Topic: 12 Word Recovery Phrase - a security weakness? My (free and simple!) solution(s) (Read 529 times)

A new tension is coming out of old one. why things are becoming complicating. Just write recovery phase on paper and keep it secure place in your home along with other important phrases and uninstall the wallet if you have long term holdings. 

Keep your recovery phrase away from internet world.

Don't even get me started on this. At work we have to use about 8 different systems, all with the same username, but all with their own password requirements. Some mandate 8 letters, some 10. Some mandate at least one uppercase letter. Some mandate at least one number. Some mandate it must be at least "strong" on their unknown algorithm. And here's the best bit - all require mandatory password changes, but at different frequencies. The outcome is that you first set up access to all the systems with one good password. After 3 months, you have to change that password on a few of the systems, so you increment the number in the password by one. 3 months latter, you have to increment that number again, but also now increment the number on all the systems which mandate 6 monthly changes. Also, one of the systems will say this new password is too similar to the old one, so for that system you have to pick a new password altogether. 3 months later, do it all again. Very quickly you end up with 5 or 6 slightly different passwords, and you forget which one is for which system. And oh, if you enter the wrong password 3 times, your account is locked and you have to spend 20 minutes on the phone to IT to get it unlocked. What is the outcome of this? A very few people like myself use a password manager to deal with this for us. The vast majority have all their passwords written down on a piece of paper in their desk, their wallet, or (my favorite) stuck on the back of their ID badge.

Complex? Sure. Secure? Not at all.

I can understand this being an issue with raw private keys, but I've never understood why it is an issue with seed phrases. The whole point of the BIP39 word list is to minimize issues like this, and you should be writing down your seed phrase in simple block capitals, and not cursive or anything else more difficult to read.

I was responding to the idea to choose an account name and day, which means you'll need to remember them anyway. By making the order of the list deterministic, at least you don't have to rely on Github.

That's one way of putting it
I agree it should be our main concern, but I don't like that I still haven't found a solution that makes me 100% comfortable. I know ignorance is bliss, but that doesn't make it more secure for the unaware n00b.

Good, it should be all of ours biggest concern. Ultimately, we're responsible for our own money, and that doesn't come lightly. I'm going to sound like a broken record, but this is the classical problem of balancing security, and convenience. If you have it too convenient you're likely making it easier to attack. If you don't have much convenience you'll likely forget or lose access to your Bitcoin.

This is why you see people put passwords on their routers, but keep the password in plain text next to their computer. This is why you see organisations invest thousands into safes to store data, yet they keep the door propped open via some boxes. This is a common problem within all industries which require a level of security.

Ultimately, we're all lazy, hence why most people that don't make a conscious effort to implement a good security protocol, end up being very easy to compromise. Hence why most people use very similar passwords. Then, we have people that go over board (I may have been guilty of this, multiple times), and over complicate things, which the trade off isn't worth that extra complexity, since you're effectively either encouraging short cuts because it's so damn inconvenient or you're setting yourself up to forgetting or losing control.

What OP has proposed is flirting the line with over complicating something, that doesn't necessarily need to be too complicated.

A problem that I think is more common than we're led to believe. I've done it, not with Bitcoin, but other things. Especially if you haven't taken the care required to separate a 5 from a S. These are the things you need to think about when backing up though. Using a computer potentially leaves a digital trace of that seed, while hand writing has the issues of spelling, or just the way you write things.

Plus, it's the fact that you should probably be guarding towards health issues if you're going this far into depth to secure your coins. The more complicated you make it, the less likely you're to recover it, if anything were to happen to your mind, e.g dementia.

Sure, but also not that difficult for an attacker to plug your seed phrase in to any multi-coin wallet and scan for hundreds of coins in a few minutes.

Because now, in addition to your number pairs, you have to remember/back up the specific username and date, as well as the method/code you used to turn them in to your deterministic list. Complexity is the enemy of security, and this is all getting very complex.

This has always been my main concern about Bitcoin: the balance between making sure I don't lose access, and making sure nobody else gains access.

Are you saying you only have one backup of your seed phrase? What if your house burns down?

12 You can have access to multi sig set apps with sound as these apps are very secure with no third party. And you don't have to worry about losing access which I'm using myself. You might be surprised to know Be that you can keep these apps with password yourself which has no second and third party. That's why you don't have to worry about losing your coins and password. So this is the safest.

This is really clever, and it only just clicked to me how passphrases can be used in a more exotic defensive strategy. Thanks

As long as attaker has no proof that a given address belongs to you. Otherwise he knows what he is looking for.
Similar situation would be with having different coins at the same seed - it would be obvious to find BTC and ETH (+ clones), but having for example Monero (or any other exotic coin) at address generated from the same seed is a different story.

All more reason to use a passphrase over the system being proposed here. In the event of being subjected to a $5 wrench attack, then you can reveal your seed phrase to the attacker, and they can steal the small amount of coins that you have stored in the base wallet. However, the majority of your coins which you have stored in additional secret wallets which are hidden behind one or more passphrases remain not only secure, but completely hidden; the attacker has no idea they even exist.

Firstly, many people would probably just throw your piece of paper where 12 word is stored.
Secondly, not many people know about Bitcoin or 12 word recovery phrase.
Thirdly, if someone wants to rob you and comes at you with knife on your neck, then your method is not gonna help to keep funds safe because in order to save your life, probably you'll have to tell the truth.

After all, best way to get safe recovery phrase is to generate it randomly but its weakness is that it's stored by humans who follow their logic to save it in a safe place.

Sure, but that's another layer of added complexity, which means another layer for you to either forget and lose access to your coins, or another layer for you to mess up and lose access to your coins. Additionally, you will want to back up the exact translation and edition to go with your book cypher, and a list of number pairs with "King James Version (1769)" written at the top makes it completely obvious that your number list is a book cipher and therefore trivial to decipher.

I have some doubts ... let's keep the example of someone that "loss" the memory.

how you can remember the book?
if you are going to save on your library you must pay a lot of attention to it and you need some notes about your book stored (what was the right book?)
how you can remember the sequence? I mean, if you find some number like this , you need always some "instructions" about how to decode it... ?!

the idea itself is not bad but there are some weakness that increment difficulty for a backup 

With a bible, you can modify the procedure so that each word is from a particular bible verse. You could give each book an index number, then use the xth word in nth chapter of the book.

You still need the right translation, but there is less variety among editions, and translations don’t regularly change

Thanks to everyone that shared their thoughts and feedback - I've learnt a lot

I just wouldn't use this method at all. If you are worried about your seed phrase being lost or burnt in a fire, then you should be twice as worried about your book being lost or burnt in a fire. It is trivial to make an additional copy of your seed phrase to store somewhere else (and indeed, having more than one back up should be seen as mandatory). How many people on the other hand have multiple identical copies of the same book, same edition, same print, etc.

There is literally no advantage to this set up when compared to using multi-sig or a passphrase, or just plain old encryption.

While i appreciate your time to write and share your idea, this is an example of overcomplicate things. Your idea require some technical knowledge and require specific set of action which could be forgitten easily.


GitHub is popular, so i agree it's unlikely GitHub will be shutdown in the future. But there's no guarantee,
1. It'll remain free
2. Letting free user upload lots of code with little limitation.
3. Keep code from inactive user.

For reference, GitLab already make some limitation to free user few months ago.


And if the main reference is e-book, you also need to pay attention of the e-book format. For example, epub file format have dynamic layout where total page depending on font size and screen resolution.

Any translated book has this problem. If one wants to have a good chance for this, he should pick a widely published writing that was originally written in English.
Of course, if you have 100 books in your (non-EN) mother tongue and one in English, that may pretty much stand out...

Sure, but you still need to keep it safe with no guarantees you could ever find a replacement.

Low, but not zero. It is completely centralized and owned and operated by Microsoft, who could simply decide to discontinue their support for it at any time.

Here you go:
https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#from-mnemonic-to-seed
https://wiki.trezor.io/Passphrase

It's not just unnecessarily complicated, but also drastically increase your risk of loss.

The Bible is probably one of the worst possible choices, actually. There are literally hundreds of different versions, with each version having dozens of editions, and even the same edition of the same version being different due to having multiple publishers and/or printers. Even something as simple as line spacing being slightly different or page size being slightly different and your page/line/word schematic is rendered completely useless and your coins completely inaccessible.

While it's nice to provide various solutions like this I will throw some ideas:
1. There's no universal solution. Some will prefer to "scramble" the words in a way or another, some will keep them as they are. Keep in mind that you're complicating an existing solution and this can easily get the funds lost.
2. Keep in mind that if we can read and find inspiration in your solution(s), the potential thieves also can do so.
3.
3.1. The index-in-a-book solution is not original, it's present even in novels and movies (last one I've seen was a Sherlock movie).
3.2. The git solution is imho overly complicated. Encryption with a long password and upload to cloud under an inoffensive name would not be significantly different: it's only you who knows the logic of retrieval.

I would avoid this kind of solution. Indeed, this makes the words hidden from thieves, but it also makes them hidden from friends and family. If an accident/trauma or a disease gets a bitcoiner into memory loss, he will no longer be able to recover his money, and nobody close to him would also be able to do so. For some this is a real problem, some choose to not care. Again, it depends from person to person.