Pages:
Author

Topic: 12 Word Recovery Phrase - a security weakness? My (free and simple!) solution(s) (Read 552 times)

newbie
Activity: 5
Merit: 0
A new tension is coming out of old one. why things are becoming complicating. Just write recovery phase on paper and keep it secure place in your home along with other important phrases and uninstall the wallet if you have long term holdings. 

Keep your recovery phrase away from internet world.
legendary
Activity: 2268
Merit: 18771
This is why you see people put passwords on their routers, but keep the password in plain text next to their computer.
Don't even get me started on this. At work we have to use about 8 different systems, all with the same username, but all with their own password requirements. Some mandate 8 letters, some 10. Some mandate at least one uppercase letter. Some mandate at least one number. Some mandate it must be at least "strong" on their unknown algorithm. And here's the best bit - all require mandatory password changes, but at different frequencies. The outcome is that you first set up access to all the systems with one good password. After 3 months, you have to change that password on a few of the systems, so you increment the number in the password by one. 3 months latter, you have to increment that number again, but also now increment the number on all the systems which mandate 6 monthly changes. Also, one of the systems will say this new password is too similar to the old one, so for that system you have to pick a new password altogether. 3 months later, do it all again. Very quickly you end up with 5 or 6 slightly different passwords, and you forget which one is for which system. And oh, if you enter the wrong password 3 times, your account is locked and you have to spend 20 minutes on the phone to IT to get it unlocked. What is the outcome of this? A very few people like myself use a password manager to deal with this for us. The vast majority have all their passwords written down on a piece of paper in their desk, their wallet, or (my favorite) stuck on the back of their ID badge.

Complex? Sure. Secure? Not at all.

while hand writing has the issues of spelling, or just the way you write things.
I can understand this being an issue with raw private keys, but I've never understood why it is an issue with seed phrases. The whole point of the BIP39 word list is to minimize issues like this, and you should be writing down your seed phrase in simple block capitals, and not cursive or anything else more difficult to read.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Instead of making it random and publishing it, why not use the username and date as a random seed, and use a pseudo-random list that you can reproduce? It's just as unlikely to be guessed, but you won't lose it.
Because now, in addition to your number pairs, you have to remember/back up the specific username and date, as well as the method/code you used to turn them in to your deterministic list.
I was responding to the idea to choose an account name and day, which means you'll need to remember them anyway. By making the order of the list deterministic, at least you don't have to rely on Github.

This has always been my main concern about Bitcoin: the balance between making sure I don't lose access, and making sure nobody else gains access.
Good, it should be all of ours biggest concern.
That's one way of putting it Cheesy
I agree it should be our main concern, but I don't like that I still haven't found a solution that makes me 100% comfortable. I know ignorance is bliss, but that doesn't make it more secure for the unaware n00b.
staff
Activity: 3304
Merit: 4115
This has always been my main concern about Bitcoin: the balance between making sure I don't lose access, and making sure nobody else gains access.
Good, it should be all of ours biggest concern. Ultimately, we're responsible for our own money, and that doesn't come lightly. I'm going to sound like a broken record, but this is the classical problem of balancing security, and convenience. If you have it too convenient you're likely making it easier to attack. If you don't have much convenience you'll likely forget or lose access to your Bitcoin.

This is why you see people put passwords on their routers, but keep the password in plain text next to their computer. This is why you see organisations invest thousands into safes to store data, yet they keep the door propped open via some boxes. This is a common problem within all industries which require a level of security.

Ultimately, we're all lazy, hence why most people that don't make a conscious effort to implement a good security protocol, end up being very easy to compromise. Hence why most people use very similar passwords. Then, we have people that go over board (I may have been guilty of this, multiple times), and over complicate things, which the trade off isn't worth that extra complexity, since you're effectively either encouraging short cuts because it's so damn inconvenient or you're setting yourself up to forgetting or losing control.

What OP has proposed is flirting the line with over complicating something, that doesn't necessarily need to be too complicated.

I've seen many topics from people who don't know how to access their standard wallet anymore. I've also seen people lose access to their funds because of their own handwriting.
Any complication you add, largely increases the chance of losing access by yourself.
A problem that I think is more common than we're led to believe. I've done it, not with Bitcoin, but other things. Especially if you haven't taken the care required to separate a 5 from a S. These are the things you need to think about when backing up though. Using a computer potentially leaves a digital trace of that seed, while hand writing has the issues of spelling, or just the way you write things.

Plus, it's the fact that you should probably be guarding towards health issues if you're going this far into depth to secure your coins. The more complicated you make it, the less likely you're to recover it, if anything were to happen to your mind, e.g dementia.
legendary
Activity: 2268
Merit: 18771
Similar situation would be with having different coins at the same seed - it would be obvious to find BTC and ETH (+ clones), but having for example Monero (or any other exotic coin) at address generated from the same seed is a different story.
Sure, but also not that difficult for an attacker to plug your seed phrase in to any multi-coin wallet and scan for hundreds of coins in a few minutes.

Instead of making it random and publishing it, why not use the username and date as a random seed, and use a pseudo-random list that you can reproduce? It's just as unlikely to be guessed, but you won't lose it.
Because now, in addition to your number pairs, you have to remember/back up the specific username and date, as well as the method/code you used to turn them in to your deterministic list. Complexity is the enemy of security, and this is all getting very complex.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Every time you create a new BTC wallet, you’ll get a 12 word 'recovery phrase' that needs to be noted down and hidden somewhere, which - to me at least - seems like a pretty gaping security gap. It doesn’t matter whether you write the words down and hide them in your attic, or stamp them on metal and bury them in your garden, the ‘master key’ to your wallet is still just sat somewhere, hoping that no-one finds it.
This has always been my main concern about Bitcoin: the balance between making sure I don't lose access, and making sure nobody else gains access.

--> Why hide the book?? No-one would know that my keynote refers to it, so it can sit on my shelf with the rest Smiley
Are you saying you only have one backup of your seed phrase? What if your house burns down?
full member
Activity: 140
Merit: 135
With the first solution (book), you are now reliant on hiding an entire book rather just a single piece of paper. If you lose your copy of the book, there is no guarantee you would find the exact same edition again and your coins will be lost. So that's a more difficult back up process and a single point of failure.

With the second solution (Github), you are now reliant on a third party to continue hosting your repo. If your account is banned, or their servers fail, or they shut down, etc., then your coins will be lost. So again, a more difficult process and a single point of failure.

In short, this is unnecessarily complicated and significantly increases the risk of you losing access to your wallets. If you want a set up in which your seed phrase can be compromised without resulting in immediate loss of your funds, then you would be far better off using a standardized method which does not have a single point of failure, such as either an additional passphrase or a multi-sig set up.

12 You can have access to multi sig set apps with sound as these apps are very secure with no third party. And you don't have to worry about losing access which I'm using myself. You might be surprised to know Be that you can keep these apps with password yourself which has no second and third party. That's why you don't have to worry about losing your coins and password. So this is the safest.
newbie
Activity: 9
Merit: 40
Thirdly, if someone wants to rob you and comes at you with knife on your neck, then your method is not gonna help to keep funds safe because in order to save your life, probably you'll have to tell the truth.
All more reason to use a passphrase over the system being proposed here. In the event of being subjected to a $5 wrench attack, then you can reveal your seed phrase to the attacker, and they can steal the small amount of coins that you have stored in the base wallet. However, the majority of your coins which you have stored in additional secret wallets which are hidden behind one or more passphrases remain not only secure, but completely hidden; the attacker has no idea they even exist.

This is really clever, and it only just clicked to me how passphrases can be used in a more exotic defensive strategy. Thanks Smiley
legendary
Activity: 952
Merit: 1386
All more reason to use a passphrase over the system being proposed here. In the event of being subjected to a $5 wrench attack, then you can reveal your seed phrase to the attacker, and they can steal the small amount of coins that you have stored in the base wallet. However, the majority of your coins which you have stored in additional secret wallets which are hidden behind one or more passphrases remain not only secure, but completely hidden; the attacker has no idea they even exist.

As long as attaker has no proof that a given address belongs to you. Otherwise he knows what he is looking for.
Similar situation would be with having different coins at the same seed - it would be obvious to find BTC and ETH (+ clones), but having for example Monero (or any other exotic coin) at address generated from the same seed is a different story.
legendary
Activity: 2268
Merit: 18771
Thirdly, if someone wants to rob you and comes at you with knife on your neck, then your method is not gonna help to keep funds safe because in order to save your life, probably you'll have to tell the truth.
All more reason to use a passphrase over the system being proposed here. In the event of being subjected to a $5 wrench attack, then you can reveal your seed phrase to the attacker, and they can steal the small amount of coins that you have stored in the base wallet. However, the majority of your coins which you have stored in additional secret wallets which are hidden behind one or more passphrases remain not only secure, but completely hidden; the attacker has no idea they even exist.
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
Every time you create a new BTC wallet, you’ll get a 12 word 'recovery phrase' that needs to be noted down and hidden somewhere, which - to me at least - seems like a pretty gaping security gap. It doesn’t matter whether you write the words down and hide them in your attic, or stamp them on metal and bury them in your garden, the ‘master key’ to your wallet is still just sat somewhere, hoping that no-one finds it. If someone does find it, they can empty your account, and there’s no way you can stop them.
Firstly, many people would probably just throw your piece of paper where 12 word is stored.
Secondly, not many people know about Bitcoin or 12 word recovery phrase.
Thirdly, if someone wants to rob you and comes at you with knife on your neck, then your method is not gonna help to keep funds safe because in order to save your life, probably you'll have to tell the truth.

After all, best way to get safe recovery phrase is to generate it randomly but its weakness is that it's stored by humans who follow their logic to save it in a safe place.
legendary
Activity: 2268
Merit: 18771
With a bible, you can modify the procedure so that each word is from a particular bible verse. You could give each book an index number, then use the xth word in nth chapter of the book.
Sure, but that's another layer of added complexity, which means another layer for you to either forget and lose access to your coins, or another layer for you to mess up and lose access to your coins. Additionally, you will want to back up the exact translation and edition to go with your book cypher, and a list of number pairs with "King James Version (1769)" written at the top makes it completely obvious that your number list is a book cipher and therefore trivial to decipher.
legendary
Activity: 3276
Merit: 3537
Nec Recisa Recedit
I have some doubts ... let's keep the example of someone that "loss" the memory.

how you can remember the book?
if you are going to save on your library you must pay a lot of attention to it and you need some notes about your book stored (what was the right book?)
how you can remember the sequence? I mean, if you find some number like this , you need always some "instructions" about how to decode it... ?!

the idea itself is not bad but there are some weakness that increment difficulty for a backup 
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7

You can mitigate your chances of losing access to the particular version of the book by choosing a book that will likely continue being published, like the bible.
The Bible is probably one of the worst possible choices, actually. There are literally hundreds of different versions, with each version having dozens of editions, and even the same edition of the same version being different due to having multiple publishers and/or printers. Even something as simple as line spacing being slightly different or page size being slightly different and your page/line/word schematic is rendered completely useless and your coins completely inaccessible.
With a bible, you can modify the procedure so that each word is from a particular bible verse. You could give each book an index number, then use the xth word in nth chapter of the book.

You still need the right translation, but there is less variety among editions, and translations don’t regularly change
newbie
Activity: 9
Merit: 40
Thanks to everyone that shared their thoughts and feedback - I've learnt a lot Smiley
legendary
Activity: 2268
Merit: 18771
If one wants to have a good chance for this, he should pick a widely published writing that was originally written in English.
I just wouldn't use this method at all. If you are worried about your seed phrase being lost or burnt in a fire, then you should be twice as worried about your book being lost or burnt in a fire. It is trivial to make an additional copy of your seed phrase to store somewhere else (and indeed, having more than one back up should be seen as mandatory). How many people on the other hand have multiple identical copies of the same book, same edition, same print, etc.

There is literally no advantage to this set up when compared to using multi-sig or a passphrase, or just plain old encryption.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
While i appreciate your time to write and share your idea, this is an example of overcomplicate things. Your idea require some technical knowledge and require specific set of action which could be forgitten easily.

--> Perhaps, but it seems to me that the chances of Github being shutdown are pretty low... Probably lower than my piece of paper being stolen/lost/burnt in a fire, but perhaps not.

GitHub is popular, so i agree it's unlikely GitHub will be shutdown in the future. But there's no guarantee,
1. It'll remain free
2. Letting free user upload lots of code with little limitation.
3. Keep code from inactive user.

For reference, GitLab already make some limitation to free user few months ago.

You can mitigate your chances of losing access to the particular version of the book by choosing a book that will likely continue being published, like the bible.

You beed much more information than just a title/author. You need publisher, year of publication, release number etc. For book written in different language you need translator name. That’s why ISBN is used, the same book may be published in different formats, font size etc - any change breaks your triplet constraint.

And if the main reference is e-book, you also need to pay attention of the e-book format. For example, epub file format have dynamic layout where total page depending on font size and screen resolution.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
You can mitigate your chances of losing access to the particular version of the book by choosing a book that will likely continue being published, like the bible.
The Bible is probably one of the worst possible choices, actually. There are literally hundreds of different versions, with each version having dozens of editions, and even the same edition of the same version being different due to having multiple publishers and/or printers. Even something as simply as line spacing being slightly different or page size being slightly different and your page/line/word schematic is rendered completely useless and your coins completely inaccessible.

Any translated book has this problem. If one wants to have a good chance for this, he should pick a widely published writing that was originally written in English.
Of course, if you have 100 books in your (non-EN) mother tongue and one in English, that may pretty much stand out...
legendary
Activity: 2268
Merit: 18771
--> Why hide the book?? No-one would know that my keynote refers to it, so it can sit on my shelf with the rest Smiley
Sure, but you still need to keep it safe with no guarantees you could ever find a replacement.

--> Perhaps, but it seems to me that the chances of Github being shutdown are pretty low...
Low, but not zero. It is completely centralized and owned and operated by Microsoft, who could simply decide to discontinue their support for it at any time.

--> The additional passphrase is something I've only just learned about, this seems like it would help me feel more secure, so I'll look into it.
Here you go:
https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#from-mnemonic-to-seed
https://wiki.trezor.io/Passphrase

I still feel uncomfortable just keeping the 12 words written down on paper and hidden, so I'm going to use my Book / my Github repo as a 'key' or 'cypher' for the time being... No worries if others find it 'unnecessarily complicated' Smiley
It's not just unnecessarily complicated, but also drastically increase your risk of loss.

You can mitigate your chances of losing access to the particular version of the book by choosing a book that will likely continue being published, like the bible.
The Bible is probably one of the worst possible choices, actually. There are literally hundreds of different versions, with each version having dozens of editions, and even the same edition of the same version being different due to having multiple publishers and/or printers. Even something as simple as line spacing being slightly different or page size being slightly different and your page/line/word schematic is rendered completely useless and your coins completely inaccessible.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Solution

While it's nice to provide various solutions like this I will throw some ideas:
1. There's no universal solution. Some will prefer to "scramble" the words in a way or another, some will keep them as they are. Keep in mind that you're complicating an existing solution and this can easily get the funds lost.
2. Keep in mind that if we can read and find inspiration in your solution(s), the potential thieves also can do so.
3.
3.1. The index-in-a-book solution is not original, it's present even in novels and movies (last one I've seen was a Sherlock movie).
3.2. The git solution is imho overly complicated. Encryption with a long password and upload to cloud under an inoffensive name would not be significantly different: it's only you who knows the logic of retrieval.

I would avoid this kind of solution. Indeed, this makes the words hidden from thieves, but it also makes them hidden from friends and family. If an accident/trauma or a disease gets a bitcoiner into memory loss, he will no longer be able to recover his money, and nobody close to him would also be able to do so. For some this is a real problem, some choose to not care. Again, it depends from person to person.
Pages:
Jump to: