Bitcoin Forum
November 11, 2024, 11:08:27 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: 12-word seed vs 24-word seed? This seems pretty interesting  (Read 538 times)
Synchronice (OP)
Hero Member
*****
Offline Offline

Activity: 1036
Merit: 867



View Profile
April 27, 2023, 06:21:56 PM
 #1

There was an article published on Cointelegraph six hours ago with a very interesting title with definitely looks like a clickbait title: What security? Bitcoin enthusiast cracks known 12-word seed phrase in minutes
So, here is the deal. One person posted all the 12 words of his wallet in no particular order. This wallet was filled with 100,000 satoshis. Long story short, it took 25 minutes to one person with modern GPU to bruteforce the wallet by using the software called BTCrecover.

There are people who think that its okay to not completely hide your seeds if you remember the way they are ordered but this small experiment makes it pretty clear that one should be more cautious.

Otherwise, your 12-word seed phrase is as safe as 24-word seed phrase if attacker doesn't know your seeds. But if one knows seeds but not their ordering, then 12-word seed wallet will be vulnerable to attacks but 24-word seed phrase still maintains high security.

▄▄███████████████████▄▄
▄███████████████████████▄
████████▀░░░░░░░▀████████
███████░░░░░░░░░░░███████
███████░░░░░░░░░░░███████
██████▀░░░░░░░░░░░▀██████
██████▄░░░░░▄███▄░▄██████
██████████▀▀█████████████
████▀▄██▀░░░░▀▀▀░▀██▄▀███
███░░▀░░░░░░░░░░░░░▀░░███
████▄▄░░░░▄███▄░░░░▄▄████
▀███████████████████████▀
▀▀███████████████████▀▀
 
 CHIPS.GG 
▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
███▀░▄░▀▀▀▀▀░▄░▀███
▄███
░▄▀░░░░░░░░░▀▄░███▄
▄███░▄░░░▄█████▄░░░▄░███▄
███░▄▀░░░███████░░░▀▄░███
███░█░░░▀▀▀▀▀░░░▀░░░█░███
███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░██
▀███
░▀░▀▄██▀░▀██▄▀░▀░██▀
▀███
░▀▄░░░░░░░░░▄▀░██▀
▀███▄
░▀░▄▄▄▄▄░▀░▄███▀
▀█
███▄▄▄▄▄▄▄████▀
█████████████████████████
▄▄███████▄▄
███
████████████▄
▄█▀▀▀▄
█████████▄▀▀▀█▄
▄██████▀▄▄▄▄▄▀██████▄
▄█████████████▄████████▄
████████▄███████▄████████
█████▄█████████▄██████
██▄▄▀▀▀▀█████▀▀▀▀▄▄██
▀█████████▀▀███████████▀
▀███████████████████▀
██████████████████
▀████▄███▄▄
████▀
████████████████████████
3000+
UNIQUE
GAMES
|
12+
CURRENCIES
ACCEPTED
|
VIP
REWARD
PROGRAM
 
 
  Play Now  
Upgrade00
Legendary
*
Offline Offline

Activity: 2212
Merit: 2368


Playgram - The Telegram Casino


View Profile WWW
April 27, 2023, 06:54:50 PM
 #2

There are people who think that its okay to not completely hide your seeds if you remember the way they are ordered but this small experiment makes it pretty clear that one should be more cautious.
No one should consider scrambling their seeds as a way of keeping it away from Intruders, you can forget the actual order and can lose your bitcoins, especially if it's a 24 word seed phrase.

The essence of back ups is the safety of the location which should be as covert as possible to evade detection. If one location does not prove enough then one should consider using more than one location with a multi sig wallet and storing them differently. One getting compromised does not result in loss of funds.

An additional seedphrase which you can store separately is also a good alternative to scrambling the seed phrase.

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
April 27, 2023, 08:07:36 PM
Merited by hosseinimr93 (2)
 #3

with definitely looks like a clickbait title:
Spammy, trash "news" site posts clickbait!? I'm shocked! Tongue

12 word seed phrases, when properly secured, are perfectly safe. If you reveal all the words, then of course it becomes unsafe. A scrambled 12 word seed phrase has only 12! = 479,001,600 possibilities. Add in the fact that on average 93.75% of the possibilities can be discarded for having an incorrect checksum, that only leaves 29,937,600 possibilities which require you to derive an address and check for funds. This is an easy task on even fairly modest home hardware.

The moral of the story is don't scramble (or do any other weird "tricks") to your seed phrase. The chances are either you will achieve nothing useful, or you will go too far the other way and lock yourself out of your wallets. Just write them down and store them safely.
DaveF
Legendary
*
Offline Offline

Activity: 3654
Merit: 6666


Crypto Swap Exchange


View Profile WWW
April 27, 2023, 08:17:51 PM
 #4

So to make it simple:

1) Keep your seed safe and private (Duh!)
2) Longer things are more difficult to compromise then shorter things when done properly (Duh!)
3) Security is only as strong at it's weakest link (Duh!)

The 12 word thing was done before, and discussed to death. But it is good to bring it up now and then to remind people about security.

-Dave

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
BitcoinGirl.Club
Legendary
*
Offline Offline

Activity: 2954
Merit: 2785


Bitcoingirl 2 joined us 💓


View Profile WWW
April 27, 2023, 09:35:43 PM
 #5

But if one knows seeds but not their ordering, then 12-word seed wallet will be vulnerable to attacks but 24-word seed phrase still maintains high security.
Isn't it general knowledge? A 24 word seed is better than a 12 words. The highest the words the better the security.

Quote
I’ll give you all 12 words but in no particular order.
https://cointelegraph.com/news/bitcoin-advocate-cracks-known-12-word-seed-phrase-in-minutes
No wonder LOL
25 minutes seem to me a long time that took when you have all words in front of you. It needed to check the combination of the words. I studied combination a long time ago from that sense I think finding all the combinations of 12 words/string should not be very hard for a programmer. Your job is then to check the results with each finding which should not be a hard job too.

It would be harder if the letters of the words were not in correct orders too.

The moral of the story is don't scramble (or do any other weird "tricks") to your seed phrase.
You got it wrong. The news channel/site needs story to keep their visitors engaged. If they don't add suspense then no one is going to click. The title is a perfect example.
Quote
What security? Bitcoin enthusiast cracks known 12-word seed phrase in minutes
It sounds like Bitcoin is finished LOL

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
Z-tight
Legendary
*
Online Online

Activity: 1036
Merit: 1106



View Profile
April 27, 2023, 10:20:02 PM
 #6

I don't know why the title of that article was written in this way, to start it with "What security?", like a 51% attack just occurred and miners are currently double spending transactions at will, they mustn't use clickbait for all their articles.

If it wasn't possible for BTC to be stolen if ones seed phrase is revealed, even if scrambled, then why the warning never to reveal ones seed phrase. It is even unimportant to be too concerned about how long it would take to brute force a scrambled seed phrase depending on its length, i would rather be concerned about ensuring i have great opsec and that nobody ever finds my seed phrase.

Yamane_Keto
Hero Member
*****
Offline Offline

Activity: 630
Merit: 510



View Profile WWW
April 27, 2023, 11:45:46 PM
 #7

There was an article published on Cointelegraph six hours ago with a very interesting title with definitely looks like a clickbait title: What security? Bitcoin enthusiast cracks known 12-word seed phrase in minutes
Cointelegraph is not a source of knowledge, the technical articles on this site are not accurate or not verified so do not rely on it as a source of information.

12! It is safe for most GPUs to bruteforce, so whoever wants to try bruteforce should pay more to buy more advanced hardware ASCI and thus more time for you to transfer your money.

えいごをはなせますか。
LoyceV
Legendary
*
Offline Offline

Activity: 3486
Merit: 17658


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
April 28, 2023, 06:21:11 AM
 #8

So you're saying if I post my 12 seed words online, someone can steal my Bitcoins? What's next, if I post the details for my bank but scramble my PIN, someone can steal my euros too? Shocked

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
SamReomo
Hero Member
*****
Offline Offline

Activity: 980
Merit: 757


Top Crypto Casino


View Profile
April 28, 2023, 06:44:10 AM
 #9

So you're saying if I post my 12 seed words online, someone can steal my Bitcoins? What's next, if I post the details for my bank but scramble my PIN, someone can steal my euros too? Shocked

That's true indeed! It's unsafe to post the 12 seeds words online because if someone is keeping eye on you then that malicious person might be able to crack your wallet with those seeds by conducting a
brute-force attack to steal the Bitcoins out of it. If I'm not wrong then someone's seed phrase is key to the wallet and brute-force attacks can easily own the perfect combination of the seed phrase if those seed words are posted online.

███▄▀██▄▄
░░▄████▄▀████ ▄▄▄
░░████▄▄▄▄░░█▀▀
███ ██████▄▄▀█▌
░▄░░███▀████
░▐█░░███░██▄▄
░░▄▀░████▄▄▄▀█
░█░▄███▀████ ▐█
▀▄▄███▀▄██▄
░░▄██▌░░██▀
░▐█▀████ ▀██
░░█▌██████ ▀▀██▄
░░▀███
▄▄██▀▄███
▄▄▄████▀▄████▄░░
▀▀█░░▄▄▄▄████░░
▐█▀▄▄█████████
████▀███░░▄░
▄▄██░███░░█▌░
█▀▄▄▄████░▀▄░░
█▌████▀███▄░█░
▄██▄▀███▄▄▀
▀██░░▐██▄░░
██▀████▀█▌░
▄██▀▀██████▐█░░
███▀░░
Charles-Tim
Legendary
*
Offline Offline

Activity: 1722
Merit: 5208


Leading Crypto Sports Betting & Casino Platform


View Profile
April 28, 2023, 07:18:48 AM
 #10

So you're saying if I post my 12 seed words online, someone can steal my Bitcoins? What's next, if I post the details for my bank but scramble my PIN, someone can steal my euros too? Shocked

That's true indeed! It's unsafe to post the 12 seeds words online because if someone is keeping eye on you then that malicious person might be able to crack your wallet with those seeds by conducting a
brute-force attack to steal the Bitcoins out of it. If I'm not wrong then someone's seed phrase is key to the wallet and brute-force attacks can easily own the perfect combination of the seed phrase if those seed words are posted online.
Can you post your seed hrase online? I can not do that.
Can you even disarrange your seed phrase? I can not do that.

What if passhrase is used as an extended word. A passphrase that consists of uppercase, lowercase, and characters like @.,$+? More than 12 or more character long.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
apogio
Hero Member
*****
Offline Offline

Activity: 602
Merit: 1219



View Profile WWW
April 28, 2023, 07:24:06 AM
Last edit: April 28, 2023, 08:45:22 AM by apogio
 #11

Adding to what o_e_l_e_o said above, I will only give 2 numbers for comparison.

If I give you 12 words (A,B,C,...,L) and ask you to put them in the correct order, then you have 479001600 possible combinations.

However BIP39 consists of 2048 words. So, If you want to guess 12 words out of the 2048 and try to arrange them in the correct order gives you 5,271,537,971,301,488,476,000,309,317,528,177,868,800 (check o_e_l_e_o post below) possible combinations.

The experiment was rediculous to say the least. It could be much more intuitive if the title was "Don't scramble your 12-word seed phrase and rely on this as a backup".


Final Thought:
It is not feasible (for the time being) for a machine to brute force a 12-word seed phrase. Even if 24-words are generally much safer than 12-words, the math clearly show us, that 12-words cannot be brute-forced.
Don't worry about being brute-forced. Worry about backing-up your words properly. Because, as you have seen in the article, knowing the 12 words is much more important than knowing their order. Finally ADD A PASSPHRASE!


FatFork
Legendary
*
Offline Offline

Activity: 1778
Merit: 2664


Crypto Swap Exchange


View Profile WWW
April 28, 2023, 07:33:38 AM
 #12

So you're saying if I post my 12 seed words online, someone can steal my Bitcoins? What's next, if I post the details for my bank but scramble my PIN, someone can steal my euros too? Shocked

Oh, with over 23 thousand posts on this forum, I'm sure you've posted your seed words online multiple times already. Congratulations on potentially compromising your entire crypto portfolio!  Cheesy

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
LoyceV
Legendary
*
Offline Offline

Activity: 3486
Merit: 17658


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
April 28, 2023, 07:37:35 AM
 #13

Oh, with over 23 thousand posts on this forum, I'm sure you've posted your seed words online multiple times already. Congratulations on potentially compromising your entire crypto portfolio!  Cheesy
Nice try, I'm not going to enter my seed words into a search string Tongue

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
FatFork
Legendary
*
Offline Offline

Activity: 1778
Merit: 2664


Crypto Swap Exchange


View Profile WWW
April 28, 2023, 07:43:22 AM
 #14

Oh, with over 23 thousand posts on this forum, I'm sure you've posted your seed words online multiple times already. Congratulations on potentially compromising your entire crypto portfolio!  Cheesy
Nice try, I'm not going to enter my seed words into a search string Tongue

Damn it, you got me! And here I was thinking maybe I could get away with it...

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
April 28, 2023, 08:10:01 AM
Merited by BlackHatCoiner (4), vapourminer (1), ABCbits (1), Z-tight (1)
 #15

A 24 word seed is better than a 12 words. The highest the words the better the security.
Well, it's not quite as straightforward as that.

A 12 word seed phrase provides 128 bits of entropy. A 24 word seed phrase provides 256 bits of entropy. This much is true. However, all bitcoin private keys provide, at most, 128 bits of security. So the security of the private keys generated by a 24 word seed phrase are identical to the security of the private keys generated by a 12 word seed phrase (provided, of course, that the seed phrases were not generated insecurely).

12! It is safe for most GPUs to bruteforce, so whoever wants to try bruteforce should pay more to buy more advanced hardware ASCI and thus more time for you to transfer your money.
12! is very easy for most home hardware to bruteforce, as I explained above. Also, ASICs are useless when it comes to brute forcing seed phrases.

So, If you want to guess 12 words out of the 2048 and try to arrange them in the correct order gives you 5,271,537,971,301,488,476,000,309,317,528,177,868,800 possible combinations.
Not quite sure how you arrived at your number there, but it's incorrect.

Picking 12 words out of 2048 gives 204812 = 5.444*1039
But if you consider the checksum, then the number of valid combinations is 2128 = 3.403*1038
apogio
Hero Member
*****
Offline Offline

Activity: 602
Merit: 1219



View Profile WWW
April 28, 2023, 08:44:49 AM
 #16

Not quite sure how you arrived at your number there, but it's incorrect.

Picking 12 words out of 2048 gives 204812 = 5.444*1039
But if you consider the checksum, then the number of valid combinations is 2128 = 3.403*1038

You are right! I will fix it to make sure nobody is confused.

Synchronice (OP)
Hero Member
*****
Offline Offline

Activity: 1036
Merit: 867



View Profile
April 28, 2023, 10:50:49 AM
 #17

with definitely looks like a clickbait title:
Spammy, trash "news" site posts clickbait!? I'm shocked! Tongue
Well, I would say that Cointelegraph is not the best website out there, nor the most reliable one but I wouldn't call it spammy trash news website. What's your source of crypto news? I know it won't be one as it shouldn't be but usually, what website(s) do you visit? Your opinion on this task matters because you are a highly valued, knowledgeable member

So you're saying if I post my 12 seed words online, someone can steal my Bitcoins? What's next, if I post the details for my bank but scramble my PIN, someone can steal my euros too? Shocked
So, actually, if you post randomly ordered 12 seed words, your wallet gets hacked but if you post randomly ordered 24 seed words, you can feel safe because the probability is still super low.
By the way, it was a little bit interesting, wasn't it? Don't be so hilarious.

▄▄███████████████████▄▄
▄███████████████████████▄
████████▀░░░░░░░▀████████
███████░░░░░░░░░░░███████
███████░░░░░░░░░░░███████
██████▀░░░░░░░░░░░▀██████
██████▄░░░░░▄███▄░▄██████
██████████▀▀█████████████
████▀▄██▀░░░░▀▀▀░▀██▄▀███
███░░▀░░░░░░░░░░░░░▀░░███
████▄▄░░░░▄███▄░░░░▄▄████
▀███████████████████████▀
▀▀███████████████████▀▀
 
 CHIPS.GG 
▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
███▀░▄░▀▀▀▀▀░▄░▀███
▄███
░▄▀░░░░░░░░░▀▄░███▄
▄███░▄░░░▄█████▄░░░▄░███▄
███░▄▀░░░███████░░░▀▄░███
███░█░░░▀▀▀▀▀░░░▀░░░█░███
███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░██
▀███
░▀░▀▄██▀░▀██▄▀░▀░██▀
▀███
░▀▄░░░░░░░░░▄▀░██▀
▀███▄
░▀░▄▄▄▄▄░▀░▄███▀
▀█
███▄▄▄▄▄▄▄████▀
█████████████████████████
▄▄███████▄▄
███
████████████▄
▄█▀▀▀▄
█████████▄▀▀▀█▄
▄██████▀▄▄▄▄▄▀██████▄
▄█████████████▄████████▄
████████▄███████▄████████
█████▄█████████▄██████
██▄▄▀▀▀▀█████▀▀▀▀▄▄██
▀█████████▀▀███████████▀
▀███████████████████▀
██████████████████
▀████▄███▄▄
████▀
████████████████████████
3000+
UNIQUE
GAMES
|
12+
CURRENCIES
ACCEPTED
|
VIP
REWARD
PROGRAM
 
 
  Play Now  
LoyceV
Legendary
*
Offline Offline

Activity: 3486
Merit: 17658


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
April 28, 2023, 11:02:44 AM
 #18

By the way, it was a little bit interesting, wasn't it?
Not really. People shouldn't post their seed words online. Period.
A much more interesting thing about 24 seed words is that you can split them up into 3 parts, and it's still pretty secure if someone gets their hand on one card:

Card 1: message text ability noodle stereo unfair obscure gloom cluster suspect address XXXX thrive remove XXXX XXXX XXXX seminar XXXX XXXX skirt summer XXXX XXXX
Card 2: XXXX XXXX XXXX XXXX XXXX unfair obscure gloom cluster suspect address amused thrive XXXX olive sleep appear XXXX nose beyond skirt XXXX what neither
Card 3: message text ability noodle stereo XXXX XXXX XXXX XXXX XXXX XXXX amused XXXX remove olive sleep appear seminar nose beyond XXXX summer what neither
You shouldn't do that with 12 words.

Don't be so hilarious.
I was trying to be sarcastic Wink

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
April 28, 2023, 11:45:17 AM
Merited by BlackHatCoiner (4), Synchronice (4), vapourminer (2), LoyceV (2)
 #19

What's your source of crypto news? I know it won't be one as it shouldn't be but usually, what website(s) do you visit? Your opinion on this task matters because you are a highly valued, knowledgeable member
I tend not to care whatsoever about what these sites class as "news". If you look at the landing page of CoinTelegraph, CoinIdol, etc. on any given day, the top stories are about price speculation, a whole bunch of shitcoins I don't care about, a whole bunch of centralized exchanges or platforms I don't care about, various celebrities or influences I don't care about, clickbait trash like the article being discussed here, and so on. The amount of actual news on these sites is somewhere between zero and none.

What I do care about is bitcoin's development and new advances, and for that I read the bitcoin-dev mailing list, the lightning-dev mailing list, and any relevant discussions on GitHub. I would also recommend the newsletter from https://bitcoinops.org/.
WatChe
Hero Member
*****
Offline Offline

Activity: 1078
Merit: 566


View Profile WWW
April 28, 2023, 12:00:41 PM
 #20

Otherwise, your 12-word seed phrase is as safe as 24-word seed phrase if attacker doesn't know your seeds. But if one knows seeds but not their ordering, then 12-word seed wallet will be vulnerable to attacks but 24-word seed phrase still maintains high security.


Why somebody would know your seed at first place? (Regardless of whether its in or out of order). The security of your seed is must, even if you have 24-word or more seed. I have written seed of my wallet on paper and is never stored digitally.


If you read the article, its written that guy won a prize of 30$ for breaking this 12-word seed. From this prize money one can see the difficulty level of this task.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!