Bitcoin Forum
July 08, 2026, 11:40:42 PM *
News: Latest Bitcoin Core release: 31.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Which allows 25th word...2/3 seed-split or 2/3 Shamir?  (Read 209 times)
ramptomili777 (OP)
Newbie
*
Offline

Activity: 2
Merit: 0


View Profile
June 30, 2026, 06:29:38 AM
 #1

My AI research suggested that 25th word can be done with 2/3 seed-splitting but not with 2/3 Shamir. Please confirm?

I would be using Trezor Safe 3.

I cannot fully trust the person who would have access to 2 of the 3 metal seed storage pieces, so I need to include a 25th word just in case they try something-which may rule out Shamir's method.
Charles-Tim
Legendary
*
Offline

Activity: 2338
Merit: 6434


Leading Crypto Sports Betting & Casino Platform


View Profile
June 30, 2026, 06:37:10 AM
 #2

It is the seed phrase that you can use to extended the 24 words seed phrase with addiction word called passphrase which is the 25th word, but I do not recommend seed splitting.

You can also learn about multisig wallet.

I cannot fully trust the person who would have access to 2 of the 3 metal seed storage pieces, so I need to include a 25th word just in case they try something-which may rule out Shamir's method.
If you can not fully trust them, why do you want to give them the seed phrase backup.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
coinlary
Sr. Member
****
Offline

Activity: 714
Merit: 262


Make decisions without looking back


View Profile
June 30, 2026, 07:41:36 AM
 #3

There's  no need to split it if you will be adding a passphrase .

Just give them a qhole seed  phrase, use something that can't  be guessed as your pass phrase and give it to another person that has no connection  in annyway to the first person .

You don’t  neeed to explain what it's all about either, just give it to them to keep it safe . Before oing that make sure you have extra copies of the seed and passphrase that you keep your self  hidden in your house and other preferred  location.

 If you have trust issue, my afvice is just to handle them yourself.

ABCbits
Legendary
*
Offline

Activity: 3654
Merit: 10184



View Profile
June 30, 2026, 08:00:58 AM
Merited by hosemary (2), Charles-Tim (1)
 #4

My AI research suggested that 25th word can be done with 2/3 seed-splitting but not with 2/3 Shamir. Please confirm?

I would be using Trezor Safe 3.

Since you use Trezor Safe 3, consider using SLIP39 specifically. It's standard created by Trezor itself, but passphrase/25th word support is limited.

Can I use a passphrase with my SLIP39 wallet?

Yes, you can use a passphrase with a SLIP39 wallet. However, you should be aware that this is an advanced feature which adds even more complexity to your setup.

If you send funds to a passphrase-protected wallet, you must have the correct passphrase to access them.

If you forget or lose the passphrase, you will not be able to access your funds!

Make sure you properly understand how the passphrase feature works before using it. Funds secured by a passphrase cannot be recovered if you lose the passphrase!

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits PREDICT..
█████████████████████████
█████████████████████████
███████████▀▀░░░░▀▀██████
██████████░░▄████▄░░████
█████████░░████████░░████
█████████░░████████░░████
█████████▄▀██████▀▄████
████████▀▀░░░▀▀▀▀░░▄█████
██████▀░░░░██▄▄▄▄████████
████▀░░░░▄███████████████
█████▄▄█████████████████
█████████████████████████
█████████████████████████
.
.WHERE EVERYTHING IS A MARKET..
█████
██
██







██
██
██████
Will Bitcoin hit $200,000
before January 1st 2027?

    No @1.15         Yes @6.00    
█████
██
██







██
██
██████

  CHECK MORE > 
ramptomili777 (OP)
Newbie
*
Offline

Activity: 2
Merit: 0


View Profile
June 30, 2026, 08:29:18 AM
 #5

If someone has the 24-word seed, couldn't they brute force the 25th word paraphrase?

There's  no need to split it if you will be adding a passphrase .

Just give them a qhole seed  phrase, use something that can't  be guessed as your pass phrase and give it to another person that has no connection  in annyway to the first person .

You don’t  neeed to explain what it's all about either, just give it to them to keep it safe . Before oing that make sure you have extra copies of the seed and passphrase that you keep your self  hidden in your house and other preferred  location.

 If you have trust issue, my afvice is just to handle them yourself.

Charles-Tim
Legendary
*
Offline

Activity: 2338
Merit: 6434


Leading Crypto Sports Betting & Casino Platform


View Profile
June 30, 2026, 08:33:01 AM
Last edit: July 03, 2026, 11:54:53 AM by Charles-Tim
Merited by Sammysmart001 (1)
 #6

If someone has the 24-word seed, couldn't they brute force the 25th word paraphrase?
It depends on how long the passphrase is. Characters that is 12 in length, having upper case and lower case alphabet, number and 1 other character will be hard to brute force. Some people can make it more longer as they backup the passphrase in different locations away from the seed phrase backup. More characters, harder and becoming impossible to brute force.

Edit:
For the OP to understand better.
You can use at least 12 characters with upper and lower case, number and other different characters. If other characters are not added, but just upper, lower cases and alphabet, it is also strong as it will 51 years to brute force but you can make it longer to make it more impossible to brute force.
I prefer using 30 characters.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
coinlary
Sr. Member
****
Offline

Activity: 714
Merit: 262


Make decisions without looking back


View Profile
June 30, 2026, 08:44:07 AM
 #7

If someone has the 24-word seed, couldn't they brute force the 25th word paraphrase?

~snip~
As it's been answered, it depends on what you use as your passphrase and how long it is.

Passphrase have one usefulness and it’s to give extra protection to your exposed seed, giving the seed out willingly doesn’t mean the person on the  other end knew you used a passphrase. Set an alert to know when  they become untrustworthy by  keeping a small change inside the wallet that they can withdraw so you can take immediate action regarding  your wallet(the one with passphrase) .

That’s why i said if you have trust issue then just handle it yourself instead of giving it to a third party. On the other hand, i believe you're  not planning  to give it to someone that will spend the remaining  of their lives trying to brute-force a passkey Smiley.

hosemary
Legendary
*
Offline

Activity: 3192
Merit: 7049



View Profile
June 30, 2026, 12:12:47 PM
 #8

You want to create a 2 of 3 slip39 seed and give someone access to twp out of the three shares? Am I getting you correctly?
If so, you are going to give that person full control over your funds. Why don't you go for a 3 of 3 slip39 seed, instead?

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits PREDICT..
█████████████████████████
█████████████████████████
███████████▀▀░░░░▀▀██████
██████████░░▄████▄░░████
█████████░░████████░░████
█████████░░████████░░████
█████████▄▀██████▀▄████
████████▀▀░░░▀▀▀▀░░▄█████
██████▀░░░░██▄▄▄▄████████
████▀░░░░▄███████████████
█████▄▄█████████████████
█████████████████████████
█████████████████████████
.
.WHERE EVERYTHING IS A MARKET..
█████
██
██







██
██
██████
Will Bitcoin hit $200,000
before January 1st 2027?

    No @1.15         Yes @6.00    
█████
██
██







██
██
██████

  CHECK MORE > 
Ambatman
Legendary
*
Offline

Activity: 1064
Merit: 1360


Don't tell anyone


View Profile WWW
July 01, 2026, 04:38:41 PM
 #9

You want to create a 2 of 3 slip39 seed and give someone access to twp out of the three shares? Am I getting you correctly?
If so, you are going to give that person full control over your funds. Why don't you go for a 3 of 3 slip39 seed, instead?
It wouldn't really change much if a passphrase is implemented and not shared.
And using the 2 of 3 while not the safest could be circumvent with the passphrase.
Not to mention it reduces the risk in case a portion is lost as long as the passphrase is intact.


I cannot fully trust the person who would have access to 2 of the 3 metal seed storage pieces, so I need to include a 25th word just in case they try something-which may rule out Shamir's method.
I'm curious why you want to perform something of such with Someone you don't trust
And what if the other party doesn't trust you.
They may ask of a 2 of 3 multisig.

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits PREDICT..
█████████████████████████
█████████████████████████
███████████▀▀░░░░▀▀██████
██████████░░▄████▄░░████
█████████░░████████░░████
█████████░░████████░░████
█████████▄▀██████▀▄████
████████▀▀░░░▀▀▀▀░░▄█████
██████▀░░░░██▄▄▄▄████████
████▀░░░░▄███████████████
█████▄▄█████████████████
█████████████████████████
█████████████████████████
.
.WHERE EVERYTHING IS A MARKET..
█████
██
██







██
██
██████
Will Bitcoin hit $200,000
before January 1st 2027?

    No @1.15         Yes @6.00    
█████
██
██







██
██
██████

  CHECK MORE > 
hosemary
Legendary
*
Offline

Activity: 3192
Merit: 7049



View Profile
July 01, 2026, 05:07:30 PM
Merited by coinlary (1)
 #10

You want to create a 2 of 3 slip39 seed and give someone access to twp out of the three shares? Am I getting you correctly?
If so, you are going to give that person full control over your funds. Why don't you go for a 3 of 3 slip39 seed, instead?
It wouldn't really change much if a passphrase is implemented and not shared.
You are right and I understand you, but why would you create a 2 of 3 SLIP39 seed phrase and give two shares to someone you don't trust? If OP is going to protect themselves with a passphrase anyway, there isn't any need to complicate things and they could simply use a BIP39 seed phrase, instead of SLIP39.

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits PREDICT..
█████████████████████████
█████████████████████████
███████████▀▀░░░░▀▀██████
██████████░░▄████▄░░████
█████████░░████████░░████
█████████░░████████░░████
█████████▄▀██████▀▄████
████████▀▀░░░▀▀▀▀░░▄█████
██████▀░░░░██▄▄▄▄████████
████▀░░░░▄███████████████
█████▄▄█████████████████
█████████████████████████
█████████████████████████
.
.WHERE EVERYTHING IS A MARKET..
█████
██
██







██
██
██████
Will Bitcoin hit $200,000
before January 1st 2027?

    No @1.15         Yes @6.00    
█████
██
██







██
██
██████

  CHECK MORE > 
Satofan44
Sr. Member
****
Offline

Activity: 434
Merit: 1142


Don't hold me responsible for your shortcomings.


View Profile
July 02, 2026, 11:09:04 PM
 #11

If someone has the 24-word seed, couldn't they brute force the 25th word paraphrase?
It depends on how long the passphrase is. Characters that is 8 in length, having upper case and lower case alphabet, number and 1 other character will be hard to brute force. Some people can make it more longer as they backup the passphrase in different locations away from the seed phrase backup. More characters, harder and becoming impossible to brute force.
What are you talking about? A 8 length passphrase can be brute-forced in minutes depending on the hardware capabilities of the attacker and efficiency of the implementation. If someone is going to use a passphrase and share a 24-word seed phrase with other people, then they should use a passphrase of length 20 or more, not less. Do not give insecure device, if someone shares their seed phrase and uses a passphrase of length 8 they have reduced their brute-force resistance by 99%.

Quote
Average Time to Crack — Modern GPU Rig
50 minutes
Against an 8-GPU offline rig at ~1 trillion guesses/sec on a fast hash like NTLM. A determined attacker could crack this in days.

https://countingmethods.com/password-security-tool/

You are right and I understand you, but why would you create a 2 of 3 SLIP39 seed phrase and give two shares to someone you don't trust? If OP is going to protect themselves with a passphrase anyway, there isn't any need to complicate things and they could simply use a BIP39 seed phrase, instead of SLIP39.
Depends on the details and threat model, but for most people you are going to be right. I think I have advocated this somewhere, people are doing security wrong because they have absolutely no idea what they are doing. You don't build the toughest bank vault in order to protect $50. The security must scale in accordance to the amount that is being protected. Any kind of overkill security by people who do not regularly deal with these things usually ends up in some disaster eventually.

Charles-Tim
Legendary
*
Offline

Activity: 2338
Merit: 6434


Leading Crypto Sports Betting & Casino Platform


View Profile
July 02, 2026, 11:41:48 PM
Last edit: July 03, 2026, 08:53:28 AM by Charles-Tim
 #12

If someone has the 24-word seed, couldn't they brute force the 25th word paraphrase?
It depends on how long the passphrase is. Characters that is 8 in length, having upper case and lower case alphabet, number and 1 other character will be hard to brute force. Some people can make it more longer as they backup the passphrase in different locations away from the seed phrase backup. More characters, harder and becoming impossible to brute force.
What are you talking about? A 8 length passphrase can be brute-forced in minutes depending on the hardware capabilities of the attacker and efficiency of the implementation. If someone is going to use a passphrase and share a 24-word seed phrase with other people, then they should use a passphrase of length 20 or more, not less. Do not give insecure device, if someone shares their seed phrase and uses a passphrase of length 8 they have reduced their brute-force resistance by 99%.
You can read what I posted again. In another words, 8 characters of easy to guess words can be easy to brute force. 8 characters that contains different characters like upper case, lower case, numbers and other characters like ';!?*$/@) is hard to brute force. More characters, harder to brute. More characters than the more, impossible to brute force. If I have to recommend the length of the passphrase and with different characters, I have recommended at least 30 characters to people despite that I know tech people recommend 16 to 20 of such characters.

Hard to brute force does not mean it can not be brute forced.
I still added more characters, harder to brute force.
More more characters, impossible to brute force.

Edit:
I have edited it to at least 12 characters that has upper case, lower case, numbers and other characters like ';!?*$/@). It can take over 5000 years to brute force this way which I see as impossible.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
dzungmobile
Hero Member
*****
Offline

Activity: 1316
Merit: 547



View Profile
July 03, 2026, 02:13:57 AM
 #13

My AI research suggested that 25th word can be done with 2/3 seed-splitting but not with 2/3 Shamir. Please confirm?

I cannot fully trust the person who would have access to 2 of the 3 metal seed storage pieces, so I need to include a 25th word just in case they try something-which may rule out Shamir's method.
Note that Shamir has shortcomings and you have to know about that too.
Shamir's Secret Sharing shortcomings

If it is not Shamir Secret Sharing Scheme, but only seed splitting, it's very bad idea and practice.
Bitcoin Q&A: Why is Seed Splitting a Bad Idea?

Satofan44
Sr. Member
****
Offline

Activity: 434
Merit: 1142


Don't hold me responsible for your shortcomings.


View Profile
July 03, 2026, 11:50:37 AM
 #14

It depends on how long the passphrase is. Characters that is 8 in length, having upper case and lower case alphabet, number and 1 other character will be hard to brute force. Some people can make it more longer as they backup the passphrase in different locations away from the seed phrase backup. More characters, harder and becoming impossible to brute force.
What are you talking about? A 8 length passphrase can be brute-forced in minutes depending on the hardware capabilities of the attacker and efficiency of the implementation. If someone is going to use a passphrase and share a 24-word seed phrase with other people, then they should use a passphrase of length 20 or more, not less. Do not give insecure device, if someone shares their seed phrase and uses a passphrase of length 8 they have reduced their brute-force resistance by 99%.
You can read what I posted again. In another words, 8 characters of easy to guess words can be easy to brute force. 8 characters that contains different characters like upper case, lower case, numbers and other characters like ';!?*$/@) is hard to brute force. More characters, harder to brute. More characters than the more, impossible to brute force. If I have to recommend the length of the passphrase and with different characters, I have recommended at least 30 characters to people despite that I know tech people recommend 16 to 20 of such characters.

Hard to brute force does not mean it can not be brute forced.
I still added more characters, harder to brute force.
More more characters, impossible to brute force.

Edit:
I have edited it to at least 12 characters that has upper case, lower case, numbers and other characters like ';!?*$/@). It can take over 5000 years to brute force this way which I see as impossible.
I did, that is why I replied to it. As a native English speaker, if I misunderstand your post and derive a different meaning from it then you have intended then this is a note for you that the writing is flawed and should be corrected. The way that you have initially written it and the way that it read is that passphrases of length 8 will be hard to brute force, which is entirely incorrect -- I can brute force it at home in a short amount of time. Therefore your revision to 12 characters is much better. Keep in mind that the estimated time to brute force scales with the attacking hardware, software AND time. If you get an estimate of over 5000 years today, this does not mean this is true for every possible attacker and it is limited to the estimate from the standpoint of today. In 10 years this 5000 years may drop to 2000 years or even less depending on what happens with technology and breakthroughs during that time.

Nevertheless, while for most users a 12 character passphrase would be good I would still not recommend it in the case that is presented here where the seed phrase is completely exposed. Many people fail to understand that even if you leave a seed phrase to a "trusted party", in terms of security and the change in the threat model is it equal to general exposing. You lose the security that comes from having both, since now somebody (no matter how "trusted" they are) has 1 part of the combination.

If it is not Shamir Secret Sharing Scheme, but only seed splitting, it's very bad idea and practice.
Bitcoin Q&A: Why is Seed Splitting a Bad Idea?
Funny dogma this is, I have been doing this successfully for decade for things unrelated to seed phrases (and in recent history for seed phrases) and we have even been doing that in the context of security work. The right lesson is not "X method is always bad" as that is pure dogma, the right lesson is: Any method is bad when used incorrectly by someone who does not understand it. "Being able to use it" is not equal to "understanding it". Issues happen because of a lack of understanding -- therefore, someone who knows what they are doing can use seed splitting in a better and safer way than someone who does not know what they are doing can use SSSS, multi-signature or whatever else you suggest to them.

Education and capability is key, not the method.



Note that Shamir has shortcomings and you have to know about that too.
Shamir's Secret Sharing shortcomings (https://blog.casa.io/shamirs-secret-sharing-security-shortcomings/)
Most of these shortcomings are irrelevant to most people who would try using SSSS, "inability to revoke" a joke at best. Furthermore, it has "complexity" twice, once as social and once as technical -- as if multisignature does not have any complexity in its implementation or whatever else he is recommending.  Roll Eyes

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!