Topic: 3 seed words + passphrase (Read 829 times)

Isn’t it easier to memorize those 12 or 24 words than to  memorize something that has special characters? Because you can’t use a simple word as it would be easier to hack through. What you’re proposing could work but you know pretty much that it isn’t as strong as the 12/24 words. If I was asked to choose, I’d stick with the 12/24 words because not only do you have to guess the words (which you can’t), you have to guess their order correctly. Unless we make super super computers soon, nothing can do such multiple tries in a short time.

You are underestimating lots of hackers.

There are so much ways for a hacker to infiltrate your device and steal your password. The three seed phrase can be easily guessed and so does the password. It will maybe take quite a long time but I don’t see any reason why it could be impossible.

The thing is no matter how long your password maybe or word phrase if you can't secure your credentials or yourself in internet then hackers could easily penetrate or hack your wallet or anything that they could access to you, in this modern world where everything is in internet many people are increasing their screen time more. So if you will want a different system of word phrase or password it will be difficult to implement as it is the normal norms now or the current system anyway its up to you on how will you keep sake your credentials and accounts.

I have never been made aware of any wallet that has just 3 seed words, unless am proven wrong, I have only seen and known of 12 and 24 seed phrases of which one has to be constantly login in or have them written down or saved on a device before one can login into their wallet before even having an idea of the correctness of the words.

While 3 seed phrases ain't a bad idea, and it allows the owner of the wallet ease to memorize them and use at their frequency, it would be easily hacked into thats why it may not be a good idea of choice for large coin investors or long term HoDLers.

the 12 word length standard is the accepted standard in 95% of wallets, what guarantee do u have that a seed of just 3 words will be accepted by other wallets? Understand that this causes the versatility of the backup to be lost, being limited to a few wallets that accept restoring a 3-word seed + passphrase.

Your passphrase must be long enough to compensate for the weak security of a 3-word seed, which creates another problem, how will you guarantee that you'll remember this passphrase when you need to restore funds? It's easier for you to follow the standard of at least 12 words and use a good passphrase using words + numbers and some symbols, thus striking a good balance between increasing security and avoiding forgetfulness.

I see that the only justification for choosing a seed of 3 words instead of 12 is to make it easier to remember, but there are safer ways to do this...

It's easy to memorize a seed of 12 words and some passphrases, but never rely solely on your brain due to the risk of amnesia, spread your backup geographically without giving obvious clues that it has anything to do with bitcoin.

@NeuroticFish - There was no reason.  And you might be correct, perhaps I should have started a new topic.  I don't post a lot on social media so I'm not in tune with all the nuances, proper etiquette, etc.  I had jumped onto this forum to ask a specific question about what the difference was between the TRADITIONAL Chinese BIP39 list and the SIMPLIFIED Chinese BIP39 list and which one would a Chinese person prefer?  Anyway, while on the board I happened across this post and since I had just finished completing a "Private Key Kit, which presents how you can hide your mnemonic seed phrases in plain sight", project that I have been working on since 2018, I was very familiar with what he was wanting to do.  So I decided to post.  I saw that it was old but my purpose was simply to send him a direct reply to his question.  So I saw no reason to resurrect the subject necessarily.  What's funny is that this morning after reading the replies I went back and read through the entire thread to get context on some of the quotes being presented in the replies.  I found that I had actually replied to this guy back in June of 2020.  When I wrote my post yesterday I had no idea I had already replied to this thread.  I guess that says something for my memory!  I'm definitely not getting any younger and I am realizing the importance of writing EVERYTHING down.  It just doesn't have to be written down in a straight forward manner.  While there are many forms of security I still believe mis-direction is a very effective form when securing your private key seed phrases.

I will add to my post - While having 3 words represent 128 bits of entropy is not really possible since it would require a mnemonic word list with over 17 Trillion words in it.  @casdinyard is correct that you could use 33 bits of entropy along with a PASSWORD and store some bitcoin in it.  I personally wouldn't recommend putting your life savings behind a Private Key created with only 33 bits of entropy.  But for spending money on a trip it might be fine.  Just FYI: Using 33 bits of entropy essentially gives you a Bitcoin Private Key that falls between 1 - 8,589,934,591.  While picking a number from 8 and one half billion numbers might take awhile there might be hacking groups out there that are monitoring bitcoin addresses created from the first few million numbers? Or even Billion numbers?  I don't really know?  I suppose a way to increase security would be to repeat the 3 words three more times therefore giving you 12 words.  And to improve security beyond that you could reverse the order of the 3 words, i.e. 1, 2, 3, 3, 2, 1, 1, 2, 3, 3, 2, 1.  Or, 1,1,1,1,2,2,2,2,3,3,3,3.  Or some other scheme to mix them up a bit.  Any which way you do it though I would not consider it a super secure wallet.  But probably O.K. to temporarily put bitcoin in for a trip.  Especially if you then add a Passphrase to the mnemonic phrase to secure it further.

I'm just so happy that Bitcoin exists.  The ability to mange my own money without having to rely on anybody else!  It's intoxicating!

Kresp

i would suggest you to make 12 words seed, but you can make multiple copies and leave it in few places


but your password can be something tricky

Honestly password strength is a trivial matter that only becomes a major playing factor in hacking when the person has an in-depth idea of who you are. Like even "statistically weak passwords" like Iloveyou or password has got some strength to them when you add numbers and punctuation marks, so as long as you don't put yourself out there and don't go out of your own way to give the people a general notion of who you are or how you think, you should be safe even with this 3 seed phrase plus password combo.

I'd argue that this is even safer than having us memorize or take note of a 12 word seed phrase, since this you can remember by heart without having to put it someplace else, only to misplace it if it's a paper wallet or send it to someone accidentally if you've kept your seed phrases on a text file like I always do. There's some personalization in it that is going to be a tough nut to crack without the use of advanced tools.

Out of all security options the 12 seed phrase is still king, but if it means I risk losing my wallet as well when I forget the seed phrase combination and the exact words I'd choose a "less safer" but more accessible option all day.

I've written this a lot and will continue to do so: now you are young and remembering 12 words is piece of cake. But what will happen in 10 years of not needing them? Or what happens if one gets a stroke (I hope not) or an accident with head injury (again, I hope not)? How will remembering work then?

Isn't it easier toy write it down and, if the amounts worth it, keep it very safe?


PS. What's the actual reason for this necro bump, @TheDigitalMan? Wouldn't have been more meaningful to make a new topic and link there this old one?

Lol. I know lots of people who say that they could remember
their passwords or whatever it is without writing it down because it is so
common and easy to remember but maybe that is the problem. It is so common
that it could be literally anything so it’s not memorable.

I find your post interesting.  I had similar questions when I first started diving down the rabbit hole of private keys and mnemonic seed phrases.  I wanted a way to create a seed phrase that I didn't have to write down.  To do what you are asking and preserve the same level of entropy you would need a mnemonic word list that was longer.  The current BIP39 mnemonic word list is 2048 words long.  It operates on the premise that you are writing down BASE 2048 numbers.  You can represent ANY number that could be a valid 128-bit Bitcoin Private Key using 12 words.  It takes 24 words to represent a 256-bit Bitcoin Private Key.  But if you increased the BASE of the numbering system.  And without doing some math I can't say exactly what it would need to be increased to...  but I am thinking 4 times what it is now to convert your 3 words to 12 words.  That's my off the cuff thinking but it might actually be different.  Anyway, assuming that then you would have to have a mnemonic word list that was 8,192 words long.  Obviously this could be done.  Then each word would represent 44 bits of entropy instead of the 11 that they currently represent.  3 words would represent 132 bits which is the 128 bits needed for the Private Key plus the 4 bits needed for the CHECKSUM value.  So your idea is achievable.  The first step would be to begin creating a longer mnemonic word list.  If you are serious about doing this I would be happy to collaborate with you and help you with it.

I have been working on a Private Key project that while not what you are trying to do is similar in some ways to what you are asking about.  I began in 2018 with the idea that I wanted to "Hide my Seed Phrases in Plain Sight".  The idea being that if anyone was able to acquire my seed phrase they could rob me of all my crypto.  Or at least all the crypto stored in that particular Private Key.  I launched a Kickstarter Campaign but the time was too early and we were in the midst of a bear market.  It went no where.  But I continued developing my concept.  I now have it close to completion and will be selling it soon.  During my 6 year journey developing this project I also developed a "seedless" Private Key method.  And by "seedless", I mean just that!  I have multiple stashes of bitcoin stored on the bitcoin network and NO SEED PHRASES written down for them.  There is method to my madness and I do have a few notes written down to ensure I don't totally forget how to access the bitcoin.  But these notes are not crypto related.  So anyone rummaging through my stuff wouldn't necessarily connect that those papers referred to my bitcoin.  Anyway, I don't want to give anything away regarding my personal crypto holdings but suffice it to say I am totally happy with my method.  I now have access to certain amounts of my crypto without carrying ANYTHING on me.  I don't need my notes unless I forget.  They are just a back up in case I get old and forget.

O.K. so I couldn't leave it alone.  I had to check if a BASE 8192 would work.  And it will!  So I will leave a short description of how you can accomplish what you want to do.

Step #1. You have to have a mnemonic word list that contains 8192 words.  You can create your own custom list but for purposes of my short tutorial here I am going to concatenate 4 of the 2028 BIP39 Word Lists off of Github.  There are 10 lists posted on Github in 9 different languages.  We're just going to use 4 of them.  ENGLISH + FRENCH + ITALIAN + SPANISH.  NOTE: The order is IMPORTANT!  The first word on the FRENCH list will represent word #2049.  Which brings up another wrinkle that must be addressed.  Word #1 on the ENGLISH list is really Word #0.  And the first word on the FRENCH list is really word #2048.  If you do not understand why this is then you probably shouldn't be doing this.  But suffice it to say the word lists should be numbered 0 thru 2047.  Not 1 thru 2048 like they are on Github.  So if you are going to do this I would recommend you copy all 4 lists off of Github and paste them into a text editor of your choice and re-number the entire list of 8,192 words.  The ENGLISH list should be 0 thru 2047.  Just subtract 1 from each number.  The FRENCH list should start with 2048 and run through 4095.  The ITALIAN list should start with 4096 and run through 6144.  And last the SPANISH list should start with 6145 and run through 8192.  It is ABSOLUTELY CRITICAL that these words have the proper number values associated with them!!!  NOTE: The 4 lists I am using I have arranged in alphabetical order.  This is to help ensure that you always arrange them in the correct order each time you go to re-assemble your 8192 mnemonic word list.

Step #2. Next step is to take your 12 or 24 word seed phrase and convert it into BINARY digits.  Here is how you will do that.  I will use the word list provided by "Pooya87". If you pull up the calculator on your Windows computer you can choose "Programming" option and pick "Decimal".  Put the decimal number into it and then pick "Binary".  It will convert your Decimal number into Binary.  I will do the conversions on these 12 words for you.  But I'm just trying to give you a helpful tip.  However, you are technically entering bits of your private key into your online computer if you do this.  So some die hard bitcoiners will tell you to manually calculate the conversion from decimal to binary.  I will leave it up to you how you handle that.  Just remember.  The conversions HAVE TO BE DONE CORRECTLY and ACCURATELY!!! Otherwise your new seed phrase will come out wrong.  I am going to list the DECIMAL number followed by the BINARY number and then followed by the WORD so that all the number digits will line up in nice neat columns.  The word lengths vary so I am putting the word on each row last.

legal winner thank year wave sausage worth useful legal winner thank yellow

#1019 - 01111111011 - legal (Note: On Github it is listed as word #1020.  But this is wrong.  The actual value represented by the word "legal" is 1019 when calculating a Private Key.)
#2015 - 11111011111 - winner
#1790 - 11011111110 - thank
#2039 - 11111110111 - year
#1983 - 11110111111 - wave
#1533 - 10111111101 - sausage
#2031 - 11111101111 - worth
#1919 - 11101111111 - useful
#1019 - 01111111011 - legal
#2015 - 11111011111 - winner
#1790 - 11011111110 - thank
#2040 - 11111111000 - yellow

Step #3. You now concatenate the BINARY numbers together into one long line that will be 132 BINARY digits long.  128 digits for the Private Key and 4 digits for the CHECKSUM.

0111111101111111011111110111111101111111011111110111111101111111011111110111111 10111111101111111011111110111111101111111011111111000

Step #4. You now have to pull off your 3 sets of 44 BINARY digits to create your 3 words.  Take the first 44, then the 2nd set of 44 and then the last 44.  Then convert the 44 digit BINARY number into a DECIMAL number.

01111111011111110111111101111111011111110111 - 08761598539767
11110111111101111111011111110111111101111111 - 17040274325375
01111111011111110111111101111111011111111000 - 08761598539768

Step #5.  Look up your new 3-word mnemonic phrase.  And this is where I am realizing I have errored in the number of words needed for the new mnemonic seed phrase list.  It is not 4 times the original amount but rather the original amount to the 4th power.  If you take 2048^4 this equals 17,592,186,044,416.  That is how many words you will need in your list in order to represent your 12 word seed phrase in just 3 words.

If you think O.K. I can remember 4 words.  Let's do 4 words instead of 3.  Then you would need 8,589,934,592 in your list.  That is over 8 BILLION WORDS!  To just cut the 12 words in half you would need 4,194,304 words.  Over 4 million words!

O.K. it was a fun exercise.  Hopefully you have enjoyed reading it as much as I enjoyed creating it! 
 
Kresp Rowland out.

18 characters alone is insane protection. Most passwords people use online are 6-12 digits. Using #$ upper and lower case makes it close to impossible. People don't hace your passwords directly they find them on your hdd or if you backup online or social engineering. There is no magical way to guess a password and there is not a program that can magically find passwords. Added to the fact you have the keyphrases. It's basically impossible to hack. I can't even remember what to buy when I fo the groceries so you could basically tell me your 12-word key and I would forget it while you were saying it...

Or Alzheimer's. Or dementia. Or trauma. Or sepsis. Or COVID. Or a thousand other things.

Agreed, that is cool. However, that doesn't mean you only need to store the seed phrase in your head. I have memorized the seed phrase to my mobile "day to day spending" wallet, so I could recover it without my phone in desperate situations, but I also have the seed phrase backed up on paper in two secure locations.

Relying solely on your memory is incredibly risky, not just for the seed phrase you have memorized, but for all your different "encoding" and "misdirection" methods. Even if you have the right 24 words but in the wrong order, you are looking at 600 billion trillion combinations. pooya87 is right - we see users regularly who have come up with their own system and can't remember how to reverse it, locked out of their coins forever.

Write down your seed on paper, store it somewhere secure, write down your passphrase(s) on a different piece(s) of paper, store it/them somewhere else secure.

saying you don't understand how something that is created by experts and reviewed by other experts and then not using it and instead using another thing you yourself create is just crazy. it is like saying i don't understand how airplanes work so i never get on one and build my own plane and use that while not having a clue what i am building.

worst thing you can do is also advise others to do the same!
most of the times when people think they've come up with their own "encryption" system they are either not adding any kind of meaningful security while doing the so called "encryption" or they have created something irreversible. i have seen so many users who did crazy things to their mnemonics and now after a couple of years they can't remember it and all their bitcoins are lost for good.

even if you are paranoid there are still better solutions. for a mnemonic (which is quite simply human readable encoding of an entropy) you can use a coin to flop or a 16 sided die to roll and create that entropy.
for storage and encryption there are secure encryption methods such as AES-256 that should be used.
anything else is most probably going to either be weak or could even be irreversible.

Not all people can memorize easily even a simple password, they still need to take it down or keep it in a place where they can easily get it if needed, so, what if they create 3 seed words and passphrase which is difficult to memorize. I think your opinion is just good for you because the mental capacity  of everyone to memorize something is different from each other. What if you memorized your password and the seed but after a year you are diagnose that have Alzheimer...what will happen to your account?

I agree. Hide it from airport police officers is very easy. Just write some of the words in your cell phone and memorize one or two of those words. Or just underline your 24/12 words in a book, something like that. Just to get past the airport police officers.

BIP39 is a very intelligent and resilient system imo. You can easily hide, backup, store, etc.

Bank's storage can be a valid place since it may be opened only by you or with your death certificate, afaik.

[/quote]

I thought the whole point of Bitcoin is be your own bank. If you have to store your seed in a bank storage, what is the point of having Bitcoin in the first place?
[/quote]

alexkrypto, I couldn't agree with you more.  Don't let all the hate you received on this post deter you.  It is not 100% clear to me how the "mnemonic phrase" and the "password phrase" get used in creating the final bitcoin private key and addresses.  I get that if no password were involved the 3-word mnemonic phrase would produce a less secure private key then a 6-word mnemonic phrase.  And I get what you are trying to achieve.  The whole point of bitcoin WAS so we wouldn't have to trust and use the banks!  I support your efforts and desire to completely cut the banks out of your life as much as possible!  Especially after how irresponsibly the FED has behaved this past year!  They can all... well I better not say.  But I am totally with you!  I have developed several methods myself and got a lot of hate when I tried to clarify certain aspects of my ideas as well.  I don't understand why most bitcoiners seem to think we have to walk the straight and narrow on proper protocol for securing your private bitcoin keys!  I think the metal plates to stamp your mnemonic keys into are stupid!  Unless the mnemonic key is encoded first!  None of my mnemonic keys are written down in the right order or even the right words.  Everything I do is encoded one way or another. I use mis-direction.  I use all kinds of methods!  The government nor the banks will ever get my crypto!  I am working on leaving some information that is written down behind for my kids after I die.  But they will first have to get the decryption keys that I will leave with my will.  Those will only decrypt the documents that explain where they can find the jump drives and other documents and decryption keys to finally decrypt the documents that will explain how to decrypt my mnemonic phrases.  Hopefully they will be able to properly follow the trail of breadcrumbs.  If not.  Oh well.  I'm not leaving my fortunes to the government or banks.  And if my grandkids are too stupid to figure it out.  I don't care if they get my money.  There will be a clear trail to follow.  It just won't be a trail that the Lawyers handling my will or the government will be able to follow.  Because you'll have to know certain things about me and my family.  About my past and whatnot.  Call me crazy!  I don't really care.  Carry on with your innovative ideas!  Nothing wrong with what you are trying to achieve.  I have several bitcents (0.01 BTC) stored in bitcoin addresses that exist ONLY IN MY HEAD.  I have written down some information that when properly decyphered will allow a family member to re-create the private key but I don't actually have the private key written down or stored anywhere.  Not even the mnemonic words.  Nothing!  It's all derived from information that I can remember easily and given a few hours I could sit down and reproduce the private key.  I have method to my madness.  I get that it's possible I could have a stroke and forget.  But I like the idea that if I were suddenly to find myself in a foreign country and needed funds.  I have them with me.  In my head.  All I have to do is find a bitcoin ATM.  Damn cool if you ask me!  And if those 7 or 8 bitcents get lost forever.  Oh well.  I've just increased the value of everyone elses bitcoin.  You're welcome!

I'd be happy to continue this discussion with you privately if you're interested in more ideas.  I'm not going to give away what I am doing but I think it's fun to discuss ideas of how bitcoin can be hidden in plain sight.

And for the record.  The first word of each sentence isn't that secure either.  Especially when there are exactly 24 random sentences???  I mean really?  The fact that they are random and disconnected would immediately make me suspicious that they were a mnemonic phrase.  I think there are better ways to disquise which words in a given paragraph of writing are the mnemonic words.  The writing should make sense.  There could be punctuation marks or just random things that would make the mnemonic phrase much less obvious. 

O.K. I'll get down off my soapbox now.  All the rest of the people in this thread of posts who think the OP has to write all his phrases down correctly and store them in a bank vault can leave now.  You can do what you want with your hard earned money.  I'm not trusting a bank to keep mine safe.

Kresp

Just 3 seed phrase will post a strong security threat because it's too weak, I feel the longer it's the more difficult it takes to decode.

I don't think any of these are real weaknesses of BIP39. Points 1 through 4 are essentially "You lose access to it by some means or other". This is entirely preventable by making multiple back ups, and one of your back ups being stolen won't immediately lead to loss of your coins as long as you are using a long and random passphrase. Point 5 is easily negated by storing it in a way that TSA agents don't know what it is, or memorizing the 12 seeds for the brief duration of crossing the border. Points 6 and 7 are nothing to do with BIP39, but to do with the Trezor wallet, and are entirely negated by using a passphrase.

What you are suggesting is essentially a brainwallet. We obviously can't stop you from using one, but there is a reason that every serious user of bitcoin thinks that brainwallets are a terrible idea. BIP39 was specifically created to be a secure and easy to use method of backing up your coins.

The flaw with that site is that if you enter a single number (such as 1), it assumes you are using all numerical digits and adds 10 to your character set. If you enter a single lowercase or uppercase letter, it adds 26 (or 52 if you use both) to your character set. Same idea for symbols.

This approach makes sense if your password or passphrase is truly random. It doesn't make sense if your password is something you have picked yourself and isn't random, such as a password based on a phrase with some substituted characters, as OP has done, or if you use a repeating digit as you have done. Both these passphrases are not as secure as that site makes them out to be.

Hackers don't want to crack some specific key, they just pre-generate lists of addresses with weak entropy, and then simply check if these addresses were used when a new block is found, and if they were, they instantly sweep the coins. They already do that with brainwallets, and as storage and computing power gets cheaper, it becomes more feasible to extend this method to target more sophisticated schemes.


That's a garbage site, I entered "11111111111111111111" and it said it's "reasonable".

And how is it easy to remember? If it's some sort of substitution scheme, like replacing O with 0, then it's easy to crack, if it's truly random (which can only be generated by some rng and not human mind), then it's really hard to memorize and you will forget it unless your repeat it multiple times per day every single day.

Compared to that, mnemonic seeds have guaranteed sufficient entropy and they are easy to remember because our brains are good at remembering natural words in sequences.

Actually everything has to be written down - seed words and password - even if it's something very simple.

I've seen cases when people got a stroke and forgot even to walk and of course even their kids' names (!).
One has to think / plan for long term and what I've said can happen because of a car or motorcycle crash too, so it's not age related.


You can keep the seed written onto paper buried between many other useful and / or useless papers. Most people will not know what's that and what to use it for.
Or you can write here and there onto the pages of a book your seed words.
I mean that a seed has to be written down and it's not too difficult to hide in plain sight.

"!Went>P@r!$&be$tmem0ryev_r" is a good password, but a 12-word or 24-word random seed is more secure. As @pooya87 stated, a password must be weakened in order to be memorizable. Your idea may work for you, but it cannot be recommended for general use.

then that's another problem. almost always, these two can not be achieved together.
people aren't known to be able to create strong passwords. to be able to remember their passwords they always end up with weak ones that could be guessed in most cases.
and if the password were strong (truly random) then it can't be memorized over long term. they still have to write it down so that they won't forget it (after like in a year), and if they are writing it down then why not use the method that is already tested and is considered safe meaning BIp-39?