keith: you can use http://www.reddit.com/r/TREZOR/ too
Ok thanks. I don't use reddit all that much. Sometimes just read things there though. Will check it out.
Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 161. (Read 966173 times)
Ok thanks. I don't use reddit all that much. Sometimes just read things there though. Will check it out.
keith: you can use http://www.reddit.com/r/TREZOR/ too
It would be nice to set up Trezor in a way so that you can have at the same time:
1) one 'account' with no passphrase (for small money).
This could pop up in the web wallet immediatly without further interaction when you connect the Trezor.
2) one or more (hidden) accounts. These would be visible only if the correct passphrase is
(optionally) given.
Is this possible ?
1) one 'account' with no passphrase (for small money).
This could pop up in the web wallet immediatly without further interaction when you connect the Trezor.
2) one or more (hidden) accounts. These would be visible only if the correct passphrase is
(optionally) given.
Is this possible ?
http://doc.satoshilabs.com/trezor-user/advanced_settings.html
This is not answering his question. He would like to have accounts with different security levels.
One with PIN only, and one with 1 password, maybe 1 with 2 passwords ect.
Trezor should make a dedicated forum on their homepage so that people can bring up suggestions and questions to their dev team, rather than everyone having to post it all in this one thread like a melting pot...
It would be nice to set up Trezor in a way so that you can have at the same time:
1) one 'account' with no passphrase (for small money).
This could pop up in the web wallet immediatly without further interaction when you connect the Trezor.
2) one or more (hidden) accounts. These would be visible only if the correct passphrase is
(optionally) given.
Is this possible ?
1) one 'account' with no passphrase (for small money).
This could pop up in the web wallet immediatly without further interaction when you connect the Trezor.
2) one or more (hidden) accounts. These would be visible only if the correct passphrase is
(optionally) given.
Is this possible ?
http://doc.satoshilabs.com/trezor-user/advanced_settings.html
This is not answering his question. He would like to have accounts with different security levels.
One with PIN only, and one with 1 password, maybe 1 with 2 passwords ect.
I have a question concerning advanced settings (use of passphrases).
As far as I see there are two exclusive options:
1) use no passphrases at all.
2) use one or more passphrases.
It would be nice to set up Trezor in a way so that you can have at the same time:
1) one 'account' with no passphrase (for small money).
This could pop up in the web wallet immediatly without further interaction when you connect the Trezor.
2) one or more (hidden) accounts. These would be visible only if the correct passphrase is
(optionally) given.
Is this possible ?
I had the same question earlier, but I guess this is not a priority...
It would be nice to set up Trezor in a way so that you can have at the same time:
1) one 'account' with no passphrase (for small money).
This could pop up in the web wallet immediatly without further interaction when you connect the Trezor.
2) one or more (hidden) accounts. These would be visible only if the correct passphrase is
(optionally) given.
Is this possible ?
1) one 'account' with no passphrase (for small money).
This could pop up in the web wallet immediatly without further interaction when you connect the Trezor.
2) one or more (hidden) accounts. These would be visible only if the correct passphrase is
(optionally) given.
Is this possible ?
http://doc.satoshilabs.com/trezor-user/advanced_settings.html
I have a question concerning advanced settings (use of passphrases).
As far as I see there are two exclusive options:
1) use no passphrases at all.
2) use one or more passphrases.
It would be nice to set up Trezor in a way so that you can have at the same time:
1) one 'account' with no passphrase (for small money).
This could pop up in the web wallet immediatly without further interaction when you connect the Trezor.
2) one or more (hidden) accounts. These would be visible only if the correct passphrase is
(optionally) given.
Is this possible ?
Still excited to get my Trezor. Processing and shipping was pretty fast. I ordered on 8/4, and it is already through customs... probably only a few days out from here. I thought I would have to wait for much longer for it to actually arrive...
I wish there was an alternative way to recover the Bitcoin in case of hardware failure or other abnormality. Instead of having to wait for another Trezor to come in.
If it is using BIP32, you should be able to just enter the seed into a programm capable of restoring a BIP32 wallet?
I wish there was an alternative way to recover the Bitcoin in case of hardware failure or other abnormality. Instead of having to wait for another Trezor to come in.
However: should you make a mistake and have to enter re-do the whole process, the random words will be known to a keylogger, because trezor chooses different random words every time. So the words identical between the 2 restore-processes (1 failed, 1 succeeded) will be the seed words.
With a 12 word seed theres only 12! = 479,001,600 combinations. So better not "try again" after a failed restore from seed on the same machine if you have a short seed like that... or just just 24 word seed to be safe.
With a 12 word seed theres only 12! = 479,001,600 combinations. So better not "try again" after a failed restore from seed on the same machine if you have a short seed like that... or just just 24 word seed to be safe.
Definitely needs that offline recovery tool
Or a 36 seed recovery.
Another possibility would be that a certain TREZOR has hardware specific "random words" in the seed recovery. So even if you recover twice on the same trezor, the attacker wouldn't know what the wrong words were.
I just discovered random words are not used on 24 word seed. Maybe random words are used just to fill up to 24 words? Would make sense.
However: should you make a mistake and have to enter re-do the whole process, the random words will be known to a keylogger, because trezor chooses different random words every time. So the words identical between the 2 restore-processes (1 failed, 1 succeeded) will be the seed words.
With a 12 word seed theres only 12! = 479,001,600 combinations. So better not "try again" after a failed restore from seed on the same machine if you have a short seed like that... or just just 24 word seed to be safe.
With a 12 word seed theres only 12! = 479,001,600 combinations. So better not "try again" after a failed restore from seed on the same machine if you have a short seed like that... or just just 24 word seed to be safe.
Definitely needs that offline recovery tool
Or a 36 seed recovery.
Another possibility would be that a certain TREZOR has hardware specific "random words" in the seed recovery. So even if you recover twice on the same trezor, the attacker wouldn't know what the wrong words were.
However: should you make a mistake and have to enter re-do the whole process, the random words will be known to a keylogger, because trezor chooses different random words every time. So the words identical between the 2 restore-processes (1 failed, 1 succeeded) will be the seed words.
With a 12 word seed theres only 12! = 479,001,600 combinations. So better not "try again" after a failed restore from seed on the same machine if you have a short seed like that... or just just 24 word seed to be safe.
With a 12 word seed theres only 12! = 479,001,600 combinations. So better not "try again" after a failed restore from seed on the same machine if you have a short seed like that... or just just 24 word seed to be safe.
Definitely needs that offline recovery tool
@Pelover, well, the seed is entered in a random order. So even if the computer is compromised the attacked still needs to try 24! combinations before cracking your password. So you will have enough time to create a new account as BurtW said.
In addition to that, trezors asks to enter random words from the dictionary in between the shuffled seed words.
However: should you make a mistake and have to enter re-do the whole process, the random words will be known to a keylogger, because trezor chooses different random words every time. So the words identical between the 2 restore-processes (1 failed, 1 succeeded) will be the seed words.
With a 12 word seed theres only 12! = 479,001,600 combinations. So better not "try again" after a failed restore from seed on the same machine if you have a short seed like that... or just just 24 word seed to be safe.
Only the victim and victim's Trezor knows the order of the words. The order is generated by Trezor, only shown on its screen, and never transmitted to the infected computer. The malware may make the recovery fail. However, as the malware does not know the order, it can't recover the wallet either
I see it, thanks. Sorry, yes, you are right.
I see now
But i think if hacker knows exactly words in random order it's not fine
Ok, i will use 24 words. I think 6.2044840173323943936 × 10^23 variants of brute force will be enough for me
I see now
But i think if hacker knows exactly words in random order it's not fine
Ok, i will use 24 words. I think 6.2044840173323943936 × 10^23 variants of brute force will be enough for me
Very good decision. And I agree that the 12 word option should probably not be the default!
Sorry, yes, you are right.
I see now
But i think if hacker knows exactly words in random order it's not fine
Ok, i will use 24 words. I think 6.2044840173323943936 × 10^23 variants of brute force will be enough for me
P.S. Only suggestion for future versions of Trezor recovery procedure. Now 12 or 24 words are written in one paper. The Armory program has 3-of-4 backup types for example. If same backup could be too in Trezor, i will happy I understand that it's more difficult procedure and there a lot programming for this. It's only suggestion.
I see now
But i think if hacker knows exactly words in random order it's not fine
Ok, i will use 24 words. I think 6.2044840173323943936 × 10^23 variants of brute force will be enough for me
P.S. Only suggestion for future versions of Trezor recovery procedure. Now 12 or 24 words are written in one paper. The Armory program has 3-of-4 backup types for example. If same backup could be too in Trezor, i will happy
I understand that it's more difficult procedure and there a lot programming for this. It's only suggestion. Your math is off, it is not 2^X but X!
3! = 3x2x1 = 6 combinations
12! = 479001600
24! = 6.2044840173323943936 × 10^23
This number is incredible huge, but potentionally crackable!
Sorry, i don't understand your math
3! = 3x2x1 = 6 combinations
^^^^ Why? Please write other variants for my example. You say that there (in my example) should be 6 variants. Please add other two ones
If you have 3 words that can be on each position, but can only be used once, the math to calculate the total amount of combinations is 3! aka 3x2x1
Proof:
1 2 3
1 3 2
2 1 3
2 3 1
3 1 2
3 2 1
That are all the possible combinations.
12! = 12x11x10x9x...x2x1
So you see, 24! would be an incredible amount of combinations you would not be able to crack very easily.
Your math is off, it is not 2^X but X!
3! = 3x2x1 = 6 combinations
12! = 479001600
24! = 6.2044840173323943936 × 10^23
This number is incredible huge, but potentionally crackable!
Sorry, i don't understand your math
3! = 3x2x1 = 6 combinations
^^^^ Why? Please write other variants for my example. You say that there (in my example) should be 6 variants. Please add other two ones
Ok, i am hacker and the right seed (for easy example) is three word, but in dictionary 2048 words for one position (as trezor has):
User entered: red green blue
Hacker got:blue green red
Ok, he run process and got only these variants (B, G, R):
B G R
G B R
R G B
B R G
Here 2^2 variants (may be because 2^(3-1))
If hacker doesn't know he should make 2048^3 variants (may be 'red', may be 'cat' and so on).
Now imagine it for 12 words and for 24 words
May be there will be 2^11 variants for 12 words, not 2^12 as i wrote above.
Ok, for 24 words we will get 2^23 = 8388608 combinations
I think this combinations can be computed for 1-10 seconds. I think user will not have a time to send him bitcoins to other.
Ok, wallet32 Android application is BIP32 wallet. But if you use hardware device with private keys only in this device it will be very strange to setup seed at Android device for sending all bitcoins
But this hack will be made for one second if hacker will sniff 12 or 24 words.
User entered: red green blue
Hacker got:blue green red
Ok, he run process and got only these variants (B, G, R):
B G R
G B R
R G B
B R G
Here 2^2 variants (may be because 2^(3-1))
If hacker doesn't know he should make 2048^3 variants (may be 'red', may be 'cat' and so on).
Now imagine it for 12 words and for 24 words
May be there will be 2^11 variants for 12 words, not 2^12 as i wrote above.
Ok, for 24 words we will get 2^23 = 8388608 combinations
I think this combinations can be computed for 1-10 seconds. I think user will not have a time to send him bitcoins to other.
Ok, wallet32 Android application is BIP32 wallet. But if you use hardware device with private keys only in this device it will be very strange to setup seed at Android device for sending all bitcoins
But this hack will be made for one second if hacker will sniff 12 or 24 words.
Your math is off, it is not 2^X but X!
3! = 3x2x1 = 6 combinations
12! = 479001600
24! = 6.2044840173323943936 × 10^23
This number is incredible huge, but potentionally crackable!
Jump to: