Topic: [100 dots] seed phrase backup (Read 730 times)

How is it “who's going to notice”? Now I’m definitely going to look more closely at family photos with fences.

This method has a small flaw: a family photo. Surely it will be on paper. And as you all already know, the photo is applied to paper, which is very sensitive to the effects of fire and water, and here we come to the same problem that arises when saving a paper wallet.

Solution: Engrave (artistic or laser engraving) a "some family pictures in the garden" on metal?

It seems that we are overcomplicating the system and returning to the same original starting point (or dot).


Encrypt data not with a fence, but with patterns on a metal miniature.

I think the most problem will be in  the choice of the quantity of planks in you fence. If you choose it  exactly 256 it would be too bad. To disguise the real thing you should attach to the meaningful part of it  the fake "prefix"  consisting of N planks  and fake "suffix"  of M planks and use on them the same mix of screws as sensitive section holds.

There is actually a good argument for being able to remember a passphrase if you use a hardware wallet.

Most hardware wallets will let you apply a passphrase to the seed phrase which is already stored within the device, without having to re-enter the seed phrase. So if you have your hardware wallet with you, then if you remember (one or more of) your passphrase(s), then you can access your hidden wallets. Even if you are just using your hardware wallet at home, it means you don't have to go and dig out your back up.

I'm a big proponent of not relying on your memory for anything, and you should definitely have your passphrase backed up on paper separate to your seed phrase in at least two locations. However, I have more than one passphrase which I have entered in to various hardware wallets often enough that I can remember it, despite it being long and complicated. The same holds true for a number of different decryption keys, since all my devices use full disk encryption. Although all of these are backed up on paper, it would be a real pain to have to go and retrieve a back up every time I turned on my computer.

Not bad, not bad at all Slotted is 1, Allen is 0.

On second thought: doesn't that stand out much more than a slightly uneven fence? I mean: I've seen thousands of uneven fences, but I've never seen different screws in all planks. Then again, I never look that close either

The beauty is in simplicity.  Instead of using different planks you could simply use them all of equal length, say 200 cm but fixed at different height, say 190 cm to represent 0 and 191 to serve as 1. One more method - all planks are equal in length, all of them are fixed at same  level  but with screws differing with head style or drive types needed. The choice is virtually unlimited to represent both 0 and 1. Slotted looks natural for 1 while Socked - for 0.

I do! 

However I will not remember them in the future. And I will not remember my passphrase in the future. I back it up so I don't need to remember it.

Anyway, it's not the best discussion since I agree with both of you and I find it difficult to argue on behalf of other people  :-p

I'll throw in a counter argument: what's the point of remembering the passphrase, if you don't remember the seed words it belongs to?

Yeap that's what I thought and why I asked. Thanks


Everyone will agree with what you say. However, without talking about my passphrase, one would argue that it's better to have a "long" passphrase (including lowercase, uppercase, numbers, and symbols) but that is also "easier" to remember. Isn't it true? I mean, going for something like "29$_918jHlahq2)814nd000qhh<>ajL" is perfect, but you must back it up perfectly and forget any chances to "remember" it. You will ask, why remember it when you can just note it down twice? Correct! But it's good to have also have a chance of remembering it if needed.

I wouldn't trust a site that gives such a terrible estimate.

For password strength, it helps a lot to have many rounds of encryption. Keepass back in the days allowed to manually set the number of rounds. If it takes 1 second to unlock your data, it also takes 1 second for each try. Brute-force resistance is one of the great things of BIP38 encryption. I'd love to see a similar standard for encrypting seed phrases.

So on examination, it seems all that site is doing is making sets of "lowercase", "uppercase", "numbers", "symbols", and then calculating a strength based on number of characters and number of different sets you use. So any string of 9 characters including lowercase letters and symbols will be given the exact same strength. For example, this string "~gm$r!)zf" is also given 1 month and 6 hours, despite being significantly more secure than "stay away". So yeah, a poor way of calculating password strength.

I've never really used password strength sites like this, but a quick search found another one which does take in to account dictionary words - https://www.passwordmonster.com/
For "stay away" it gives 114 seconds, and correctly identifies two dictionary words.
For "~gm$r!)zf" it gives 931 years.

However, this also seems very inaccurate to me. With 26 lowercase letters and 33 symbols in the standard ASCII set, then that second password has 59⁹ combinations, which is around 53 bits. There is no way it would take almost 1,000 years to crack a 53 bit password.

The best passwords, and the most accurate way of calculating strength, are those which are completely random and draw from lowercase, uppercase, numbers, and symbols, without any patterns. Then you can simply do 95^x, where x is the length of your password. A 20 character password of this format gives you >128 bits of security, which is what you should be aiming for. As soon as you replace a string of those characters with a dictionary word, then how much this decreases your security is unpredictable.

Having seen that, I don't want to create a separate topic for this (unless Loyce wants me to), but I want to define what a strong passphrase means and add a question. I will not discover the wheel, but I will add some examples.

Personally, I currently have a wallet and I have set a passphrase which is longer than 20 characters and it includes all types of characters (small, capital, numbers, symbols). I think this is a super strong passphrase and of course I keep double backup (separate from the seed).

I believe this website gives a good estimation of how long it would take to crack a passphrase: https://random-ize.com/how-long-to-hack-pass/ , but I also want your opinion. I didn't put my passphrase and I didn't try anything similar or close to my passphrase.

Let me give examples.

1. "stayaway" - 1 min 13 sec
2. "StAyAwaY" - 5 hrs 13 min
3. "stay away" - 1 month 6 hrs
4. "StAy AwaY" - 2 years 4 months
5. "St4y Aw4Y" - 6 years 5 months
6. "stayawayfromme" - 730 years 6 months
7. "Stay Aw4y Fr0m Me" - 39555681645472620 years

Now my question is: This website doesn't seem to take into account dictionary attacks. Is there a website that can do both? I mean password number 3 (and perhaps more than this one) could be found much easier than brute-forcing.

Instead of wasting planks (and needing a bigger garden), you could simply use 2 different planks: 201 cm long means 1, 199 cm long means 0. The top and bottom will be uneven, and you don't need to follow any pattern. Recovering your seed phrase is as easy as measuring the length of 256 planks. You can plant nettles to discourage curious seed thiefs. Let's say you need it nettle seeds.
You'll need to maintain your fence though, once the planks start rotting your bits become inaccurate.

I'll allow it

I knew there's a catch and it will not please @apogio. 



To avoid ever so slightly but of course noticably rising planks when you have a sequence of consecutive 1s you could waste planks and always use two planks for one bit. A binary 1 is: shorter plank followed by longer plank; a binary 0 is: longer plank followed by shorter plank. That avoids unpleasant rising or falling staircase sequences. Who said it needs to be efficient encoding?


Some shades of pink will give you wiggle room for some more efficient and sophisticated encoding schemes.



That sounds like a neat idea actually and innocent looking picture backups are still possible, too. OK, we're now on to something...
 

Couldn't resist a slight detour from the main topic...

Only 128 planks? I was thinking of 256 (+1). But you can of course use the bottom for data storage too.

Here, people manage to sell their lack of craftsmanship as a style, so the totally uneven fence doesn't have to have small differences. It can be huge gaps.

The problem is that my wife will want to decide on the colors, and it's not going to be random. And if I let my daughter have her way, we'll end up with a pink house.

Ahh, now that's more interesting, although I can't think of anything worse than having to cut 128 boards all of slightly different but very specific lengths. And given that in any random 128 bit number you are highly likely to have at least seven 0s or seven 1s in a row, then you are going to end up with a highly uneven fence which would just annoy me every time I saw it.

Another suggestion would be different colors of tiles on your floor, bathroom or kitchen walls, etc. Bonus is that they are not going to be at far less risk of damage, and they can't be viewed by anyone walking or driving past your house.

I thought I covered that when I mentioned backups:
Or just duplicate the exact same fence pattern elsewhere. You now need a vacation home too.

You're assuming I'm using the existing fence as a source of randomness. I was thinking of creating the random string first, and then using a new fence to store the bits.

While you're at it, you can do a similar thing with bricks in your wall

I'm certain Loyce is joking, but if we're being this critical then the main flaw is that it's not actually random. Given that all your boards are going to vary around a mean height, then whenever you move in one direction the next step is statistically more likely to move in the opposite direction. Not just because if you've gone up you are therefore more likely to come back down, but also because you don't move in even steps and could have gone up to the highest board and therefore must come back down.

And so you are statistically more likely to have a 1 after a 0 than you are to have two 0s in a row. And if you do get two 0s in a row, then you are much more statistically likely to get a 1 than you are to get a third 0. And so on and vice versa.

Likely nobody, but can you be absolutely sure? My first impuls was: that's hiding a secret in plain sight with a pinch of security by obscurity. Anyway, I had a good laugh and I'll come to a severe flaw later in my post.



LOL, you definitely have a point here.


Now to the flaw of LoyceV's proposed storage method. There's a not so small risk that some idiot in a car or other vehicle runs into your fence and destroys a good portion of it. Some jerks could break some of your planks just for the fun of it (there are mad people out there, sometimes). You can continue to imagine all sorts of dangers to your fence. Did you implement some error correction planks that can cope with real life? I'm obviously not very serious.

"If you wish to make an apple pie seed phrase from scratch, you must first invent the universe buy a house with a garden."

- Carl Sagan LoyceV

Haha, so now I need to buy a house with a garden. And I thought bitcoin was easy.