Pages:
Author

Topic: [100 dots] seed phrase backup (Read 798 times)

legendary
Activity: 1792
Merit: 1296
Playbet.io - Crypto Casino and Sportsbook
October 12, 2023, 04:40:04 PM
#72
~snip
You can easily create a backup by taking some family pictures in the garden.
Who's going to notice? Cheesy And who's going to look for patters that could be seed phrases everywhere now? Cheesy
How is it “who's going to notice”? Now I’m definitely going to look more closely at family photos with fences. Smiley

This method has a small flaw: a family photo. Surely it will be on paper. And as you all already know, the photo is applied to paper, which is very sensitive to the effects of fire and water, and here we come to the same problem that arises when saving a paper wallet.

Solution: Engrave (artistic or laser engraving) a "some family pictures in the garden" on metal? Smiley

It seems that we are overcomplicating the system and returning to the same original starting point (or dot).


Encrypt data not with a fence, but with patterns on a metal miniature. Wink
hero member
Activity: 714
Merit: 1298
October 11, 2023, 01:09:39 PM
#71

On second thought: doesn't that stand out much more than a slightly uneven fence? I mean: I've seen thousands of uneven fences, but I've never seen different screws in all planks. Then again, I never look that close either Undecided

I think the most problem will be in  the choice of the quantity of planks in you fence. If you choose it  exactly 256 it would be too bad. To disguise the real thing you should attach to the meaningful part of it  the fake "prefix"  consisting of N planks  and fake "suffix"  of M planks and use on them the same mix of screws as sensitive section holds.
legendary
Activity: 2268
Merit: 18771
October 11, 2023, 12:45:34 PM
#70
I'll throw in a counter argument: what's the point of remembering the passphrase, if you don't remember the seed words it belongs to?
There is actually a good argument for being able to remember a passphrase if you use a hardware wallet.

Most hardware wallets will let you apply a passphrase to the seed phrase which is already stored within the device, without having to re-enter the seed phrase. So if you have your hardware wallet with you, then if you remember (one or more of) your passphrase(s), then you can access your hidden wallets. Even if you are just using your hardware wallet at home, it means you don't have to go and dig out your back up.

I'm a big proponent of not relying on your memory for anything, and you should definitely have your passphrase backed up on paper separate to your seed phrase in at least two locations. However, I have more than one passphrase which I have entered in to various hardware wallets often enough that I can remember it, despite it being long and complicated. The same holds true for a number of different decryption keys, since all my devices use full disk encryption. Although all of these are backed up on paper, it would be a real pain to have to go and retrieve a back up every time I turned on my computer. Tongue
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 11, 2023, 12:44:54 PM
#69
screws differing with head style or drive types needed.
Not bad, not bad at all Cheesy Slotted is 1, Allen is 0.

On second thought: doesn't that stand out much more than a slightly uneven fence? I mean: I've seen thousands of uneven fences, but I've never seen different screws in all planks. Then again, I never look that close either Undecided
hero member
Activity: 714
Merit: 1298
October 11, 2023, 12:37:31 PM
#68

Instead of wasting planks (and needing a bigger garden), you could simply use 2 different planks: 201 cm long means 1, 199 cm long means 0. T



The beauty is in simplicity.  Instead of using different planks you could simply use them all of equal length, say 200 cm but fixed at different height, say 190 cm to represent 0 and 191 to serve as 1. One more method - all planks are equal in length, all of them are fixed at same  level  but with screws differing with head style or drive types needed. The choice is virtually unlimited to represent both 0 and 1. Slotted looks natural for 1 while Socked - for 0.


hero member
Activity: 560
Merit: 1060
October 11, 2023, 12:18:02 PM
#67
I'll throw in a counter argument: what's the point of remembering the passphrase, if you don't remember the seed words it belongs to?

I do!  Tongue

However I will not remember them in the future. And I will not remember my passphrase in the future. I back it up so I don't need to remember it.

Anyway, it's not the best discussion since I agree with both of you and I find it difficult to argue on behalf of other people  :-p
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 11, 2023, 12:15:19 PM
#66
Everyone will agree with what you say. However, without talking about my passphrase, one would argue that it's better to have a "long" passphrase (including lowercase, uppercase, numbers, and symbols) but that is also "easier" to remember. Isn't it true? I mean, going for something like "29$_918jHlahq2)814nd000qhh<>ajL" is perfect, but you must back it up perfectly and forget any chances to "remember" it. You will ask, why remember it when you can just note it down twice? Correct! But it's good to have also have a chance of remembering it if needed.
I'll throw in a counter argument: what's the point of remembering the passphrase, if you don't remember the seed words it belongs to?
hero member
Activity: 560
Merit: 1060
October 11, 2023, 12:09:32 PM
#65
3. "stay away" - 1 month 6 hrs
I wouldn't trust a site that gives such a terrible estimate.
Yeap that's what I thought and why I asked. Thanks

The best passwords, and the most accurate way of calculating strength, are those which are completely random and draw from lowercase, uppercase, numbers, and symbols, without any patterns. Then you can simply do 95x, where x is the length of your password. A 20 character password of this format gives you >128 bits of security, which is what you should be aiming for. As soon as you replace a string of those characters with a dictionary word, then how much this decreases your security is unpredictable.

Everyone will agree with what you say. However, without talking about my passphrase, one would argue that it's better to have a "long" passphrase (including lowercase, uppercase, numbers, and symbols) but that is also "easier" to remember. Isn't it true? I mean, going for something like "29$_918jHlahq2)814nd000qhh<>ajL" is perfect, but you must back it up perfectly and forget any chances to "remember" it. You will ask, why remember it when you can just note it down twice? Correct! But it's good to have also have a chance of remembering it if needed.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 11, 2023, 05:49:58 AM
#64
3. "stay away" - 1 month 6 hrs
I wouldn't trust a site that gives such a terrible estimate.

For password strength, it helps a lot to have many rounds of encryption. Keepass back in the days allowed to manually set the number of rounds. If it takes 1 second to unlock your data, it also takes 1 second for each try. Brute-force resistance is one of the great things of BIP38 encryption. I'd love to see a similar standard for encrypting seed phrases.
legendary
Activity: 2268
Merit: 18771
October 11, 2023, 04:45:59 AM
#63
Now my question is: This website doesn't seem to take into account dictionary attacks. Is there a website that can do both? I mean password number 3 (and perhaps more than this one) could be found much easier than brute-forcing.
So on examination, it seems all that site is doing is making sets of "lowercase", "uppercase", "numbers", "symbols", and then calculating a strength based on number of characters and number of different sets you use. So any string of 9 characters including lowercase letters and symbols will be given the exact same strength. For example, this string "~gm$r!)zf" is also given 1 month and 6 hours, despite being significantly more secure than "stay away". So yeah, a poor way of calculating password strength.

I've never really used password strength sites like this, but a quick search found another one which does take in to account dictionary words - https://www.passwordmonster.com/
For "stay away" it gives 114 seconds, and correctly identifies two dictionary words.
For "~gm$r!)zf" it gives 931 years.

However, this also seems very inaccurate to me. With 26 lowercase letters and 33 symbols in the standard ASCII set, then that second password has 599 combinations, which is around 53 bits. There is no way it would take almost 1,000 years to crack a 53 bit password.

The best passwords, and the most accurate way of calculating strength, are those which are completely random and draw from lowercase, uppercase, numbers, and symbols, without any patterns. Then you can simply do 95x, where x is the length of your password. A 20 character password of this format gives you >128 bits of security, which is what you should be aiming for. As soon as you replace a string of those characters with a dictionary word, then how much this decreases your security is unpredictable.
hero member
Activity: 560
Merit: 1060
October 10, 2023, 02:22:01 PM
#62
Provided your passphrases are strong enough. You strike me as someone who does indeed use long and complex passphrases, but as we know many people use weak passwords, use names or dates, reuse passwords across multiple accounts, and so on, and the same applies to wallet passphrases as well.

Having seen that, I don't want to create a separate topic for this (unless Loyce wants me to), but I want to define what a strong passphrase means and add a question. I will not discover the wheel, but I will add some examples.

Personally, I currently have a wallet and I have set a passphrase which is longer than 20 characters and it includes all types of characters (small, capital, numbers, symbols). I think this is a super strong passphrase and of course I keep double backup (separate from the seed).

I believe this website gives a good estimation of how long it would take to crack a passphrase: https://random-ize.com/how-long-to-hack-pass/ , but I also want your opinion. I didn't put my passphrase and I didn't try anything similar or close to my passphrase.

Let me give examples.

1. "stayaway" - 1 min 13 sec
2. "StAyAwaY" - 5 hrs 13 min
3. "stay away" - 1 month 6 hrs
4. "StAy AwaY" - 2 years 4 months
5. "St4y Aw4Y" - 6 years 5 months
6. "stayawayfromme" - 730 years 6 months
7. "Stay Aw4y Fr0m Me" - 39555681645472620 years

Now my question is: This website doesn't seem to take into account dictionary attacks. Is there a website that can do both? I mean password number 3 (and perhaps more than this one) could be found much easier than brute-forcing.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 10, 2023, 05:27:08 AM
#61
To avoid ever so slightly but of course noticably rising planks when you have a sequence of consecutive 1s you could waste planks and always use two planks for one bit. A binary 1 is: shorter plank followed by longer plank; a binary 0 is: longer plank followed by shorter plank. That avoids unpleasant rising or falling staircase sequences. Who said it needs to be efficient encoding?
Instead of wasting planks (and needing a bigger garden), you could simply use 2 different planks: 201 cm long means 1, 199 cm long means 0. The top and bottom will be uneven, and you don't need to follow any pattern. Recovering your seed phrase is as easy as measuring the length of 256 planks. You can plant nettles to discourage curious seed thiefs. Let's say you need it nettle seeds.
You'll need to maintain your fence though, once the planks start rotting your bits become inaccurate.

Quote
Couldn't resist a slight detour from the main topic...
I'll allow it Smiley
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
October 09, 2023, 03:48:59 PM
#60
Or just duplicate the exact same fence pattern elsewhere. You now need a vacation home too.

I knew there's a catch and it will not please @apogio.  Cheesy


Only 128 planks? I was thinking of 256 (+1). But you can of course use the bottom for data storage too.

To avoid ever so slightly but of course noticably rising planks when you have a sequence of consecutive 1s you could waste planks and always use two planks for one bit. A binary 1 is: shorter plank followed by longer plank; a binary 0 is: longer plank followed by shorter plank. That avoids unpleasant rising or falling staircase sequences. Who said it needs to be efficient encoding?


And if I let my daughter have her way, we'll end up with a pink house.
Some shades of pink will give you wiggle room for some more efficient and sophisticated encoding schemes.


While you're at it, you can do a similar thing with bricks in your wall Cheesy

That sounds like a neat idea actually and innocent looking picture backups are still possible, too. OK, we're now on to something...
 Grin Grin Grin

Couldn't resist a slight detour from the main topic...
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 09, 2023, 09:26:02 AM
#59
Ahh, now that's more interesting, although I can't think of anything worse than having to cut 128 boards all of slightly different but very specific lengths.
Only 128 planks? I was thinking of 256 (+1). But you can of course use the bottom for data storage too.

Quote
And given that in any random 128 bit number you are highly likely to have at least seven 0s or seven 1s in a row, then you are going to end up with a highly uneven fence which would just annoy me every time I saw it. Tongue
Here, people manage to sell their lack of craftsmanship as a style, so the totally uneven fence doesn't have to have small differences. It can be huge gaps.

Quote
Another suggestion would be different colors of tiles on your floor, bathroom or kitchen walls, etc. Bonus is that they are not going to be at far less risk of damage, and they can't be viewed by anyone walking or driving past your house.
The problem is that my wife will want to decide on the colors, and it's not going to be random. And if I let my daughter have her way, we'll end up with a pink house.
legendary
Activity: 2268
Merit: 18771
October 09, 2023, 08:08:44 AM
#58
You're assuming I'm using the existing fence as a source of randomness. I was thinking of creating the random string first, and then using a new fence to store the bits.
Ahh, now that's more interesting, although I can't think of anything worse than having to cut 128 boards all of slightly different but very specific lengths. And given that in any random 128 bit number you are highly likely to have at least seven 0s or seven 1s in a row, then you are going to end up with a highly uneven fence which would just annoy me every time I saw it. Tongue

Another suggestion would be different colors of tiles on your floor, bathroom or kitchen walls, etc. Bonus is that they are not going to be at far less risk of damage, and they can't be viewed by anyone walking or driving past your house.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 09, 2023, 06:14:58 AM
#57
Now to the flaw of LoyceV's proposed storage method. There's a not so small risk that some idiot in a car or other vehicle runs into your fence and destroys a good portion of it. Some jerks could break some of your planks just for the fun of it (there are mad people out there, sometimes). You can continue to imagine all sorts of dangers to your fence. Did you implement some error correction planks that can cope with real life?
I thought I covered that when I mentioned backups:
You can easily create a backup by taking some family pictures in the garden.
Or just duplicate the exact same fence pattern elsewhere. You now need a vacation home too.

I'm certain Loyce is joking, but if we're being this critical then the main flaw is that it's not actually random. Given that all your boards are going to vary around a mean height, then whenever you move in one direction the next step is statistically more likely to move in the opposite direction.
You're assuming I'm using the existing fence as a source of randomness. I was thinking of creating the random string first, and then using a new fence to store the bits.

While you're at it, you can do a similar thing with bricks in your wall Cheesy
legendary
Activity: 2268
Merit: 18771
October 09, 2023, 04:09:47 AM
#56
Now to the flaw of LoyceV's proposed storage method.
I'm certain Loyce is joking, but if we're being this critical then the main flaw is that it's not actually random. Given that all your boards are going to vary around a mean height, then whenever you move in one direction the next step is statistically more likely to move in the opposite direction. Not just because if you've gone up you are therefore more likely to come back down, but also because you don't move in even steps and could have gone up to the highest board and therefore must come back down.

And so you are statistically more likely to have a 1 after a 0 than you are to have two 0s in a row. And if you do get two 0s in a row, then you are much more statistically likely to get a 1 than you are to get a third 0. And so on and vice versa.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
October 08, 2023, 02:12:29 PM
#55
...
Who's going to notice? Cheesy And who's going to look for patters that could be seed phrases everywhere now? Cheesy

Likely nobody, but can you be absolutely sure? My first impuls was: that's hiding a secret in plain sight with a pinch of security by obscurity. Anyway, I had a good laugh and I'll come to a severe flaw later in my post.


Haha, so now I need to buy a house with a garden. And I thought bitcoin was easy.

LOL, you definitely have a point here.


Now to the flaw of LoyceV's proposed storage method. There's a not so small risk that some idiot in a car or other vehicle runs into your fence and destroys a good portion of it. Some jerks could break some of your planks just for the fun of it (there are mad people out there, sometimes). You can continue to imagine all sorts of dangers to your fence. Did you implement some error correction planks that can cope with real life? I'm obviously not very serious.
legendary
Activity: 2268
Merit: 18771
October 04, 2023, 12:37:14 PM
#54
"If you wish to make an apple pie seed phrase from scratch, you must first invent the universe buy a house with a garden."

- Carl Sagan LoyceV
hero member
Activity: 560
Merit: 1060
October 04, 2023, 11:08:50 AM
#53
While watching old episodes of Home Improvement, I got another (even crazier) idea: store bits in your garden fence:

You need 256 bits, so you'll need 257 planks. Starting from the left, going up is 1 and going down is 0. The above image would read 11110000 Cheesy Unless you're Wilson, in that case it reads 00001111.

You can easily create a backup by taking some family pictures in the garden.
Who's going to notice? Cheesy And who's going to look for patters that could be seed phrases everywhere now? Cheesy

Haha, so now I need to buy a house with a garden. And I thought bitcoin was easy.
Pages:
Jump to: