n00b thinkings (dont laugh)

[BabyBandit]

I been thinking about Bitcoin wallets and their safety (hot wallets) when people getting hacked, how often is it because someone get access to their seed phrase? But if you don't back up your wallet. Can they still hack your wallet then? You got no seed phrase, so they cant take that way. right? Or....? Please help a n00b here to understand.
I understand if someone choose to not back up their wallet and lose the unit the wallet is installed to they will never been able to recover the wallet, this is not the subject.  

Of course every wallet I own have I backed up properly. just thinking about this... if you don't back up with a seed phrase, no one can steal your seed phrase, good or not good it's not the question. 

[1714564091]

1714564091

[1714564091]

1714564091

[Charles-Tim]

It is recommended to backup your wallet for you coins not to be lost.

If you do not backup your wallet, your wallet can still be compromised and your coins can still be stolen. Do away with malware. But the best is to go for a cold wallet or a multisig wallet on different devices.

If you are concerned about your seed phrase, you can use passphrase with it to extend the word so that it will be difficult for offline attackers to compromise your wallet as different keys and addresses will be generated.

Know that you will need both seed phrase and passphrase to recover your coins. So backup your seed phrase and passphrase, but separately in different locations.

[apogio]

I been thinking about Bitcoin wallets and their safety (hot wallets) when people getting hacked, how often is it because someone get access to their seed phrase? But if you don't back up your wallet. Can they still hack your wallet then? You got no seed phrase, so they cant take that way. right? Or....? Please help a n00b here to understand.

If you don't backup your wallet, you are essentially helpless. The simplest scenario is that you (for any reason) lose access to the app that you have installed on your phone, or laptop and you have absolutely no way to restore the wallet.

Having a hot wallet (as Charles-Tim said) can lead to wallet being compromised due to malware etc, but not backing it up, you are helpless against the strongest enemy, which is the human error.

[PrivacyG]

I been thinking about Bitcoin wallets and their safety (hot wallets) when people getting hacked, how often is it because someone get access to their seed phrase? But if you don't back up your wallet. Can they still hack your wallet then? You got no seed phrase, so they cant take that way. right? Or....? Please help a n00b here to understand.


I understand if someone choose to not back up their wallet and lose the unit the wallet is installed to they will never been able to recover the wallet, this is not question.  

The difference between having a backup and having no backup is you are in a constant risk of losing every thing there was in that Wallet.

Seed backups can and should be for the most part stored as PHYSICAL backups and not digital.  Unless you know how to handle digital backups safely and securely.  Hackers can not access physical papers in your house.  But you can make stupid mistakes.  For example, copying the Seed to the Notes app of your choice.  Sending it to your own E-mail Address as a backup.  Saving it into a TXT file.  Taking a picture of the paper containing it.  Maybe even reading it out loud, even if I have not heard of such cases yet.

Until you learn more about safe and secure storage of the Seed, just write it down on a piece of paper and put it somewhere in your house where no body has access and there is close to zero chance of anything burning or any water spilling in that area.  Do not put your paper next to the ash tray if you smoke or next to your favorite drinks.  Common sense.

Most 'hacks' are not some random ex CIA officer hacking into your phone.  They function as malware and other kind of infections of the device.  You download Apps from unknown sources and visit sketchy websites, then you get your Smart phone infected and now there is a much higher risk of getting your Bitcoin stripped off you.

[BabyBandit]

I been thinking about Bitcoin wallets and their safety (hot wallets) when people getting hacked, how often is it because someone get access to their seed phrase? But if you don't back up your wallet. Can they still hack your wallet then? You got no seed phrase, so they cant take that way. right? Or....? Please help a n00b here to understand.


I understand if someone choose to not back up their wallet and lose the unit the wallet is installed to they will never been able to recover the wallet, this is not question. 

The difference between having a backup and having no backup is you are in a constant risk of losing every thing there was in that Wallet.

Seed backups can and should be for the most part stored as PHYSICAL backups and not digital.  Unless you know how to handle digital backups safely and securely.  Hackers can not access physical papers in your house.  But you can make stupid mistakes.  For example, copying the Seed to the Notes app of your choice.  Sending it to your own E-mail Address as a backup.  Saving it into a TXT file.  Taking a picture of the paper containing it.  Maybe even reading it out loud, even if I have not heard of such cases yet.

Most 'hacks' are not some random ex CIA officer hacking into your phone.  They function as malware and other kind of infections of the device.  You download Apps from unknown sources and visit sketchy websites, then you get your Smart phone infected and now there is a much higher risk of getting your Bitcoin stripped off you.

Yes I am aware of this and I always back up my wallets. This was just a thought for example if you have a old phone you never use, you can wipe it and install a wallet and just put it your safe-box. But of course if the phone should break without reason your screwed. 

[PrivacyG]

Yes I am aware of this and I always back up my wallets. This was just a thought for example if you have a old phone you never use, you can wipe it and install a wallet and just put it your safe-box. But of course if the phone should break without reason your screwed.  

I had devices die in my hands minutes after I initiated a non backed up Wallet.  I would never trust any device with this.  It is a risk and a chance you have to assume.

This is why I will always be for Wallets having mandatory Seed backup.  Either you back it up or you do not use the Wallet.  It prevents a lot of damage by making the convenience of not having to back the Seed up impossible.

But why install a Wallet without backing it up before placing it in a safe box?  Years down the line you may forget you never backed it up and start depositing on it some Coins.  Then what do you do when the phone dies on you?

[BabyBandit]

Yes I am aware of this and I always back up my wallets. This was just a thought for example if you have a old phone you never use, you can wipe it and install a wallet and just put it your safe-box. But of course if the phone should break without reason your screwed. 

I had devices die in my hands minutes after I initiated a non backed up Wallet.  I would never trust any device with this.  It is a risk and a chance you have to assume.

But why install a Wallet without backing it up before placing it in a safe box?  Years down the line you may forget you never backed it up and start depositing on it some Coins.  Then what do you do when the phone dies on you?

iPhone's rarely dies for no reason. Nah but it was just an idea I had spinning in my head some days and why not share it with others here, hehe.. Enjoy your day friend.   

[Nheer]

Hot wallets are the least secure wallets and they are the easiest and most targeted wallets because of their connectivity to the internet so it is more safer to use a non custodial cold wallets. There are other ways your wallet can be compromised even without backing up your seed phrase. You should be more concerned about backing up your seed phrase and securely storing them in an offline location so you don’t end up losing assets. Precautions can be taken against seed phrase hacks and your wallet will be safe from hacks when these measures are implemented but without back up your coins can be lost easily when you lose access to your device.

So backup your seed phrase and passphrase, but separately in different locations.

It would be more appropriate to make duplicates of the passphrase and seed phrase and store them somewhere else in case something unexpected happens.

[Zaguru12]

iPhone's rarely dies for no reason. Nah but it was just an idea I had spinning in my head some days and why not share it with others here, hehe.. Enjoy your day friend.  

It’s not about dying sometimes, it has a screen that can get damaged when it falls either to the ground or into a fluid in any case it is never a good reason not to back up a wallet seed phrase even if you trust the device. Even hardware wallet producers warns of backing up your seed offline.

Also using an old phone you don’t longer use might be a bit secure for storage than the one you’re using daily for your social activities. But that still doesn’t eliminate the risk that the device might have caught malware in the past when it was been used. Some malware’s don’t go away by just wiping the phone alone.

So backup your seed phrase and passphrase, but separately in different locations.

It would be more appropriate to make duplicates of the passphrase and seed phrase and store them somewhere else in case something unexpected happens.

Yes there it is better to do a duplicate back but make sure they are not that much that you’re even creating a redundancy. Too much back locations might expose some of them

[Charles-Tim]

iPhone's rarely dies for no reason. Nah but it was just an idea I had spinning in my head some days and why not share it with others here, hehe.. Enjoy your day friend.   

Something can happen that will lead to loss of the wallet while you will still have access to your phone. Phone can also be lost at anytime.

So backup your seed phrase and passphrase, but separately in different locations.

It would be more appropriate to make duplicates of the passphrase and seed phrase and store them somewhere else in case something unexpected happens.

Yes there it is better to do a duplicate back but make sure they are not that much that you’re even creating a redundancy. Too much back locations might expose some of them

Yes, that has always been my advice. But my advise as always been to triplicate the seed phrase (+passphrase if included), separately in different locations.

[LoyceV]

But if you don't back up your wallet. Can they still hack your wallet then?

This is too dumb to even discuss. Even hard drive failure will make you lose your wallet.

You have different risks, and need to reduce all of them. It's always a balancing act between the risk of losing access by yourself, and the risk of someone else gaining access. The latter can be both physical (to your device or the seed phrase you wrote down) or online (unless you use a proper cold wallet).
Until now, I haven't found the perfect solution. But I do have different wallets for different purposes.

[BabyBandit]

But if you don't back up your wallet. Can they still hack your wallet then?

This is too dumb to even discuss. Even hard drive failure will make you lose your wallet.

You have different risks, and need to reduce all of them. It's always a balancing act between the risk of losing access by yourself, and the risk of someone else gaining access. The latter can be both physical (to your device or the seed phrase you wrote down) or online (unless you use a proper cold wallet).
Until now, I haven't found the perfect solution. But I do have different wallets for different purposes.

Well thanks for discussing it even tho it's to dumb for you. Have a good one.  

iPhone's rarely dies for no reason. Nah but it was just an idea I had spinning in my head some days and why not share it with others here, hehe.. Enjoy your day friend.   

Something can happen that will lead to loss of the wallet while you will still have access to your phone. Phone can also be lost at anytime.

Yes you have right.

[o_e_l_e_o]

I appreciate you are just asking a question, but for this to be a serious consideration of yours then your threat model is wrong.

There are multiple ways you can have your wallet hacked and your coins stolen. At the top of that list is using a hot wallet, especially a hot wallet on a device which you use daily for other things, such as general internet use. The chance of such a device contracting malware which will access your wallet is high. Also at the top of that list is storing your seed phrase electronically, be that on your own device, in the cloud, in an email, or whatever. Anything stored online is at constant risk of hacks and theft.

Very far down that list of risks is a seed phrase backed up securely and completely offline on paper or metal being stolen. By not having an offline back up you are reducing the risk of theft by an minuscule amount, while greatly increasing the risk of loss should your device fail/malfunction/corrupt/be damaged, should you lose your device, should you forget your wallet's password, and so on.

Every wallet and every back up system is a trade off between security against theft and security against loss. The trade off of not having a single offline back up (very small reduction in risk of theft versus very large increase in risk of loss) is simply not worth it. If your particular threat model places a large emphasis on an offline back up being compromised, then the correct solution is to use either passphrases or multi-sig, and not to abandon offline back ups altogether.

[BabyBandit]

I appreciate you are just asking a question, but for this to be a serious consideration of yours then your threat model is wrong.

There are multiple ways you can have your wallet hacked and your coins stolen. At the top of that list is using a hot wallet, especially a hot wallet on a device which you use daily for other things, such as general internet use. The chance of such a device contracting malware which will access your wallet is high. Also at the top of that list is storing your seed phrase electronically, be that on your own device, in the cloud, in an email, or whatever. Anything stored online is at constant risk of hacks and theft.

Very far down that list of risks is a seed phrase backed up securely and completely offline on paper or metal being stolen. By not having an offline back up you are reducing the risk of theft by an minuscule amount, while greatly increasing the risk of loss should your device fail/malfunction/corrupt/be damaged, should you lose your device, should you forget your wallet's password, and so on.

Every wallet and every back up system is a trade off between security against theft and security against loss. The trade off of not having a single offline back up (very small reduction in risk of theft versus very large increase in risk of loss) is simply not worth it. If your particular threat model places a large emphasis on an offline back up being compromised, then the correct solution is to use either passphrases or multi-sig, and not to abandon offline back ups altogether.

Hey friend, hope you are good. the question came from a serious tough, I understood it will have down sides also.. but when I understood a phone can just break without reason I understand how stupid I did sound.
So far I have always backed up my wallets and will continue to do so in the future, the seed phrase will go onto a physical paper. But if I would do this.. I would not do it on a phone I am using daily it would be a phone that just laying home in my house.   If you never ask, you never know or learn. This forum have already learned me alot and will learn me alot more.  

As an alternative, you can just backup your wallet data. That's how Bitcoin Core backups work: copy your wallet file to a USB stick, test it, and make another backup on a different brand stick. Then, just to be use, make a new copy on a new stick every year.

Thank you. I love to learning new things. , will try this later.

[LoyceV]

As an alternative, you can just backup your wallet data. That's how Bitcoin Core backups work: copy your wallet file to a USB stick, test it, and make another backup on a different brand stick. Then, just to be use, make a new copy on a new stick every year.

[NotATether]

But if you don't back up your wallet. Can they still hack your wallet then? You got no seed phrase, so they cant take that way. right?

No, they can't hack the wallet even if you don't back it up. Because remember that it's just a copy of your wallet file and as long as nobody has the password to it, then it is impossible for them to open any copy of your wallet, irrespective of whether or not you wrote down your seed phrase (if the app even uses one).

[digaran]

What you all have no answer for is, how can someone truly prove they were actually hacked? Because if I had a lot of coins and wanted to suddenly declare that I no longer have those coins, I could claim I was hacked.

Most of the stories we hear are just scare tactics used by Bitcoin enemies, so there is no need to be afraid of anything Op, don't listen to bsv shills about hacks. But do listen to Bitcoin experts about security measures.

[tech30338]

I been thinking about Bitcoin wallets and their safety (hot wallets) when people getting hacked, how often is it because someone get access to their seed phrase? But if you don't back up your wallet. Can they still hack your wallet then? You got no seed phrase, so they cant take that way. right? Or....? Please help a n00b here to understand.
I understand if someone choose to not back up their wallet and lose the unit the wallet is installed to they will never been able to recover the wallet, this is not the subject.  

I you want to have less chance of getting hacked, first is you should be careful what you click and be careful on what sites you go, most people receive emails that look legit and click it, for example, you kept the seed phrase in your computer which is a bad idea, or maybe they have install a keylogger once you have been infected.
so means the first thing you need to do is protect your computer or your network in these elements, this simple way will give you a higher chance of not getting hacked, avoid sticking your USB drive that you use outside of your home, these are things you will need to consider, in my opinion hopes this help you in a way.
Also never share your computer with other people even friends if you have important things in there, or make an extra user with standard access or a guest account this should be okay.

[Findingnemo]

(hot wallets) when people getting hacked, how often is it because someone get access to their seed phrase? But if you don't back up your wallet. Can they still hack your wallet then? You got no seed phrase, so they cant take that way. right? Or....?

You seem to be thinking in just one way that is the hacker accessing the funds by hacking the seed phrase by attacking the backup(s). Yes, its one of the most common ways that people lose their funds to hackers but it's not the only way that is the difference here. Assume the device where the wallet is installed is prone to be attacked so the user's wallet safety can be compromised in many ways from clipboard malware to getting complete access to the device so they can execute whatever the hacket wants from a remote location.

So by not backing up you attain nothing but losing your chance to recover the funds if anything happens to the device where your wallet is installed.