Author

Topic: a (Read 687 times)

sr. member
Activity: 714
Merit: 251
a
July 14, 2017, 10:39:19 AM
#6
I want to protect against brute force guessing my passphrase I added to 24 word seed in case it gets stolen. Is it hard to brute force with computer if phrase is too simple? How many guesses can be made per second?

Make sure it has minimum 128 bit entropy.

So calculate the length of the word list, from which the number of words are choosen.

The formula is like this

Code:
LOG( WORDLIST LENGTH , 2) * NUMBER OF WORDS

Basically electrum bitcoin wallet has 2048 words out of which it chooses 12, so that is 132 bits.


legendary
Activity: 1736
Merit: 1023
July 14, 2017, 09:25:18 AM
#5
by passphrase i mean additional word not the 24th words u are given

Adding additional words really isn't necessary to increase the security and could perhaps cause issues down the road when you want to restore the seed. 24 words is already plenty secure.
member
Activity: 75
Merit: 10
July 11, 2017, 04:42:27 AM
#4
It really doesn't matter. The ones you are given are so random. How will anyone guess that many words and in the right order unless it's a sentence ? Don't worry about it.
vh
hero member
Activity: 699
Merit: 666
June 06, 2017, 11:01:38 PM
#3
I added to 24 word seed in case it gets stolen. Is it hard to brute force with computer if phrase is too simple?

If you are talking about BIP39 each word is derived down to only ~11bits of security for a total entropy of 2^256. 
As long as you use on average 2 letters per word, I believe brute forcing it will take the same amount of time as a "difficult" to remember 24 word phrase.
legendary
Activity: 3472
Merit: 10611
June 06, 2017, 10:52:51 PM
#2
first to clarify, when using a wallet you set the password on your wallet file not the seed, the seed may be written in the wallet file and it will be encrypted with the password.
when writing down your password it can be stolen and used to gain access to the funds, the password you set on your wallet file doesn't change this.

for strong password you can read this https://en.wikipedia.org/wiki/Password_strength and find a lot more articles about it. but in summary, it should be
- long
- containing uppercase and lowercase letters, numbers, symbols
- it should not be regular words such as words of a poem, a popular sentence or something similar.

simple example using a random online tool: -4oC6vY317Z6S)s
newbie
Activity: 7
Merit: 0
June 06, 2017, 07:08:31 PM
#1
a
Jump to: