Pages:
Author

Topic: [Guide] Ways to improve your seed phrase backup process. - page 2. (Read 441 times)

sr. member
Activity: 1680
Merit: 288
Eloncoin.org - Mars, here we come!
Another possible way to improve this is to rearrange the words before you group them, maybe you’ll have a pattern to decipher them when it’s time to use them. The importance that rearranging the words could serve is that even if someone else saw and tried the phrases, they still won’t get access because you’ve mixed up somethings, but then, it mustn’t be the whole words, it could be just a word or maybe rearrange the group instead. But in all, have a retentive memory so you don’t end up trying to crack something you set by yourself. 
sr. member
Activity: 364
Merit: 298
Doing only this will also prevent your key from getting compromised to some extent. I know there are other methods more useful than this. That's why I introduced the complex version as well. I don't know how to code but I think we can make a bot that can automatically find the seed phrase if we give it a value such as the number of groups, the number of words that will be in each group and the number of words that need to be removed.

As I said.  The attacker would only need to brute force all the combinations of your scrambled seed phrase, and it would take him a few seconds to finish, even in an old machine.

Still, I think that encrypting the key before making a backup is way more secure than just backing it up as it is.

When encrypting something, you need to have the decryption key.  That will be stored in plain text somewhere.  What do you want to encrypt and why would that method be more secure, since you still need to store a phrase / password somewhere in plain text?
sr. member
Activity: 1008
Merit: 366
I get the idea of simplicity. But that also does not prevent us from risks. I have shared both simple and complex methods. The simple one is randomizing your key by grouping them.
Quote
Now we can randomize the number to our liking. For my case, I will use 2143.
These numbers correspond to the group number.
So if we put these all together the seed becomes like this:
 
glance merge actual praise fee short produce flush razor hollow visual spy

Now if we group them again with 3 words per group, we will again get 4 groups. [1=glance merge actual] [2=praise fee short] [3=produce flush razor]  [4=hollow visual spy]. But they are still randomised. So if we remember the number 2143 we can easily get back our original seed phrase.
So, 2143 = [2=praise fee short] [1=glance merge actual] [4=hollow visual spy] [3=produce flush razor] ___ The actual seed phrase.

As I explained, the total number of words is divided by the total number of numbers in the code. We will be able to know how many words per group.
I don't think it will be so hard to remember as it is way too simple. We can leave the code out on plain site and people will have a hard time finding out what it actually is.

Doing only this will also prevent your key from getting compromised to some extent. I know there are other methods more useful than this. That's why I introduced the complex version as well. I don't know how to code but I think we can make a bot that can automatically find the seed phrase if we give it a value such as the number of groups, the number of words that will be in each group and the number of words that need to be removed.

That way it can become an actual thing. I lack the knowledge to make such a thing so I am unable to show its potential.

Still, I think that encrypting the key before making a backup is way more secure than just backing it up as it is. Also if we continuously practice this method after a certain period of time, we will be able to remember it and forgetting the method won't be an issue.
But it's an individual choice for each of us to use what we are comfortable with.
I had an idea so I shared it. You can use it or not, that's up to you.
hero member
Activity: 560
Merit: 1060
As a sidenote, this forum is full of posts where people ask for help to recover their wallets.

Most of them have done something out of the ordinary. Something completely out of the BIP39 templates.

Most of the time, these people end up losing money.

Again, I like people who try to innovate, but in this case, I can see many potential issues. And I can foresee many people complaining about losing money in the future.
hero member
Activity: 1386
Merit: 513
Payment Gateway Allows Recurring Payments
I was planning to create a same topic like this I even shared my idea to make a similar topic like yours but I might not talk about this encryption method that you have used. Well, I think I should not make that thread as you already have created it, by the way, are you a mind reader hehe? If I would make this topic then I will definitely talk about other advanced encryption methods like AES or DES.

It's not that your encryption method is not advanced, it is also an advanced and not an easy one to break because the word list you have selected has 32 words in it and to make a 12-word recovery from the word list of 32 words you should have to apply 2.04×1039 different combination and even with a powerful computer you have to spend a hell lot of years to apply these combinations. Well, in simple words, brute force can't be used to break this method of yours, I liked it, and I hope I am not making any mistake in calculating the time. As time will vary with the computational power.

PS: I am writing this reply for 2nd time, the first time I mistakenly refreshed this tab, and before refreshing I thought I had copied the whole text but after refreshing and trying to paste I got nothin in my clipboard lol.
sr. member
Activity: 364
Merit: 298
Most of us who have been here for a long time know the importance of backing up our seed phrase for our wallets.

You should already know, tho, that the enemy of security is complexity.

But my question is, how safe is it? Even if you keep it safe in a locker, one can break it through to access it.

So do not put it inside a locker, or as told by apogio, use a passphrase which is backed up on multiple places outside.

-method-

This is NOT recommended; it does not provide any additional security for a twelve words seed phrase and it introduces enough risk to lock you out of your wallet.  If a thief steals your seed phrase and does not know the order, all they need to do is brute force every possible combination of these words, which in total are only 12! ~= 480 million. (And of that number, 15/16 phrases contain an invalid checksum, so it is a lot easier)

Do not randomize the order.  Use passphrase, it is specifically included in all good Bitcoin wallets for that particular purpose.  And generally, do not experiment with security.  This is like children playing with matches.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
Especially a case of accident coupled with lost memory which comes with brain disorderliness, I think during wallet creation there are some wallet that always warned users not to memorized their seed phrase because it could be easily forgotten. The thing is, as a Bitcoiner someone who is devoted and rooted into bitcoin progression and holdings should not store their keys and seed phrase in a particular place rather printing out and store in safe and secured place would be better if possible it should be printed words by words where no one understands it.

It was a wonderful statement. Teach me how to do this. “Printed words, words that no one understands”—how does your proposal differ from the OP? You also come up with variants of words, but then, as time passes, you forget about your ideas, and the real phrase loses its meaning since you cannot remember their original meaning.
Don't you think you're contradicting yourself? Smiley
hero member
Activity: 560
Merit: 1060
Hello and thanks for creating a guide for us.

I will be against using this method though.


I love simplicity and I am in favor of creating "notes" that I will be able to understand in 20 years from now.

But my question is, how safe is it? Even if you keep it safe in a locker, one can break it through to access it. Once they get their hands on that piece of paper or whatever you have used to back up your key, your wallet is compromised.

Adding a strong passphrase (>15 characters from the 95 ASCII printable characters) will immediately solve this issue.

What to do:
Let's say you have 12 words. Add a strong passphrase upon it.

Create 4 physical paper backups as follows:
1. Seed (backup A)
2. Seed (backup B)
3. Passphrase (backup A)
4. Passphrase (backup B)

Save them in 4 different locations.

Check if they are ok every now and then.

If you lose one of the papers (no matter which one) you will still have access to your funds and will be able to recover the wallet. Then you can decide what to do, you can create a new wallet etc.
hero member
Activity: 1148
Merit: 796
Actually I don't find anything new from your so guide, what's the difference with multisig 3 of 3, 4 of 4, or 6 of 6? you must able to get all of them in order to access your wallet.

I still prefer to use passphrase aka seed extension where you add the last word from your seed phrase. Only hold like $50-$100 in your wallet that contain $50-$100, while the wallet that has a passphrase contains most of your coins.
legendary
Activity: 3080
Merit: 1353
Seriously there is nothing bad in trying to secure your wallet but one thing i have always been worried about and that’s doing too much to secure a thing sometimes you lose or make mistakes in doing so, the most painful thing is actually losing your seed phrase because you use a method you can’t remember easily to encrypt it. This particular encryption is base on your head and it’s always a bad idea to trust your head because you can forget it either through health issues or others.

This is not to discourage the process but I will just say keep it simple and just try to save it in a better place, it is more secure than encryption which can lead to error due to forgetfulness or pattern use in the process

even though my memory is quite excellent and I’m confident that with enough familiarization i could remember my seed phrase, i still don’t want to risk it i find that writing my seed phrase on a piece of paper and securely storing it where no one else knows is the safest bet for me at least personally even if i have memorized my seed phrase or came up with a creative way of remembering it, i still wouldn’t feel comfortable with no back up

No, I wouldn't go that route and memorized my seeds or mnemonic phrase, I do believed that our memory will regress and deteriorate overtime. And with that we should really write our seed and then make multiple backs up of it, specially if we are going to store huge amount of BTC and we wanted to be a long term holder.

However, I don't like to complicate things in my end.

For me if you really know how to protect your wallet and your seed, then there's no need to invent and make it more difficult for you as a investor. And there are a lot of methods already shared in our great community on how to do that.
legendary
Activity: 2576
Merit: 1860
I won't trust myself with this personalized encryption. If I forgot as simple as a 4-digit PIN or a repeatedly used password, how much more a 24-word seed phrase arranged in a puzzle-like manner? That would be too risky for me. And I don't think that's recommendable to the majority of users.

Moreover, in case of death, amnesia, accident that makes you unconscious for the rest of your life, or whatever extreme yet real-life possibilities, will there be anybody else who's able to unlock that encryption? Or will the coins perish with you?
hero member
Activity: 2366
Merit: 838
Simplicity is best so don't complicate your backup method.

If you lose one of pieces in your complex backup procedure, you will lose your bitcoin so don't use complex method and make your recovery process harder or even fails.

How to back up a seed phrase?
Bitcoin Q&A: Why is Seed Splitting a Bad Idea?

If your backup is in digital file, use a strong password to encrypt it.
full member
Activity: 2520
Merit: 214
Eloncoin.org - Mars, here we come!
Seriously there is nothing bad in trying to secure your wallet but one thing i have always been worried about and that’s doing too much to secure a thing sometimes you lose or make mistakes in doing so, the most painful thing is actually losing your seed phrase because you use a method you can’t remember easily to encrypt it. This particular encryption is base on your head and it’s always a bad idea to trust your head because you can forget it either through health issues or others.

This is not to discourage the process but I will just say keep it simple and just try to save it in a better place, it is more secure than encryption which can lead to error due to forgetfulness or pattern use in the process

even though my memory is quite excellent and I’m confident that with enough familiarization i could remember my seed phrase, i still don’t want to risk it i find that writing my seed phrase on a piece of paper and securely storing it where no one else knows is the safest bet for me at least personally even if i have memorized my seed phrase or came up with a creative way of remembering it, i still wouldn’t feel comfortable with no back up
hero member
Activity: 882
Merit: 800
This particular encryption is base on your head and it’s always a bad idea to trust your head because you can forget it either through health issues or others.

Especially a case of accident coupled with lost memory which comes with brain disorderliness, I think during wallet creation there are some wallet that always warned users not to memorized their seed phrase because it could be easily forgotten. The thing is, as a Bitcoiner someone who is devoted and rooted into bitcoin progression and holdings should not store their keys and seed phrase in a particular place rather printing out and store in safe and secured place would be better if possible it should be printed words by words where no one understands it.
hero member
Activity: 868
Merit: 952
Seriously there is nothing bad in trying to secure your wallet but one thing i have always been worried about and that’s doing too much to secure a thing sometimes you lose or make mistakes in doing so, the most painful thing is actually losing your seed phrase because you use a method you can’t remember easily to encrypt it. This particular encryption is base on your head and it’s always a bad idea to trust your head because you can forget it either through health issues or others.

This is not to discourage the process but I will just say keep it simple and just try to save it in a better place, it is more secure than encryption which can lead to error due to forgetfulness or pattern use in the process
sr. member
Activity: 1008
Merit: 366
Most of us who have been here for a long time know the importance of backing up our seed phrase for our wallets. Doing it online is as risky as leaving your house key open in front of the door. One can find it if they try hard enough. Or maybe someday a guy comes across it by accident. However you put it, it is risky. So as everyone, I will also suggest you back up your key offline. Write it down on a piece of paper, wood, metal or something that can't be destroyed easily. Also, keep them in a safe place out of everyone's reach.

But my question is, how safe is it? Even if you keep it safe in a locker, one can break it through to access it. Once they get their hands on that piece of paper or whatever you have used to back up your key, your wallet is compromised.

What I really want to talk about here is how you can also prevent this from happening. I am talking about encrypting your seed phrase before backing it up. I know there are more topics about this out there. But this is something that I came up with and I would like to share it with you guys.

First thing first
 
What is encryption?
Encryption is the method by which information is converted into secret code that hides the information's true meaning.

You can read the full article in the given link. If you already know it, then let's move on.

So imagine you have a 12-word or 24-word seed phrase. In this method of encryption, we are going to make groups with these words. I am using a 12-word seed for this example. Here is the actual seed phrase to a wallet.

praise fee short glance merge actual hollow visual spy produce flush razor

Now if we group them by even or odd numbers of words, we will get something like this.
Example: 1
Group 1: [praise fee short glance]
Group 2: [merge actual hollow visual]
Group 3: [spy produce flush razor]

Or something like this.
Example: 2
Group 1: [praise fee short]
Group 2: [glance merge actual]
Group 3: [hollow visual spy]
Group 4: [produce flush razor]

For more security, you can go like this.
Example: 3
Group 1: [praise fee]
Group 2: [short glance]
Group 3: [merge actual]
Group 4: [hollow visual]
Group 5: [spy produce]
Group 6: [flush razor]

To keep it short, I am going to use example number 2.
Now we can randomize the number to our liking. For my case, I will use 2143.
These numbers correspond to the group number.
So if we put these all together the seed becomes like this:
 
glance merge actual praise fee short produce flush razor hollow visual spy

Now the seed phrase has been randomized. All you need to do at this point is to put it all back together. If there are 4 groups, we can be sure that if it's a 12-word seed phrase, each group will have 3 words in them. [12/4=3]

Now if we group them again with 3 words per group, we will again get 4 groups. [1=glance merge actual] [2=praise fee short] [3=produce flush razor]  [4=hollow visual spy]. But they are still randomised. So if we remember the number 2143 we can easily get back our original seed phrase.
So, 2143 = [2=praise fee short] [1=glance merge actual] [4=hollow visual spy] [3=produce flush razor] ___ The actual seed phrase.

But it is still too easy to decrypt if someone knows your method. So to make it harder to crack, we are going to add some random words in between those groups.

As the randomized group number was 2143 we can add more words between them.
i.e. 2 [news proof album civilian letter] 1 [responsibility concept stereotype national bad] 4 [cutting forestry mechanism abuse duty] 3 [year plant offender history owl]

or [news proof album civilian letter] 2 [responsibility concept stereotype national bad] 1 [cutting forestry mechanism abuse duty] 4 [year plant offender history owl] 3.

You can start with the random words or you can start with the group's words.

Now if we put it all together, we get List 1.
glance merge actual news proof album civilian letter praise fee short responsibility concept stereotype national bad produce flush razor cutting forestry mechanism abuse duty hollow visual spy year plant offender history owl

Remember, whatever random number you put in between, their amount should be the same. In my case, after each group, I put down 5 random words. You can put as much as you want. If you remember how many words you put, you can always remove that out from that list and get the random number group. i.e 2143.

From the beginning of the list, we get our first group of 3 words. And after that, we take out 5 words out of that list. Then the next 3 words are going to be our 2nd group. We keep doing this until we get all of our groups. Just filter out whatever number of words you put in.

If you followed the 2nd method of putting words first then groups, in this case, remove 5 words first then the next 3 words are going to be your first group.

So when you finally get the full seed phrase filtered out of that word list, you just rearrange them based on your code. Then you get your actual seed phrase.

You can backup this seed and even if someone gets their hands on it, they will be unable to decrypt it. All you need to remember is the code and the number of random words between them.

2143..5 This is all I need to remember to recover my seed phrase from a huge word list.

[Note: All the numbers can be randomised to your liking. Everything shown here was for an example. Do it on your way.]

Let me know if you have any confusion about this. And if you have any suggestions, be sure to comment it down below. Sorry for making it long, but I tried to explain everything so everyone can understand it easily.

Pages:
Jump to: