Security tips for making encrypted backups of your seedphrase.

[Forsyth Jones]

The most adopted and convenient method of making backups of an HD wallet is by writing down a sequence of words known as the BIP39 recovery phrase (or simply seedphrase) which when combined form a seed that derives the masterprivkey and, consequently, the child keys and Adresses.

It is up to you to write down this seedphrase and store it safely in an offline environment, such as on paper, steel plates, etc. Never store it online i.e. in an online notepad or email, because if your computer is compromised, it becomes very easy for someone to steal your bitcoins.

However, if you store it in a physical location such as your office drawer, and someone has possession of this seedphrase and has sufficient knowledge of the importance of this information, they could act maliciously and steal your money. A commonly used solution to avoid this problem would be to encrypt the seedphrase and there are several methods and some of them vary in security i.e some users encrypt a seedphrase with aes, gpg, compression tools like winrar, 7zip protected by passwords (I've done this a lot in the past) and also with BIP39 Passphrase.

Of these methods mentioned, BIP39 Passphrase is undoubtedly the most used due to it being widely used by hardware wallets, as in addition to being the most secure, it reinforces the entropy of your seedphrase by combining your seedphrase + passphrase generated by you, resulting in a wallet unique access code "hidden" behind that password.

Regardless of the method chosen, the user now has to save 2 information: Seedphrase + password, and in the case of BIP39 Passphrase, the passphrase must always be memorable, as there is no way to recover it if it's lost and it'd only be used if you fully understand how it works.

Some wallets such as Electrum, Sparrow, Bitcoin Core and Schildbach wallet have a functionality to import/export encrypted backups with your wallet's encryption password, and this is very interesting, as in addition to being done in a theoretically safe way, you don't need to resort to other third-party encryption methods that may compromise your seedphrase. With this encrypted digital backup, you can easily make multiple copies and spread them to different locations such as pen drives, SD cards and the cloud.



If you want to make encrypted digital backups, Electrum and Sparrow are one of the wallets that allow you to do this safely, but I leave some observations below:

• There are more than one type of seed: BIP39 and Electrum, BIP39 is accepted in most wallets, while Electrum seeds are only adopted by Electrum.
• If you want to do this on Electrum, your wallet needs to be created on Electrum, as a native Electrum wallet allows Electrum to save your encrypted seedphrase and whenever you need that seedphrase, you can view the backup and make physical copies by writing it down on paper, and a BIP39 wallet that was imported into electrum is not possible, because in this case Electrum don't save the imported seedphrase, it only uses it at the time of import to calculate xpriv/ypriv/zpriv, but if you want, even so if you saving a digital copy of a BIP39 wallet imported into Electrum, you can recover the funds, but your seedphrase won't be saved in the file (unless it's a native electrum wallet).
• If you want to make a digital backup of a BIP39 seedphrase, you can use Sparrow Wallet for this, you can either create a new wallet with or without a passphrase or import an existing seedphrase, encrypt the wallet with a good password. If you need to import your seed to another wallet, you can open the backup generated by sparrow (using Sparrow Software) using your password and view the seedphrase to import into another wallet.

With the tips above, you don't need to risk your security by experimenting with encryption methods that could compromise your wallet. Of course, even if you follow the tips above, but do it on an insecure computer, compromised with internet access, you may still have chances of having your wallet compromised. So the ideal is to do this from an airgapped computer without internet access, preferably a computer just for this that you won't use for anything else.

[Charles-Tim]

However, if you store it in a physical location such as your office drawer, and someone has possession of this seedphrase and has sufficient knowledge of the importance of this information, they could act maliciously and steal your money. A commonly used solution to avoid this problem would be to encrypt the seedphrase and there are several methods and some of them vary in security i.e some users encrypt a seedphrase with aes, gpg, compression tools like winrar, 7zip protected by passwords (I've done this a lot in the past) and also with BIP39 Passphrase.

BIP39 passphrase is not encryption, it is word extension. You extend the word with the 13th, 16th, 19th, 22nd or 25th word, depending on the number of word your seed phrase is. I prefer the lazy way which is the use of passphrase to extend the word. If a good passphrase that is long is used, to brute force the passphrase will be hard.

[Forsyth Jones]

-

Yes, you're right. Although I knew this detail, I didn't make it very clear. I think extended words is the best definition.

[dkbit98]

Passphrase is acting as a salt to your seed words, but don't confuse this with encryption that is much harder to crack.
If you want to have encrypted backups in credit card format you should check out Satochip Seedkeepeer cards.
This is easy way to add encrypted seed words on Seedkeeper cards, and you can even create your own DIY card with custom design, to look like regular credit card.

[Husires]

Some wallets such as Electrum, Sparrow, Bitcoin Core and Schildbach wallet have a functionality to import/export encrypted backups with your wallet's encryption password, and this is very interesting, as in addition to being done in a theoretically safe way, you don't need to resort to other third-party encryption methods that may compromise your seedphrase. With this encrypted digital backup, you can easily make multiple copies and spread them to different locations such as pen drives, SD cards and the cloud.

Making an encrypted digital backup is safe if the password is secure, but making several copies and publishing them online or uploading them to the cloud is not a good thing. So, if you use a strong password, you will definitely keep it in digital form, so reduce the number of online copies and keep the password on a separate device that does not connect to the Internet. Buy a high-quality USB stick to ensure a longer lifespan of data on a USB flash drive and better protection from shocks, as some bad types lose the data within 5 years.

[Aanuoluwatofunmi]

To make it easier for you and better, don't allow any third party have access to your device in use, don't store your seeds or private keys online and avoid the use of any password manager app or any central storage system to handle the safety of your keys for you, lastly, create an additional security to how you safe your keys as well as where you safe them, you can see for other recommendations on these through the links below on storing your private keys.

additional security to your seed phrase
https://bitcointalk.org/index.php?topic=5230920.0

seeds backup tools
https://bitcointalk.org/index.php?topic=5263482.0

[btc78]

This sounds like a fool-proof method of storing your seed phrase.

Instead of storing it in a physical locations where all words are just straightforwardly written, this provides a much more complex way which would make it harder for anyone to steal it. Unless the theft also knows the system you have used to create an encrypted version of your seed phrase.

My question is could someone crack it if they were to see the encrypted seed phrase?

[SilverCryptoBullet]

Some wallets such as Electrum, Sparrow, Bitcoin Core and Schildbach wallet have a functionality to import/export encrypted backups with your wallet's encryption password, and this is very interesting

This information is misleading.

When you export, you have options to export like Export your private key, Export your labels. You only can save your backup and if your wallet is encrypted, the backup will be encrypted automatically. No option to Save your backups without encryption.

When you import, from private key or seed, you can choose to create a new wallet file with encryption or no encryption. You don't need password to import a private key or mnemonic seed.

You only need a wallet password when you open a wallet file that was encrypted before.

[zabzob]

My question is could someone crack it if they were to see the encrypted seed phrase?

That depends on the strength of the password used for decryption. If it has at least 128 bits of entropy (e.g. a 12-word BIP39 phrase or a truly random 20-character password) then it will be effectively impossible to crack. For this reason, storing an encrypted seed phrase online and then storing physical copies of the decryption key in a safe place/places is a robust option for backing up crypto. Unlike writing down and storing the seed phrase itself, this method avoids a single point of failure. If hackers were to get your encrypted file from the cloud, it would be useless to them without the password, which they won't find online. And if burglars were to crack your safe and get the decryption key, they would not be able to access the coins without also having the file. It would be very difficult for an attacker to get both.

[CODE200]

I'm not yet using Electrum, does this have a feature in a phone? I think that Electrum might be a little different on computer and phone so I'm asking. I plan to buy a fresh phone that would serve as my wallet for my bitcoin and in a way would help me be secure since it's going to go away in some storage somewhere, is this an advisable thing to do? Hackers or thieves that have a know how of bitcoin don't really expect you or anyone to be storing their bitcoins somewhere that's not on a computer, that's why I'm taking the risk of storing it in a phone, my only problem is obseletion.

[Catenaccio]

I plan to buy a fresh phone that would serve as my wallet for my bitcoin and in a way would help me be secure since it's going to go away in some storage somewhere, is this an advisable thing to do? Hackers or thieves that have a know how of bitcoin don't really expect you or anyone to be storing their bitcoins somewhere that's not on a computer, that's why I'm taking the risk of storing it in a phone, my only problem is obseletion.

If you have need to use your bitcoins when you are hanging out and you don't want to bring your laptop around too much, you will need to store some small bitcoins on phone.

Consider it as your hot wallet, so don't take too high risk.

You can set up a multisig wallet with your old phone and new phone, 2-2 cosigner but it will cost you more transaction fee, or as your cold storage.

Old phone as cold storage?

[Forsyth Jones]

Some wallets such as Electrum, Sparrow, Bitcoin Core and Schildbach wallet have a functionality to import/export encrypted backups with your wallet's encryption password, and this is very interesting

This information is misleading.

When you export, you have options to export like Export your private key, Export your labels. You only can save your backup and if your wallet is encrypted, the backup will be encrypted automatically. No option to Save your backups without encryption.

When you import, from private key or seed, you can choose to create a new wallet file with encryption or no encryption. You don't need password to import a private key or mnemonic seed.

You only need a wallet password when you open a wallet file that was encrypted before.

Come on, quote what I mentioned that was misleading:

I've mentioned that the wallet options that I mentioned in my post have an option to export the wallet in file format (keyfile), in this file all private data such as private keys, xprivs and some containing the initial phrase and metadata wallet are stored such as labels, addresses, etc.

1. The bitcoin core wallet exports this keyfile as the official form of backup, you can export the descriptors via the console if you want. The keyfile is encrypted with the password the user chooses when encrypting the wallet.

2. Sparrow wallet, the exported keyfile is protected by the wallet access password, the same case as the core.

3. Electrum = same case as Bitcoin core and Sparrow.

4. Bitcoin wallet for android (schildbatch wallet) exports the backup file, but first the user must choose a password, the exported file can be protected by a PIN or not and can be decrypted via the openSSL Linux terminal, but if it has been encrypted also with a PIN, you must use bitcoinj's Wallet-tools.

I used all the wallets mentioned.

[BlackHatCoiner]

If you want to make encrypted digital backups

Why would you want that? The title of this thread has to do with securing your seed phrase. Backing up your wallet file is, first and foremost, another topic, and secondly, worse comparably to simply sticking with the seed phrase.

Yes, you're right. Although I knew this detail, I didn't make it very clear. I think extended words is the best definition.

Just to avoid any potential confusion.

• BIP39 passphrase does not encrypt, it is an extension of the seed phrase. All BIP39 seed phrases have an empty ("") passphrase by default, and you can choose to extend that.
• Wallet passwords are used to encrypt wallet files (such as Electrum's password), but as I already said, that's going off-topic.

[apogio]

• BIP39 passphrase does not encrypt, it is an extension of the seed phrase. All BIP39 seed phrases have an empty ("") passphrase by default, and you can choose to extend that.

I think that technically, BIP39 uses the word "mnemonic" as the default salt.
Then we can add an optional passphrase which will be appended to the word "mnemonic".

So, not adding a passphrase will lead to parsing 12 words (seedphrase) + "mnemonic" (salt) from the PBKDF2 algorithm.

If we added a passphrase, it would lead to parsing 12 words (seedphrase) + "mnemonic"  + "secret passphrase" from the PBKDF2 algorithm.

[Forsyth Jones]

• BIP39 passphrase does not encrypt, it is an extension of the seed phrase. All BIP39 seed phrases have an empty ("") passphrase by default, and you can choose to extend that.
• Wallet passwords are used to encrypt wallet files (such as Electrum's password), but as I already said, that's going off-topic.

I had already understood this and always knew it.

The seed phrase is encrypted in the keystore of the aforementioned wallets with the password chosen by the user. See that I used the term 'password' for Keystore encryption so as not to confuse it with the term "Passphrase" from BIP39 which generates a new wallet using this as a "salt" on top of the seed phrase. OK?

Why is this getting off topic since I suggested a viable and secure alternative of encrypting the file containing the electrum wallet, sparrow etc? Using these as an additional alternative (one thing does not exclude the other, you can opt for both) backup and not only write down 12 readable words that anyone with access to this could see and try to import to steal the funds (if the funds don't are allocated in a hidden wallet generated by the BIP39 passphrase).

Encrypted keystore files you can save digitally and can use them to recover as well while the wallet seed phrase should not be stored digitally.

Keystores are very easy to replicate, facilitating the backup process and saving to pen drives in geographically different and distant locations.

Of course, we must always keep a physical copy of the seed phrase written down on paper, steel plates, etc. As I said, one thing does not exclude the other. However, it varies depending on each person's paranoia, if the person is afraid of having their funds stolen, they can use the BIP-39 passphrase and the method I mentioned in this topic: encrypted backups (in the same way as the wallet backup works bitcoin core, electrum, etc.).