Topic: Seedphrase security - Pros and Cons of offline storage (Read 366 times)

Unless extremely trustworthy, you shouldn't share information such as the location of your seed phrase with anyone. Let alone the seed phrase itself.

That is so underrated feature. You can't steal someone's bitcoin if you merely break into their house. There are nearly infinite ways to hide a seed phrase if you're creative. The thief must force you to give them permission.

Yes, I think it would be safer to have an extra backup as the text for your seed phrases. As Fundamentals Of said and I agree with him that no method is 100% safe. I know people have many methods, but for me, I still like to write them down in a notebook and store them in the place I think is the safest instead of using other complicated methods. I really don't like the OP's method of online storage, but I find it's not too bad.

It looks fine when you're still healthy, but if you suffered a brain injury regardless what the causes e.g. getting old, accident, crash etc, using passphrase isn't safe anymore. Imagine you're the only one person who know the last word, there's no back up and you can't do anything except let it go.

Every method will have its pros and cons, and the unexpected is something we can never predict.  so choose whatever method you think is most suitable for you, don't listen to or imitate others because we are not in the same situation.  many people don't seem to like the OP's method of storage, but if the OP feels that method is safe for you, then you should continue. I'm also storing my seed phrase using 2 USBs, and I've been safe for years now, I have no reason to change my storage method just because of other people's opinions.

If one of your password managers is compromised, chances are the other will be too. A keylogger could still the passwords to both password managers when you unlock them. To mitigate this you should use password managers with parts of your seed on different devices that do not share a common space that could infect them both.

Offline storage could be encrypted too. Wallet seed could require an extension word, or you could use a scheme that results in human-readable encrypted formats. This would solve the problem of having your coins stolen if the seed is stolen, but would add the problem of managing another key.

Maybe you have to learn to not expose yourself that you own bitcoin. An illiterate armed robber or criminal will go for fiat or TV set and not for a piece of paper.

Maybe you didn't hide it at first. I hardly find the TV remote in my house let alone to find a piece of paper in another person's house.

Hide it more than one place and you will not forget if you have coins in the wallet. A good idea to check it once in a while.

Ok, maybe you hid it close to the waste bin because you haven't thrown away your house documents yet

Very true, but you can hide in more than one house.

I generally stink at storing my seed phrases; I've lost quite a few, if I'm honest, so I possibly don't have the best advice to share. In the past, I usually created new text documents and stored them on my computer. It certainly isn't the safest option, while I had lost quite a few because I ended up losing them in the long run. I'm notorious for losing my offline copies as well, writing them inside a notebook or a piece of paper, only to never be seen again. It's a common occurrence for me. Apart from that, I believe that we're being a little too paranoid without reason. Chances are that none of the scenarios mentioned by the OP are going to happen; no one is going to search you at the airport or wherever and find your seed phrase written on a piece of paper.

Personally, I'd either have copies inside books that I don't use and are light to carry around, in USB flash drives with a keychain on them to carry at all times, or perhaps write the seed phrase in an excel file that already has data in it and hide the seed words in white color. I just thought about the latter option, and it doesn't sound too bad. I don't know if the encrypted folder option on your phone is considered safe; it's supposed to not have access to the internet. I wouldn't trust a Xiaomi or similar Chinese-branded one, though, as they're notorious for being infected with malware.

Great, so you are aware of the passphrase? In that case, your seed phrase remains secure even in physical form, and your concerns about potential theft or accidental discovery are no longer relevant.


But think about this. Storing your wallet seed online or on a device hooked up to the internet opens it up to way more security risks than keeping that seed phrase offline and physical, right? I mean, even with a passphrase for extra protection there is still a chance someone could hack into your wallet if they have the computing power, which there is definitely no shortage of these days.  It really depends how complex your passphrase is and the encryption the password manager uses.  But if you go old school and keep that seed phrase offline? The chances of it getting swiped drop big time cause theres just not as many people who could get their hands on it.   

Just saying, it is something to think about if you want to keep your funds truly safe and  there is tradeoffs either way - convenience versus security. 

I would never advise using any kind of storage to save your wallet seed phrase there. Rather, I will advise maintaining your notebook so that you can have all your wallet credentials. For an important wallet like Bitcoin, just make two copies. Secure it somewhere between two places. So even if you destroy one, the other one will help to restore your wallet. There will always be a hard procedure to secure your wallet seed phrase. We have to handle this in a smart way. I am following this, and this is what I believe is the safest way. But you have to choose the right place to secure your credentials.

when you have a valuable item, you must adequately protect it by securing your private key in a location where you are confident that nobody can quickly access it. It will be impossible for anyone to steal it if it is securely secured. Since you are aware of how important bitcoin is, you are also aware of how to safeguard it so that no one would ever guess that you have secretly stored your private key there.

Additionally, try to avoid disclosing your bitcoin holdings to everyone, you don't have to tell them everything. Your investment should be a secret at all times. You become more open to assault the more you reveal about your bitcoin possession.

why wont you be able to recall where your key is kept? i cant just forget about where a valuable asset is kept. It's advisable to often check the location where you secure your key. You shouldn't lock your private key away and leave it laying around. Furthermore, it's preferable your key is secured in different places rather than having it in one place.

It's best you educate your family members about bitcoin. Your wife or spouse should be aware of bitcoin, cryptocurrencies, and how you protected your key. If they discover the private key while cleaning the home, I'm confident they won't toss it away after they see it.

If your private key is properly secured, it won't be able to be destroyed by a fire incident. Simply carve your private key onto an iron steel so that it won't be destroyed in the event of a fire or water accident. I advise individuals to safeguard their private keys using that way since, as far as I'm concerned, iron steel cant be destroyed easily.

Okay so you are confront with a 5 dollar wrench attack.

Multiple wallets means they get a piece of your money not all of it.

same as I do with me silver I have bullion and it is easy to find it. Hope thief thinks this is a score I will take this and go.

I don't trust any password managers that are not open source. Lastpass is not open source so I would never use them.

==============

For another layer of security, I'm also using a password-protected, encrypted PDF file that is stored in the password manager vault.

If my password manager was somehow compromised, a hacker would still need to crack the encrypted PDF file to see whatever they think might be inside it.

Then after that they would also have to figure out my hidden wallet passphrase, but they will not even know about any hidden wallet, because of course it is hidden.

I would suggest putting a small amount of bitcoin in the standard (non-hidden) wallet that the hacker can see so they think that is all you have.

But then use the hidden wallet to store larger amounts.  

For every story about someone losing their funds because they stored their private key electronically,
there are stories about others losing their funds because they stored their private key somewhere offline and it was lost or stolen, etc.

Internet forums are filled with people asking about how to recover their private keys because they put it somewhere in their house and lost it.

In most cases offline storage is still best, but there are pros and cons with either method and none is perfect.



Bitcoin worth $186m lost in landfill
https://www.thenationalnews.com/business/money/2022/08/03/bitcoin-worth-186m-lost-in-landfill-how-a-software-engineer-plans-to-find-his-loot/

It's not just about someone physically accessing the laptop and stealing the seed phrase that's stored in the computer, it can be done remotely with the help of a malware like trojan, infostealer or keylogger. There's a recent case of a someone who lost 2 BTC because he stored his seed phrase electronically. Experience they say is the best teacher, but I don't except that and I would rather learn from other persons mistake. Don't say it's because you don't have enough Bitcoin that's why you won't do the right thing, you never know what your small Bitcoin could worth tomorrow.

Forgot to mention, I am adding an additional layer of security to my password manager setup through the use of hidden wallet passphrases.

A passphrase is any word and/or number combination you make up yourself. As long as your passphrase is stored only in your head it will be impossible for anyone to know what it is.
This is also known as a 25th word (or 13th word if using 12 word seed).

Even if someone steals your seedphrase they will not be able to access (or even see) the funds stored in your hidden wallet(s) without knowing the passphrase.

Holding Bitcoin in a hardware wallet, you back up your seed phrase by writing all the words in a paper or steel plate: you will complain like you pointed out in your thread.

Holding Bitcoin in a hardware wallet, you back up your seed phrase by writing few parts in a paper or steel plate: you will complain if there's a chance you will lose one of your back up.

Holding Bitcoin in a centralized exchange: you will complain the exchange can go bankrupt and it's not safe.

So pick your own way to hold your coins and how to access it!

I guess there isn't really a 100% safe way of keeping our seeds. Whichever way we keep our seeds, there are always pros and cons. But I think the risk is much much higher when we keep it online. The online world is so big. I'd rather just keep them in my tiny house. My house is not a public space so even if there are family and friends who come in every now and then, there are little spaces in which they aren't able to access. Of course it still isn't a guaranteed way as there are still things we cannot control like accidents, but we're just doing it the safest way we think.

Yeah that was why I said earlier i have them stored in several places, and again for additional security purposes I planned to print them out as hardcopy to get stored in my file storage where I have my other important documents. This is another way although if you don't indicate any note that mentioned about BTC non would know that idea is your bitcoin seedphrase.. Also most times I do insert my flash drive to my system to regularly check them to know if they are properly active and working effectively before I had this idea of printing it out as hardcopy file.

I don't believe this, criminals come hunting knowing what they are looking for, the first thing that comes to their mind is cash not crypto wallet, if they come looking for such thing they already know that you have crypto, in my country most people look at me like a nuisance who has lost its way because I believe in Bitcoin, so maybe that's why I am not a target? Robbers now rob the bank because they know people don't keep money at home anymore unless they get information that they are holding some cash at home.

There is no way you can lose or forget your recovery seed because it will be the most important thing in your life, you are holding a bag of bitcoin and you will forget? That's impossible, let's talk about natural disasters, this makes a lot of sense than others, fire can break out and a earth quake or even a massive hurricane, and destroy things, but these doesn't happen everywhere.

You should know if it does, and how to be prepared is your job, in this stage it's better to carve your recovery seemed on a steel, it could be heavy iron that fire won't be able to destroy or a short one that you can move around with when the alarm for a hurricane is coming, thanks for sharing your mind though.

If you use flash drives and phones to store seed phrases, you need to know that electronic products can fail at any time without prior notice to you. So you need to check them regularly and replace them promptly if one of them is broken. Furthermore, storing them on your phone is not a smart idea because what if someone can access your phone? Or your phone suddenly breaks down and you won't be able to access it.

No matter how much or how little bitcoin you own, it is your money and property, you should cherish it in every way. It may only be worth a few thousand dollars now but could be worth $1 million in the future if bitcoin increases in price.