Looking for a way to add extra security

[Kalchef]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

[Poker Player]

This would have been better if you had asked this question on a technical board but I will report the thread to you so that it can be moved.

I would not recommend it, unless when you create the document and compress it, you do it offline and you are 100% sure that you don't have any virus or anything on your PC.

Also, how are you going to save the strong password? Written down? For that I think you better save the written seeds in a secure physical location and that's it.

[gagux123]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

No problem, no need to apologize for asking this question.

So I would like to share with you what little knowledge I have on this subject.

I believe this is not the best way to store your seeds. Because I believe that there is a possibility of someone breaking the password using brute force, NSIS or something like that.

Some tips I'd like to share

Use 2 or more wallets to fractionate and store your crypto assets, so if you lose your seed or suffer a phishing, your loss will be limited.

Try to store 15 or 20 of the seeds on some paper, and the rest of the seed, try to store it somewhere different, like a tattoo (I know this is weird, but some time ago I saw that someone did this)

Buy a cryptosteel plate, store your seeds there, and bury it somewhere

If you are interested in wanting to store your seeds on a computer, I advise you to use a computer that does not have internet access and you do not use that PC much.

I hope I was helpfull!

[cryptoaddictchie]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

Everything that input on a computer is prone to brute force attack even though we are careful. But securing it on a piece of paper and laminated it then stored to a safe keep in your place would prevent you from being hacked by others. Provided you keep it safely on your house without possible wet encountered or any  that might damage the copy of your seed phrase.

[mk4]

Only do that if you know how to do it on an air-gapped device; like on this[1] guide by Sowik. If not, stay away from digital recovery phrase storage 100%.

[1] https://bitcointalk.org/index.php?topic=2828437.0

[lovesmayfamilis]

I always thought that people like to be very paranoid about their bitcoins.  I agree that you need to worry about the storage of your code phrase and engrave it on some solid metal if a person has really big money. But I do not believe that everyone here is rich, so everyone needs to drip out their keys on uninhabited islands.
Enough for a few flash drives, or, just a record that will not fade with time.
There is a good saying that 99% of things that we worry about, most of them never happen.
Do not fuss, but just be careful.

[tranthidung]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

Basically, you should not store your back up on digital devices. It is worse if you connect those devices to the Internet too often.

Better methods are

• Using air-gapped computer to store your wallet. [Guide] Secure air-gapped crypto wallet storage method
• Use steel plates, etc to store your keys/seeds. Crypto Security - Additional Protection For Your Seed/Private Keys.
• Make sure you know how to use a strong password. [GUIDE] How to Create a Strong/Secure Password. Additionally, use password managers such as
  
  • KeePass: https://keepass.info/
  • KeePassDroid (KeePass for Android): https://play.google.com/store/apps/details?hl=en&id=com.android.keepass
  • bitwarden: https://bitwarden.com/

[pooya87]

There is a good saying that 99% of things that we worry about, most of them never happen.

I don't think it is a good idea to make security related decisions based on statistics simply due to the fact that just because someone hasn't happened before it doesn't mean it won't happen to you. For example Bittrex exchange never scammed anyone until they scammed thousands of users overnight.

It is always best to consider all possibilities and think of ways to prevent them. For example my USB disk that is 15 years old is still working and has never had any issues and I have some files on it as backup but that doesn't mean I trust it won't ever break. So I keep other backups too.

[o_e_l_e_o]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

It's not safe for a number of reasons. The data for the unprotected seed phrase will still exist on your hard drive, even if you immediately delete it, and could be fairly easily recovered later. You are trusting that the computer you use it on is clean and free of malware. You are trusting the encryption implementation of WinZip. You are trusting the storage medium you are using.

You should only be using digital backs up if you create them using a permanently airgapped device and you really know what you are doing. Otherwise, just stick to writing down your seed phrase on paper.

Try to store 15 or 20 of the seeds on some paper, and the rest of the seed, try to store it somewhere different, like a tattoo (I know this is weird, but some time ago I saw that someone did this)

Splitting up your seed phrase like this is a bad idea and almost certainly doesn't achieve the additional security you think it would. If you want to add more security to your wallet, then use a standard method such as additional passphrases or multi-sig.

[ABCbits]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

It's not safe for a number of reasons. The data for the unprotected seed phrase will still exist on your hard drive, even if you immediately delete it, and could be fairly easily recovered later. You are trusting that the computer you use it on is clean and free of malware. You are trusting the encryption implementation of WinZip. You are trusting the storage medium you are using.

And there are few additional risk such as,
1. The .doc editor and compression tool store the unencrypted data as temporary file which sometimes not deleted automatically.
2. The OS infected by keylogger or clipboard malware.

[dkbit98]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

Don't do that, and better keep recovery phrase offline and written on piece of paper or on stainless steel metal.
You can always make a mistake with making digital copies for your files and password (even if you consider it strong today) can be hacked if not done properly.
For extra security I would rather add passphrase to your seed words, or use multisig setup if you don't mind extra complexity.

Splitting up your seed phrase like this is a bad idea and almost certainly doesn't achieve the additional security you think it would. If you want to add more security to your wallet, then use a standard method such as additional passphrases or multi-sig.

This is disaster waiting to happen, and I heard many people made mistakes like this creating their own ''better'' splitting system for seed words.

[Despairo]

Store your seeds in .doc .zip or .rar file do look extra secure with strong password, but the truth isn't. Those software offer bad and low encryption, you don't even have any idea how those software compress your file isn't?

If you want to encrypt your seeds to add extra security, better to learn and use BIP38 rather than "trusting" those closed source software.

[TreyARC]

It's safer to keep your private keys and recovery seed offline, this is one if those reasons why I like paper wallet, you only need to send the coin to the address and track your address using a block explorer, all you have to do is store the keys in an offline place and out of people's reach.

[NeuroticFish]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

I don't know if it has change, but last time I've used WinZip, it used to do weak protection.
Using such methods involves computers and your seed will leave a trace on the disk and somebody more skilled could retrieve it.
Even more disks, USBs and so on can easily and suddenly fail, so it's not a reliable way to store the key to your money.


The best way for security is to write down -  in a way or another - your seed onto paper (preferably laminated) or steel and keep it in multiple copies, preferably in different locations many miles away one to the other.
Now, this can go from laminated piece of paper with exact seed phrase to books with the seed words marked, or from using steel washers to buying commercially available CryptoSteel-like products. Just make sure the order of those words is not altered.

Also make sure you don't do anything overly complicated you may forget in 10 years or, in case you suffer an accident, you or your family would be unable to use those funds to help you get back on your feet.

[Pmalek]

Your seed should never be stored digitally in any way. That includes text documents, .rar achieves, cloud services, emails, etc. Especially on a computer that is permanently connected to the internet and is probably used for all kinds of internet activities. There are so many things that can go wrong, it's not even worth naming them all. Almost everything has been mentioned already in previous replies. One thing that seems to be missing is hardware failure. Your hard drive can break over night making recovery difficult or impossible. You might be required to send it to a repair shop where the personnel could get access to your seed. That won't happen if the words are written down on a piece of paper and stored somewhere safely.

[Erumo]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

You can try to hide porn with that method, but it wont stop a real hack0r. You security can be broken by guide from https://www.passcope.com/how-to-hack-or-break-zip-file-password/. Why not add a mouse trap close to your pc mouse, put a trap under pc, install scarecrow in your room. Change icon of your zip file to a black icon, thus it will make it unseen. Rename it into smth like "..." and people will think that it is just burned pixels on the screen. Or rename your archive into system.ini - no one would ever try clicking on it.

[gagux123]

Splitting up your seed phrase like this is a bad idea and almost certainly doesn't achieve the additional security you think it would. If you want to add more security to your wallet, then use a standard method such as additional passphrases or multi-sig.

Thanks for correcting me and complementing my answer.
Well remembered, I confess that I didn't think about the possibility of a multi-sig wallet, this is an excellent method to increase security

A quick question, are there more ways to get more security? How?

[o_e_l_e_o]

A quick question, are there more ways to get more security? How?

It depends on what aspect of your set up you are looking to increase the security for. For a seed phrase, then generate it on a permanently airgapped computer which is running a fresh install of a reputable open source Linux distro, or a reputable open source hardware wallet. Do not back it up digitally, but write it down on paper only. You should have a minimum of two back ups in two different geographical locations. If you want to make it so that if your seed phrase is compromised your coins are not immediately stolen, then use a multi-sig set up (backing up each seed phrase and xpub multiple times separately), or create multiple additional hidden wallets by using passphrases (again backing up your passphrases on paper and separately). Alternatively, encrypt your seed phrase and also back up the decryption key on paper, but again separately to your seed phrase back up.

This is all great for increasing the security of generating and storing seed phrase, but that is only one piece of the puzzle, so to speak. If you then import that seed phrase in to a hot wallet, for example, then you have negated everything I have listed above.

[ANSEL_2.0]

Find stainless steel you aren't using anymore and carve the whole recovery phrase on it, your job from then on is to find a safe spot to keep this stainless steel, this is a better old school way of keeping recovery seed safe.

[Dunamisx]

Guys is it safe to write down recovery phrases in a .doc file and use WinZip or Winrar to compress and add strong password to the file? I don't know if this is stupid or smart.

If you're to write your keys on any device then it must be coded by you such away that only you can have access to it but ensure you create a back for recovery to it, you can as well split the keys on two different device that only the combination of the keys from the two storage devices can lead an access to your wallet.

Helpful hint:
Make use of hardware open source wallets
Store your keys on a metal sheet and encode it
Write your password and encrypt it with a password
Use an air grip device