I think I will stick to a 24 word seed phrase ( 12 words brute forced )

[mailsats]

Here is a link to the story

https://cointelegraph.com/news/bitcoin-advocate-cracks-known-12-word-seed-phrase-in-minutes

I have heard people say the 12 words is secure enough... although, to be fair, the hacker in the story was given the 12 words, and had to put them in the correct order... using BTCrecover

thoughts?

[1715360117]

1715360117

[1715360117]

1715360117

[Charles-Tim]

Not quite long that similar thread is existing on this forum already:

12-word seed vs 24-word seed? This seems pretty interesting

Lock this thread.

[apogio]

Here is a link to the story

https://cointelegraph.com/news/bitcoin-advocate-cracks-known-12-word-seed-phrase-in-minutes

I have heard people say the 12 words is secure enough... although, to be fair, the hacker in the story was given the 12 words, and had to put them in the correct order... using BTCrecover

thoughts?

Puting 12 words in the correct order is EXTREMELY more easy than guessing 12 words from BIP39 an puting them in the correct order.

I mean, let me give you 12 words (A,B,C,...,L). Then you have 479001600 possible combinations.

However BIP39 consists of 2048 words. So, If you want to guess 12 words out of the 2048 and try to arrange them in the correct order gives you a huge amount of possible combinations. It's a huge number!!!

Just don't (I repeat, DON'T) ever think of letting someone know your words even if the order is incorrect.

[o_e_l_e_o]

Clickbait nonsense. 12 word seed phrases are perfectly secure if you don't start handing out your words on the internet.

[hugeblack]

thoughts?

Is this a new type of FUD? A five-minute search will tell you that the whole story is not true. This topic brought me back to Block-size FUD from bitcoin.com when BCH increase the block size.

I remember that a user on Reddit put the 12 words unordered with a prize for whoever reaches them, and yet no one was able, so you are safe as long as those words are true randomly arranged.

[mocacinno]

if you have 12 given words, there are 12! possible combinations of those 12 words (given you cannot re-use the same word).
12! = 479.001.600

Let's round this number down to 479 million

The number of possible 12 word seed phrases is 2^128
2^128 = 3,4 e38. That's 340282366920938463463374607431770 million

I did some googling, and found a benchmark of somebody claiming to be able to test ~150.000 combinations per second. Now, this was with a GPU and a highly specific derivation path and pre-known address that had to be derived using this derivation path... A best case scenario...

Let's assume you get to 0.1 million combinations per second... It would take you 4790 seconds if you knew all 12 words... That's an hour and 20 minutes.

If you don't have the 12 words, it'll take you 3402823669209384634633746074 seconds @ 0.1 million seeds/second... Thats  107.902.830.708.060.141.889.705.291 years....

There's a huge difference between getting 12 random words and hacking a seedphrase where you don't know these 12 words...

[hZti]

If you give away your words to strangers also 100 words will not be secure anything, because this will mean that you are simply stupid. But I guess you misinterpreted the meaning of the 12 word brute force wrong. So if you keep your words secret there is nothing wrong with 12 words. I however also prefer 24 words, just because I can.

[NeuroticFish]

Sadly for your effort in this, I really think that all OP cared about was a couple of click on that link.
I mean, come on, "confusing" (effort for) reordering of 12 words with (the effort for) actually finding the correct ones (from the BIP39 list) and also their positions already tells that OP has mixed up the apples with the oranges.
So yep, this sums it up:

Clickbait nonsense.