. He has been dealing with all types of wallets since 2013, so he may be able to give you a more accurate answer.

[Charles-Tim]

3) If so, were these 12 words given to you, or did the user have the ability to choose them?

If the 12 words are given to you, that means the person or company that gives you the seed phrase will have it and have access to your bitcoin and steal it. Wallet will generate you seed phrase in a way only you will know the seed words. That is why it is good to use open source wallets like Electrum because close source wallets can be malacious in a way malware can be included in a way the wallet will generate already known seed phrase or seed phrase that can be know to the developers of the wallet.

My comment is based on you not to reveal your seed phrase to anyone.

[the joint]

Super helpful, thank you.

Any idea about the minimum password length by chance?

I found this:

As of January of 2018, Blockchain.info enforces the following requirements on new accounts:

- Passwords must be at least 10 characters long
- Certain strings (“1234567890”, “abcdefghij”, the same letter repeated 10 times) are not allowed

This appears to be largely the same set of criteria that the company required in January of 2012, when they wrote: “We require a password of at least 10 characters in length to ensure that even if our database is compromised your wallet will remain secure.”

At the risk of stating the obvious, this means that whatever password you chose for your Blockchain wallet is at least 10 characters long.

Update: However, in February of 2021 we discovered a 2017 Blockchain password that was only 9 characters long. So, if your Blockchain password was created earlier than January of 2018, a shorter password length is possible.

Try to email Dave from WalletRecoveryServices. He has been dealing with all types of wallets since 2013, so he may be able to give you a more accurate answer.

Thanks! I also found this same information previously.  I’ve spoken with Dave before about this wallet, I’ll reach out to him again.

[hosseinimr93]

I just wasn’t sure if users had an option to select their own seed phrase back then.

Technically, it's possible to have a wallet with your own selected words, but since people can't be good at generating random words, that's not recommended. It's better to let the seed phrase to be generated by the wallet.

Anyway, if you want to have your own words, there are two requirements.

1. The words must be selected from the BIP39 words list.
2. The 12th word should be selected in a way, so the checksum is passed. This can be achieved with brute-forcing the 12th word.

After having your own words, you can import them into any wallet supporting BIP39 seed phrases.
Electrum allows you to import the words, even if the checksum is failed. But it's not recommended, because it's not standard.


As already said, it's not recommended to select the words and you should let the words to be generated randomly. It would be more secure if the words are generated by a open-source wallet.