Author

Topic: Seed phrase security question (Read 615 times)

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
July 11, 2021, 09:22:34 AM
#46
Is that a concern?  Like imagine you were typing your seed in a software wallet and the laptop camera is pointing straight at it.  Has there been known hacks like this?  Also so if you were to actually sing your seed while your iphone is on... that is a huge concern?  What if you record it with the voice memo?  That is obviously bad but has anyone tested this with a seed and put a tiny amount of crypto in it just to see if anything would happen?

It depends on what you understand as “concern”. Once you generate a wallet, there are tons of ways you can screw the whole thing up, but your money may be safe. You should minimize the odds of screwing up to cover these concerns. No, I've never heard of a hack like this, neither from singing the seed. But, you know what? Now that it's publicly known, there may be people who'll write a malicious code regarding your records.

Just for your information, I've never heard of funds' loss from the classic procedure of seed generation. But, it doesn't matter what I have heard; I always minimize these odds.
legendary
Activity: 4354
Merit: 3614
what is this "brake pedal" you speak of?
July 11, 2021, 08:27:28 AM
#45
That is something i never thought of.  But when you guys write your seed or look at your seed, do you all make sure your phone or laptop camera isn't pointing straight at your paper that has your seed in it?

when generating a new seed or key i remove all phones from the room and power them off. all security cams that might have line of site are disabled. unplug desktop webcams or cover the webcam if laptop. all window shades in the room are drawn (include skylights too). i have no alexa/google thing (never will either) so no worries there. if you have a smart tv attached to your network unplug it. have any of those voice activated remote controls for your cable/sat tv? take the batteries out and move those remotes out of the house for the duration.

once the seed/key is generated/tested ill make dupes and stash some off site. add a passphrase too but dont store that with the seeds of course. multiple copies of that too.

then after all that i take my tinfoil hat off and re enable all the potential bugs (phones tvs etc).
legendary
Activity: 2268
Merit: 18748
July 11, 2021, 03:06:48 AM
#44
So you should tape the laptop camera at all times?
I would either tape or disabled all your cameras at all times, since they are constantly being targeted by various mass surveillance programs around the world.

Like imagine you were typing your seed in a software wallet and the laptop camera is pointing straight at it.  Has there been known hacks like this?
Who knows? No one who is careless enough to point a camera directly at their seed phrase will then go to forums and say "Hey, I took every possible precaution except pointing a camera my seed phrase and now my coins have been stolen!" The point is it is a potential risk and your coins could be stolen this way.

Also so if you were to actually sing your seed while your iphone is on... that is a huge concern?  What if you record it with the voice memo?  That is obviously bad but has anyone tested this with a seed and put a tiny amount of crypto in it just to see if anything would happen?
Again, this proves nothing. Your coins could be stolen this way. It's like saying "Well, I've driven without a seat belt for 10 years and I'm still alive to driving without a seat belt is perfectly safe." All these things could result in your coins being stolen. Just because they haven't yet resulted in your coins being stolen doesn't mean they are a good idea. I could write my seed phrase in huge letters in permanent ink on my bedroom wall and my coins would stay safe for quite some time - doesn't mean it's a good way to store my seed phrase.
legendary
Activity: 3472
Merit: 10611
July 10, 2021, 10:47:21 PM
#43
Is that a concern?
There is a possibility and it is always best to be safe than sorry!

Quote
Has there been known hacks like this?
Not that I know of. People don't usually have strange setups like this where their camera is pointed directly at their screen instead of at their face.

Quote
Also so if you were to actually sing your seed while your iphone is on... that is a huge concern?  What if you record it with the voice memo? 
You can go in a windowless room with no electronics in it, shut down all the lights and enter your seed Smiley

Quote
That is obviously bad but has anyone tested this with a seed and put a tiny amount of crypto in it just to see if anything would happen?
That won't prove anything.
full member
Activity: 1750
Merit: 186
July 10, 2021, 03:25:57 PM
#42
Well i got laptop and iphone.  But the way i have my laptop on my desk, its like pointing at my computer monitors, got a dual monitor setup so the laptop is to the right of it where the laptop camera is well pointing towards the camera.



So you should tape the laptop camera at all times?  Because anything that is on my computer monitor screen, well my laptop camera is essentially pointing straight at it.



Is that a concern?  Like imagine you were typing your seed in a software wallet and the laptop camera is pointing straight at it.  Has there been known hacks like this?  Also so if you were to actually sing your seed while your iphone is on... that is a huge concern?  What if you record it with the voice memo?  That is obviously bad but has anyone tested this with a seed and put a tiny amount of crypto in it just to see if anything would happen?
legendary
Activity: 1974
Merit: 2124
June 27, 2021, 10:03:21 AM
#41
Hi this is a random question but is it possible for my seed phrase on hardware wallet to be compromised by an app using my iPhone microphone ? I was singing my seed phrase to memorize it and realized my phone was right next to me. I’m also kinda high and paranoid? I see lots of posts about ppl taking photos of their phrases and losing their coins so I didn’t know if saying my phrase out loud was a bad idea.VidMate  Mobdro

We are living in technical era and every kind of hack is possible these days if you are not much aware about them.You don't know how these Voice assistant features work in the backend but your microphone records are also maintained by the company server to provide some better results.You must be aware about the Google,iphone,Facebook data leak breach on the dark web and so you can imagine that seed can also be compromised.The experts have stated one type of hack that can send some silent commands to Siri in through waveform generator that can hack your phone and listens to all your Siri conversation.

Quote
By talking with the voice assistant, bad actors can gain access to, say, your text messages, which may contain two-factor authentication codes for your other accounts.
To protect yourself from this form of attack, make sure your voice assistant is password-protected or disabled from the lock screen.

Learn about them at Siri hacks

So you must do take care about security measures and be safe with your seed phrase because they will just enter them in any Electrum wallet and then funds will be withdrawn to any address.So change the seed or take any other necessary step to avoid any further inconvenience.Next time save them in cold storage somewhere safe without storing them in mind Library.
hero member
Activity: 2926
Merit: 567
June 27, 2021, 05:14:46 AM
#40
Hi this is a random question but is it possible for my seed phrase on hardware wallet to be compromised by an app using my iPhone microphone ? I was singing my seed phrase to memorize it and realized my phone was right next to me. I’m also kinda high and paranoid? I see lots of posts about ppl taking photos of their phrases and losing their coins so I didn’t know if saying my phrase out loud was a bad idea.VidMate  Mobdro


If you think your passphrase or private key is compromised or will be compromised take action right away create a new wallet and transfer the coins to that new wallet, when in doubt do the necessary action before it's too late and takes all the necessary precautions to protect your wallet private key, we are our own bank.
legendary
Activity: 2268
Merit: 18748
June 27, 2021, 02:31:03 AM
#39
The seed will save as .txt in notepad it will easy to use the third party such as 7zip. but of course, if the third party had a compromise possible the seed also.
I would be wary of using tools such as 7zip for encrypting files when that is not their primary purpose. Many zip and archive programs will leave temporary files all over your hard drive, which can later be recovered or restored by an attacker. 7zip also had some pretty major bugs with their implementation of the encryption process: https://twitter.com/3lbios/status/1087848040583626753. You would be much better off using a piece of software which has been properly built solely for encrypting data, such as VeraCrypt or LUKS.

Not to mention that saving your seed file in a .txt file, adding it to an encrypted archive, and then deleting the original, leaves the data of the original on your hard drive indefinitely until you overwrite it with some other data, which again can be recovered by attackers.

I have read much time about it because it will easy to copy-paste the seed if they want to restore it.
Another terrible idea.
legendary
Activity: 2366
Merit: 2054
June 26, 2021, 11:03:01 PM
#38
I hope you have , at least, encrypted the seed before uploading it!
The seed will save as .txt in notepad it will easy to use the third party such as 7zip. but of course, if the third party had a compromise possible the seed also.

In windows 10 the user can encrypt the text in the property in the advance option, but that EFS is only available on Pro, Enterprise, and Education editions only.

I don't know why so many users prefer to back up their wallets digitally whereas storing them physically is safer and easier.

I have read much time about it because it will easy to copy-paste the seed if they want to restore it.
legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
June 26, 2021, 06:22:19 PM
#37
...
Just because you didn't lose your coins yet doesn't mean it's a safe way to store you wallet seeds online, especially in the cloud where security is questionable.
I hope you have , at least, encrypted the seed before uploading it!
I don't know why so many users prefer to back up their wallets digitally whereas storing them physically is safer and easier. It won't cost you anything to write the seed on a piece of paper and store it in a secure place, as suggested above.
newbie
Activity: 7
Merit: 0
June 26, 2021, 08:24:08 AM
#36
This thread has given me some things to seriously think about. This is surely going to become more and more of an issue as more people become aware of seed phrases and what to look for.
legendary
Activity: 2268
Merit: 18748
June 26, 2021, 03:23:47 AM
#35
I backed up my seed phrase in an original memory card
This is only safe if you did this on a permanently airgapped computer (i.e. one without an internet connection and which will never have an internet connection again). Even if you deleted the seed phrase from your computer's hard drive after you transferred it to the memory card, then it still exists and is fairly easily recoverable until the location on the hard drive it was stored is overwritten by some other data.

and and uploaded some in cloud storage.
This is an absolutely awful idea. You should create a new seed phrase and move your coins out of that seed phrase immediately. You have absolutely no idea how many servers around the world your seed phrase is now stored on, how many people can access these servers, how securely it was transferred between servers, how securely it is being stored, etc. Cloud storage and other online servers are hacked all the time. Your seed phrase, and your coins, are at risk.
member
Activity: 898
Merit: 19
Do it For Better Humanity (Bitget trader)
June 26, 2021, 01:46:06 AM
#34
I backed up my seed phrase in an original memory card and and uploaded some in cloud storage. So far, ive not lost any coin due to seed phrase being compromised.
legendary
Activity: 2268
Merit: 18748
June 21, 2021, 11:08:56 PM
#33
That is something i never thought of.  But when you guys write your seed or look at your seed, do you all make sure your phone or laptop camera isn't pointing straight at your paper that has your seed in it?
I have all cameras unplugged or disabled all the time, except during the few seconds I am actively using them to scan QR codes. I unplug standalone webcams, and I have physically removed the camera which is built in to my laptop. If your phone does not have a physical shutter, you can buy an adhesive one for a few bucks.

Everyone involved in data harvesting, from Mark Zuckerberg to the director of the FBI, have either said that they cover or unplug their cameras, or have been seen to do so in pictures and videos. They know a lot of things we don't.

When dealing with seed phrases to my cold storage, I won't even have a camera in the same room as me. I'd rather be paranoid and safe than relaxed and a victim.
legendary
Activity: 3472
Merit: 10611
June 21, 2021, 10:03:40 PM
#32
That is something i never thought of.  But when you guys write your seed or look at your seed, do you all make sure your phone or laptop camera isn't pointing straight at your paper that has your seed in it?
That sounds like paranoia to me but when you handle your seed phrase you should already be on an airgap computer which means that even if that computer has an attached webcam that could read your seed phrase it still is "air gapped" and doesn't have any connection to the rest of the world. In fact one way of keeping that system clean is using a camera and scan QR codes which is useful when signing transactions (to import unsigned tx).
full member
Activity: 1750
Merit: 186
June 21, 2021, 06:55:59 PM
#31
That is something i never thought of.  But when you guys write your seed or look at your seed, do you all make sure your phone or laptop camera isn't pointing straight at your paper that has your seed in it?
hero member
Activity: 1120
Merit: 887
Livecasino.io
June 21, 2021, 11:23:28 AM
#30
I was singing my seed phrase to memorize it and realized my phone was right next to me. VidMate  Mobdro

An old Chinese proverb says that “the faintest ink is more powerful than the strongest memory.”  I would not advice anyone to memorize their seed pharse.

However if you think your it has been compromised, you need to create a new vault, and then transfer your funds to that vault immediately.

Then, write the your new seed phrase on a physical paper. You can have offline duplicate copies stored in a bank safe, a vault in the north pole, buried under the earth or in an offshore location  Grin. Just ensure it's kept in a secure location.
legendary
Activity: 2268
Merit: 18748
June 20, 2021, 07:58:54 AM
#29
Singing your seed phrase alongside your phone and sh*ts like that doesn't endanger you besides, its still on that same device that it was generated and you get to type it in occasionally when the need arises to have access to your coins.
That's not true. If you generate a seed phrase on Electrum on mobile, for example, the seed phrase stays encrypted within the Electrum app and is pretty unlikely to be accessed by any other app (not including malicious apps or malware, of course). If you speak your seed phrase out loud, then any number of apps on your phone such as Siri, Alexa, Google Assistant, Facebook, etc., which have access to your microphone and are recording all the time will pick it up and send it to some server somewhere, unencrypted, for analysis.

So, singing it doesn't affect anything except for the fact that, you stored the voice note of it!
Storing an audio file of your seed phrase is just as risky as saving your seed phrase unencrypted in a text document, i.e. a terrible idea.

but would it technically be aginsts the law to store such information with a bank?
Depends entirely on your jurisdiction. If bitcoin is not illegal in your country, then I see no reason why you couldn't store a copy of your seed phrase or similar in a safe deposit box, though.

From my research each bank would tell you what can and cannot be stored with them, how do they ensure customers do not violates their codes; this should be by checking the content would they be suspicious.
As I mentioned, you can always encrypt the information before you store it. If the bank asks you to decrypt it, you can say that you don't know what it is and you will be given a decryption key from a relative's estate after their death, or something along those lines. Or you could encrypt it on digital storage, using a hidden volume to hide the fact that there is a wallet encrypted at all. If ever forced to decrypt it, by utilizing a hidden volume you can decrypt the drive to other "sensitive" decoy data, and never reveal the existence of the wallet.
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
June 20, 2021, 07:55:14 AM
#28
This all depends on your threat model. Are your back up locations more likely to be compromised by a thief, or more likely to be damaged by fire, flooding, natural disaster, etc? Do you simply need to write your seed phrase on two different pieces of paper and hide one in your house and one with a family member whom you trust completely? Or do you need to use multi-sig so that a thief finding one share gets nothing, or two (or more) of your friends/family members would need to collude to steal your coins?

This reminds me of Vitalik Buterin. I saw his interview recently in which he mentioned that he has split up his keys and given to family members in another country.
He had to call up his family members and get the pair of words and attach the pair of words he had to access his funds.
What do you think about this way of storing and accessing funds ?
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
June 20, 2021, 07:44:33 AM
#27
Also, if bitcoin is a taxed commodity in your country, you may be asked to reveal the content of your wallet.
Then don't make it obvious that it is a wallet. Encrypt your seed phrase and store the encrypted string on one piece of paper and the decryption key on another. One without the other is not only useless, but reveals nothing about what is encrypted.
I guess this is the part I needed to clear up. I'm not very savvy in the legal distinctions, but would it technically be aginsts the law to store such information with a bank? Or is it a grey area that is not well defined and as such cannot be regulated.

From my research each bank would tell you what can and cannot be stored with them, how do they ensure customers do not violates their codes; this should be by checking the content would they be suspicious. They may not be able to reveal the contents, but would irbpose any legal implications, particularly for countries who are not receptive to Bitcoin.
legendary
Activity: 2366
Merit: 2054
June 19, 2021, 09:38:35 PM
#26
I was singing my seed phrase to memorize it
I am not worried about your iPhone paranoid (if you aren't Intelligent, political, or work in government). I'm worried about you if in on public then slip away singing the song (BIP39 word) loudly on the train. If I'm on the train also, I will know you covered the song with the bitcoin seed.

your action memorized seed on the song is very careless.
hero member
Activity: 1288
Merit: 504
June 19, 2021, 05:57:11 PM
#25
Memorising your seed phrase doesn't make it safe, it puts you in harms way. The kind of harm that could come only by your hands. How you may want to ask? Its simply by your forgetting it. Singing your seed phrase alongside your phone and sh*ts like that doesn't endanger you besides, its still on that same device that it was generated and you get to type it in occasionally when the need arises to have access to your coins. So, singing it doesn't affect anything except for the fact that, you stored the voice note of it! There is every possibility that, your device could be accessed by someone else, hacked or stolen or even, during a friendly usage of your phone by a friend that understands cryptos and wallets, your keys is been compromised and you end up being sorry. Always endeavour to be careful with your keys.
legendary
Activity: 2268
Merit: 18748
June 19, 2021, 04:32:22 PM
#24
Do you think someone can feasibly have so many secure locations to store several back ups and be able to regularly check up on them?
Secure locations can include your house, the house of any family, parents, siblings, children, close friends, your work place (easier if you have lots of other confidential documents which would be under lock and key anyway), safe deposit boxes, etc. If you are worried about one of your back ups being compromised by a thief or an untrustworthy relative/friend, then do something to mean one back up is insufficient to take your funds - encrypt, add passphrase, use multi-sig, etc., as I mentioned above.

Also, if bitcoin is a taxed commodity in your country, you may be asked to reveal the content of your wallet.
Then don't make it obvious that it is a wallet. Encrypt your seed phrase and store the encrypted string on one piece of paper and the decryption key on another. One without the other is not only useless, but reveals nothing about what is encrypted.

What would be the best way to store in multiple locations, fo someone living in one Location, work place?
This all depends on your threat model. Are your back up locations more likely to be compromised by a thief, or more likely to be damaged by fire, flooding, natural disaster, etc? Do you simply need to write your seed phrase on two different pieces of paper and hide one in your house and one with a family member whom you trust completely? Or do you need to use multi-sig so that a thief finding one share gets nothing, or two (or more) of your friends/family members would need to collude to steal your coins?
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
June 19, 2021, 04:12:26 PM
#23
That's why you practice redundancy. Back it up more than once on more than one separate pieces of paper, and store these pieces of paper in separate geographical locations. If you are concerned about one of your pieces of paper being discovered, then ensure that it does not contain all the information required to steal your coins: Use an additional passphrase, encrypt your seed phrase, split your seed phrase, etc. Make sure that any additional information required to recover your seed phrase is also backed up on separate pieces of paper and also stored in separate geographical locations.
Do you think someone can feasibly have so many secure locations to store several back ups and be able to regularly check up on them? It seems the safest and most reliable way to avoid loss due to unexpected hazards.
I've been looking into the possibility of storing back up phrases in a bank vault (inside safety boxes). You'll have a bit of privacy as the banks aren't allowed to know what you have inside, but they are regulated and can give up the contents on request by the government.
Also, if bitcoin is a taxed commodity in your country, you may be asked to reveal the content of your wallet.

What would be the best way to store in multiple locations, fo someone living in one Location, work place?
legendary
Activity: 2268
Merit: 18748
June 19, 2021, 03:47:32 PM
#22
The back up of seed phrase getting torn is not a problem. How about you use a thicker paper and write the seed phrase there then use plastic cover or other things to laminate the piece of paper.
What if it gets incinerated in a fire? What if tornado buries it under 10 feet of rubble and you can't find it? What if it is stolen?

There is no single back up method which is immune to loss, whether it be laminated paper, titanium plates, or electronic devices, even if they are stored in an airtight, fireproof, waterproof safe bolted to the foundations of your house. The only way to come close to ensuring your back up survives is by having more than one back up in different locations, as I said above. Having only a single back up is a risk, and having only a single back up stored in the same location as your wallet (so both your computer and your seed phrase stored in your house, for example) is an even bigger risk.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
June 19, 2021, 03:33:58 PM
#21
It's still not secure enough. You might lose the paper in some way or get it torn.
There's no proven way which can guarantee to store the seeds securely. We just have to back up the seeds with the least risk.
The back up of seed phrase getting torn is not a problem. How about you use a thicker paper and write the seed phrase there then use plastic cover or other things to laminate the piece of paper. I have done this before where I wrote some passwords for games and have to cover the paper with clear tape so no matter how many roll of tapes I used I can still see the content on the paper.
legendary
Activity: 2268
Merit: 18748
June 19, 2021, 12:54:31 PM
#20
It's still not secure enough. You might lose the paper in some way or get it torn.
That's why you practice redundancy. Back it up more than once on more than one separate pieces of paper, and store these pieces of paper in separate geographical locations. If you are concerned about one of your pieces of paper being discovered, then ensure that it does not contain all the information required to steal your coins: Use an additional passphrase, encrypt your seed phrase, split your seed phrase, etc. Make sure that any additional information required to recover your seed phrase is also backed up on separate pieces of paper and also stored in separate geographical locations.

But the way I put it online is not just obvious labeled file "my recovery seed" or anything similar that is crypto related text. So, no one would know it's something like that.
Security through obscurity is generally a poor choice for protecting valuable information.
hero member
Activity: 3024
Merit: 680
★Bitvest.io★ Play Plinko or Invest!
June 19, 2021, 11:26:50 AM
#19
Check if you've got unnecessary applications that have been allowed to connect using your microphone. Don't be paranoid. If you're aware of it then you're just trying to be secured.

But to remove your worry and fear. Create a new wallet with another seeds and transfer your balance there and just record the new seed on a paper.
copper member
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
June 19, 2021, 10:42:16 AM
#18
What I actually do is write the whole 21/22/23 words put it online (not recommended by others which is true) for easy access and put the missing word/s out in a safe place. Ofc, you can do what others said, but that just me, did that since 2017.
This is also a terrible idea. One word can be brute forced in seconds, and even three words can be brute forced in under a day with good hardware.

Just write it down on paper like you are supposed to.

I'm with o_e_l_e_o on this. This is a terrible idea, only exception being unless you created well made air-gapped encrypted storage with absolutely ZERO fuck-ups in the process. Hopefully you actually do know what you're doing.
Ye, I get that. That's why I said it's not recommended, but it work for me.

But the way I put it online is not just obvious labeled file "my recovery seed" or anything similar that is crypto related text. So, no one would know it's something like that. And no one will randomly brute force to guess on such file content that has more than 24 words written on it (well, I guess?)

But ofc, I have one written on a paper, but still the same process, just the 21/22/23 words and just put the remaining online for an easy access. If ever that piece of paper got burned, lost, wet or etc. Well, that's for a guy that has no permanent address/house.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
June 19, 2021, 10:39:29 AM
#17
It's still not secure enough. You might lose the paper in some way or get it torn.
There's no proven way which can guarantee to store the seeds securely.
There is a proven way to store it securely. There is no proof that it'll remain in the same place, that's why you have to maximize your security. I consider the paper way, the most secure; you don't store anything electronically and thus, you're proving to yourself that no malicious party can access your money. If you worry about your computer's RNG, roll a dice instead!

Write it on a paper or on a steel. Create back ups, so that if you somehow lose your main steel/paper, you'll have a way to restore it. Don't memorize it; burry it in the ground, hide it inside your walls, be creative!
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
June 19, 2021, 10:32:06 AM
#16
Memorizing the seed phrase is the one of the worst possible ways to back it up.

The context here is not about backing up the seed by memorizing it, instead, it is backing up through some preferred way as well as memorizing the seed.
There's nothing wrong if you can memorize the seed and have it securely backed up as well.
I know we might lose memory and forget the seed and in that case we can just use the backup.

Quote
Just write it down on paper like you are supposed to.
It's still not secure enough. You might lose the paper in some way or get it torn.
There's no proven way which can guarantee to store the seeds securely. We just have to back up the seeds with the least risk.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
June 19, 2021, 10:09:14 AM
#15
What I actually do is write the whole 21/22/23 words put it online (not recommended by others which is true) for easy access and put the missing word/s out in a safe place. Ofc, you can do what others said, but that just me, did that since 2017.
This is also a terrible idea. One word can be brute forced in seconds, and even three words can be brute forced in under a day with good hardware.

Just write it down on paper like you are supposed to.

I'm with o_e_l_e_o on this. This is a terrible idea, only exception being unless you created well made air-gapped encrypted storage with absolutely ZERO fuck-ups in the process. Hopefully you actually do know what you're doing.
legendary
Activity: 2268
Merit: 18748
June 19, 2021, 08:50:51 AM
#14
Go to your privacy settings and you will be able to see all the apps which have access to your microphone. Any one of these could have been recording your voice whether or not it was actively running at the time.

Memorizing the seed might be good but not having backup of the seeds is definitely wrong.
Memorizing the seed phrase is the one of the worst possible ways to back it up.

You should always have multiple backups of your seeds and store it in a password protected file or encrypt it as suited.
And this is one of the other worst possible ways to back it up. Unless you are generating and encrypting it on a permanently airgapped computer running a live open source OS, then chances are you are going to leave some unencrypted traces of it somewhere. Just turning off your WiFi and then adding a text file with your seed phrase to a password protected ZIP file or something similar is not secure enough.

What I actually do is write the whole 21/22/23 words put it online (not recommended by others which is true) for easy access and put the missing word/s out in a safe place. Ofc, you can do what others said, but that just me, did that since 2017.
This is also a terrible idea. One word can be brute forced in seconds, and even three words can be brute forced in under a day with good hardware.

Just write it down on paper like you are supposed to.
sr. member
Activity: 1764
Merit: 260
Binance #SWGT and CERTIK Audited
June 18, 2021, 05:17:30 PM
#13
Hi this is a random question but is it possible for my seed phrase on hardware wallet to be compromised by an app using my iPhone microphone ? I was singing my seed phrase to memorize it and realized my phone was right next to me. I’m also kinda high and paranoid? I see lots of posts about ppl taking photos of their phrases and losing their coins so I didn’t know if saying my phrase out loud was a bad idea.
IMO it is possible, only if your device has some spyware on it. If your phone is secure, it should be fine.
It is great if you have a very good memorization skills, since you won't need to worry where and how you should store those seed phrases away from possible access of other people, as your own memory is your storage.
copper member
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
June 18, 2021, 02:08:56 PM
#12
It could be better if you just write it down and be quiet about that, memorizing such info could be bad just what others mentioned above.

What I actually do is write the whole 21/22/23 words put it online (not recommended by others which is true) for easy access and put the missing word/s out in a safe place. Ofc, you can do what others said, but that just me, did that since 2017.
legendary
Activity: 2394
Merit: 2223
Signature space for rent
June 18, 2021, 01:36:04 PM
#11
Why are we using a hardware wallet? Because it's been hiding your wallet credentials from internet attacks. For security reasons, your seed from the device wouldn't steal by any software. Otherwise, there is no meaning to using a hardware wallet. But if you save the seed at any device anyhow then it's pretty simple to steal for hackers. So depends on the situation how are you saving your seed. Just write it on hard paper, keep it in multiple places. So even a piece of paper damage then you would recover it from another piece. Don't store it on any device either online or offline. Because your device would damage or steal at any time. If you lost your backup means your funds are gone.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
June 18, 2021, 12:04:55 PM
#10
You don't have to be paranoid since the wallet with the seed phrase you are singing doesn't have any cryptocurrency stored so nothing to worry unless you have stored some crypto in it then you need to generate another wallet and transfer the funds right away and your good to go. If ever you wanted to store your seed phrase safe try to use to encrypt your seed phrase using an encryption program offline and store it somewhere else that doesn't have internet connection. Try to visit this thread for more information about encryption https://bitcointalksearch.org/topic/asymmetric-encryption-vs-symmetric-encryption-5342058.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
June 18, 2021, 11:22:40 AM
#9
You should always have multiple backups of your seeds and store it in a password protected file or encrypt it as suited.

Also, taking photos is not my kinda thing since I am paranoid as well. The first thing which gets leaked from our devices are photos.
So I wouldn't risk my seeds in it.

You don't even need to be paranoid to take photos as backups. It's simply just a dumb idea. Period.

As for creating digital backups, regardless if it's encrypted, definitely do NOT do this unless you're 100% sure in what you're doing. You may well indeed get the result of having a securely encrypted backup, but there's just so much things that can go wrong in the process that can leak your keys.
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
June 18, 2021, 09:31:31 AM
#8
Hi this is a random question but is it possible for my seed phrase on hardware wallet to be compromised by an app using my iPhone microphone ? I was singing my seed phrase to memorize it and realized my phone was right next to me. I’m also kinda high and paranoid? I see lots of posts about ppl taking photos of their phrases and losing their coins so I didn’t know if saying my phrase out loud was a bad idea.

If Siri can keep listening to commands on your iphone why not the other apps. If you have such an app which uses your microphone then the chances of someone listening to it on the other hand is quite possible. Although unlikely as mk4 said it is still possible. But you need not worry about it much since such a scenario is highly unlikely and yeah saying out your phrase loud is definitely a bad idea for someone if not the iphone might be listening to you and you won't even know.
Changing the seeds would be a good thing to start with. Memorizing the seed might be good but not having backup of the seeds is definitely wrong.
You should always have multiple backups of your seeds and store it in a password protected file or encrypt it as suited.

Also, taking photos is not my kinda thing since I am paranoid as well. The first thing which gets leaked from our devices are photos.
So I wouldn't risk my seeds in it.
legendary
Activity: 4466
Merit: 3391
June 18, 2021, 08:01:11 AM
#7
Hi this is a random question but is it possible for my seed phrase on hardware wallet to be compromised by an app using my iPhone microphone ? I was singing my seed phrase to memorize it and realized my phone was right next to me. I’m also kinda high and paranoid? I see lots of posts about ppl taking photos of their phrases and losing their coins so I didn’t know if saying my phrase out loud was a bad idea.

I think that the probability of forgetting the phrase is much much higher than the probability that someone recorded you.
sr. member
Activity: 2030
Merit: 269
June 18, 2021, 07:58:21 AM
#6
Save yourself of whatever is bugging you by transferring all your coins to another wallet, generating a new wallet is free although you will spend for transaction fee, at least you will be free from thinking that your seed phrase is not safe, you can save yourself with sleeplessness night and too much worrying, even if it is unlikely that your seed phrase is compromised.
legendary
Activity: 2436
Merit: 1104
June 18, 2021, 02:45:43 AM
#5
Hi this is a random question but is it possible for my seed phrase on hardware wallet to be compromised by an app using my iPhone microphone ? I was singing my seed phrase to memorize it and realized my phone was right next to me. I’m also kinda high and paranoid? I see lots of posts about ppl taking photos of their phrases and losing their coins so I didn’t know if saying my phrase out loud was a bad idea.
just like what mk4 said it's quite unlikely, it is possible to happen. I'd recommend being cautious(especially when an app is from an unknown provider) when an app your downloading or downloaded is asking to access your files, photos, camera, and microphone on your phone. taking a photo of your seed phrase is one of the reckless things you or someone can do if you want to protect it. one of the best and easiest way to protect your seed phrase is to just write it on paper and store it in a safe place. you can even make a copy of it in case you lost or ruined the first one you made.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
June 18, 2021, 02:08:44 AM
#4
I was singing my seed phrase to memorize it and realized my phone was right next to me. I’m also kinda high and paranoid?
No, you're not. Nowadays, mobile phones record you to provide you the best advertisements. I once was talking about Star Wars Battlefront and after a while I got an advertisement about a cheap PS4...  Roll Eyes

You should never trust a closed-source operating system with:
  • Your voice.
  • Your pictures.

No, taking a picture of your seed phrase isn't secure obviously. If someone gained access to your mobile phone, he could steal your money. If I were you, I'd just generate another seed phrase and I wouldn't try to memorize it or include it on any computer/phone. Just hide it in several places, so that if you lose one piece of paper, you can replace it with your back ups.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
June 18, 2021, 01:25:38 AM
#3
Hi this is a random question but is it possible for my seed phrase on hardware wallet to be compromised by an app using my iPhone microphone ?
There is nothing malware can not do, so be careful with your seed phrase.

I was singing my seed phrase to memorize it and realized my phone was right next to me
There has been some numbers and words I memorized for months and yet I later forgot after I thought I have memorized it off hand. I would even think I can not forget it, it can be some just one or two numbers that I will forget. Do not depend on your brain for long term memory, it might not work. Backup your seed phrase offline is better, having like three copies safely backup somewhere not accessible to attackers and resistant to damages.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
June 18, 2021, 01:21:59 AM
#2
While it's quite unlikely, it's technically very possible.

And since you're paranoid to start with(which is good in a sense), just simply generate a new wallet instead; for your peace of mind. And this time, don't sing it out loud. You should be writing it down instead in the first place. Imagine if you get into an accident or a concussion that caused you to lose a part of your memory. I wouldn't risk that especially if you have a good amount.
newbie
Activity: 1
Merit: 2
June 18, 2021, 01:12:56 AM
#1
Hi this is a random question but is it possible for my seed phrase on hardware wallet to be compromised by an app using my iPhone microphone ? I was singing my seed phrase to memorize it and realized my phone was right next to me. I’m also kinda high and paranoid? I see lots of posts about ppl taking photos of their phrases and losing their coins so I didn’t know if saying my phrase out loud was a bad idea.VidMate  Mobdro
Jump to: