12 Word Recovery Phrase - a security weakness? My (free and simple!) solution(s)

[Shaha98]

With the first solution (book), you are now reliant on hiding an entire book rather just a single piece of paper. If you lose your copy of the book, there is no guarantee you would find the exact same edition again and your coins will be lost. So that's a more difficult back up process and a single point of failure.

With the second solution (Github), you are now reliant on a third party to continue hosting your repo. If your account is banned, or their servers fail, or they shut down, etc., then your coins will be lost. So again, a more difficult process and a single point of failure.

In short, this is unnecessarily complicated and significantly increases the risk of you losing access to your wallets. If you want a set up in which your seed phrase can be compromised without resulting in immediate loss of your funds, then you would be far better off using a standardized method which does not have a single point of failure, such as either an additional passphrase or a multi-sig set up.

12 You can have access to multi sig set apps with sound as these apps are very secure with no third party. And you don't have to worry about losing access which I'm using myself. You might be surprised to know Be that you can keep these apps with password yourself which has no second and third party. That's why you don't have to worry about losing your coins and password. So this is the safest.

[LoyceV]

Every time you create a new BTC wallet, you’ll get a 12 word 'recovery phrase' that needs to be noted down and hidden somewhere, which - to me at least - seems like a pretty gaping security gap. It doesn’t matter whether you write the words down and hide them in your attic, or stamp them on metal and bury them in your garden, the ‘master key’ to your wallet is still just sat somewhere, hoping that no-one finds it.

This has always been my main concern about Bitcoin: the balance between making sure I don't lose access, and making sure nobody else gains access.

Each line in this key was formed of a triplet that referred to the page, line and word-number of a specific word, which, when looked up (using the exact correct book), was in fact the relevant ‘recovery word’. In 12 lines, he’d noted all 12 of the words in his recovery phrase without actually giving anything away to a casual reader/attacker. So long as the attacker didn’t know the book it referred to, the recovery phrase would be secure.

I've seen many topics from people who don't know how to access their standard wallet anymore. I've also seen people lose access to their funds because of their own handwriting.
Any complication you add, largely increases the chance of losing access by yourself.

I created a secret, unknown Github persona, and this persona has uploaded the *entire* bank of 2048 potential Bitcoin recovery phrase words, in randomised order, in 256 rows of 8, to a repo.  *I* know the name of this account, and the name of the specific repo, but an attacker wouldn’t.

If I wanted to rely on a third party to get to my money, I'd use a bank

Ideally, it would be even further extended so that *anyone* could fork it, and just add their own unique details (their Github name, unique repo address, login details for Git & whichever cloud provider we choose).

What if the attacker has access to Github logs?

What this would mean would be that, for *even higher* levels of security, not only could you choose a random account as your referent, you could also choose a random *day* too, so that there would only be 2 ‘keys’ for you to remember - a Github ID and a date, the ‘day of push’ - which you would memorise, never write down, and keep as your truly ‘secret' keys.

Instead of making it random and publishing it, why not use the username and date as a random seed, and use a pseudo-random list that you can reproduce? It's just as unlikely to be guessed, but you won't lose it.

--> Why hide the book?? No-one would know that my keynote refers to it, so it can sit on my shelf with the rest

Are you saying you only have one backup of your seed phrase? What if your house burns down?

[o_e_l_e_o]

Similar situation would be with having different coins at the same seed - it would be obvious to find BTC and ETH (+ clones), but having for example Monero (or any other exotic coin) at address generated from the same seed is a different story.

Sure, but also not that difficult for an attacker to plug your seed phrase in to any multi-coin wallet and scan for hundreds of coins in a few minutes.

Instead of making it random and publishing it, why not use the username and date as a random seed, and use a pseudo-random list that you can reproduce? It's just as unlikely to be guessed, but you won't lose it.

Because now, in addition to your number pairs, you have to remember/back up the specific username and date, as well as the method/code you used to turn them in to your deterministic list. Complexity is the enemy of security, and this is all getting very complex.

[Welsh]

This has always been my main concern about Bitcoin: the balance between making sure I don't lose access, and making sure nobody else gains access.

Good, it should be all of ours biggest concern. Ultimately, we're responsible for our own money, and that doesn't come lightly. I'm going to sound like a broken record, but this is the classical problem of balancing security, and convenience. If you have it too convenient you're likely making it easier to attack. If you don't have much convenience you'll likely forget or lose access to your Bitcoin.

This is why you see people put passwords on their routers, but keep the password in plain text next to their computer. This is why you see organisations invest thousands into safes to store data, yet they keep the door propped open via some boxes. This is a common problem within all industries which require a level of security.

Ultimately, we're all lazy, hence why most people that don't make a conscious effort to implement a good security protocol, end up being very easy to compromise. Hence why most people use very similar passwords. Then, we have people that go over board (I may have been guilty of this, multiple times), and over complicate things, which the trade off isn't worth that extra complexity, since you're effectively either encouraging short cuts because it's so damn inconvenient or you're setting yourself up to forgetting or losing control.

What OP has proposed is flirting the line with over complicating something, that doesn't necessarily need to be too complicated.

I've seen many topics from people who don't know how to access their standard wallet anymore. I've also seen people lose access to their funds because of their own handwriting.
Any complication you add, largely increases the chance of losing access by yourself.

A problem that I think is more common than we're led to believe. I've done it, not with Bitcoin, but other things. Especially if you haven't taken the care required to separate a 5 from a S. These are the things you need to think about when backing up though. Using a computer potentially leaves a digital trace of that seed, while hand writing has the issues of spelling, or just the way you write things.

Plus, it's the fact that you should probably be guarding towards health issues if you're going this far into depth to secure your coins. The more complicated you make it, the less likely you're to recover it, if anything were to happen to your mind, e.g dementia.

[LoyceV]

Instead of making it random and publishing it, why not use the username and date as a random seed, and use a pseudo-random list that you can reproduce? It's just as unlikely to be guessed, but you won't lose it.

Because now, in addition to your number pairs, you have to remember/back up the specific username and date, as well as the method/code you used to turn them in to your deterministic list.

I was responding to the idea to choose an account name and day, which means you'll need to remember them anyway. By making the order of the list deterministic, at least you don't have to rely on Github.

Complexity is the enemy of security, and this is all getting very complex.

Agreed. This is going to lead to a whole new level of recovery requests.

This has always been my main concern about Bitcoin: the balance between making sure I don't lose access, and making sure nobody else gains access.

Good, it should be all of ours biggest concern.

That's one way of putting it
I agree it should be our main concern, but I don't like that I still haven't found a solution that makes me 100% comfortable. I know ignorance is bliss, but that doesn't make it more secure for the unaware n00b.

[o_e_l_e_o]

This is why you see people put passwords on their routers, but keep the password in plain text next to their computer.

Don't even get me started on this. At work we have to use about 8 different systems, all with the same username, but all with their own password requirements. Some mandate 8 letters, some 10. Some mandate at least one uppercase letter. Some mandate at least one number. Some mandate it must be at least "strong" on their unknown algorithm. And here's the best bit - all require mandatory password changes, but at different frequencies. The outcome is that you first set up access to all the systems with one good password. After 3 months, you have to change that password on a few of the systems, so you increment the number in the password by one. 3 months latter, you have to increment that number again, but also now increment the number on all the systems which mandate 6 monthly changes. Also, one of the systems will say this new password is too similar to the old one, so for that system you have to pick a new password altogether. 3 months later, do it all again. Very quickly you end up with 5 or 6 slightly different passwords, and you forget which one is for which system. And oh, if you enter the wrong password 3 times, your account is locked and you have to spend 20 minutes on the phone to IT to get it unlocked. What is the outcome of this? A very few people like myself use a password manager to deal with this for us. The vast majority have all their passwords written down on a piece of paper in their desk, their wallet, or (my favorite) stuck on the back of their ID badge.

Complex? Sure. Secure? Not at all.

while hand writing has the issues of spelling, or just the way you write things.

I can understand this being an issue with raw private keys, but I've never understood why it is an issue with seed phrases. The whole point of the BIP39 word list is to minimize issues like this, and you should be writing down your seed phrase in simple block capitals, and not cursive or anything else more difficult to read.