Pages:
Author

Topic: Store your seed phrase offline - page 2. (Read 712 times)

hero member
Activity: 1498
Merit: 711
Enjoy 500% bonus + 70 FS
January 09, 2023, 07:37:17 AM
#50
The best way someone can store seed phrase is through documents on a paper, from the beginning i was thinking that the best conditions to keep seed phrase is through email documentation, but right now i have detect that storing your seed phrase online can give easy access of penetrating to the seed phrase, so the best someone can do is to store in a paper and store to a private place.
hero member
Activity: 980
Merit: 947
January 09, 2023, 07:22:48 AM
#49
I never saw the allure of using password managers to help me with my passwords, let alone for storing seeds or private keys. Sooner or later something nasty was bound to happen and LastPass is proof of that. This is not the first leak or hack that involved password managers. I don't keep track of it because it's none of my business, but I think LastPass was attacked in the past as well.

Just keep your private data to yourself, and think of a system of how to create secure passwords that will still be easy to remember.   
I would rather use good old pen and paper and a notebook if it became tedious to remember all the different pass combinations.
Pen and notepad is perhaps one of the best options for storing our passwords and seed phrases. As for seed phrases, we can use our imagination and write it down in a way that only you can understand. But this is everyone's business, it's like an additional security measure.

I have also never used a password manager and never will, the risk is too high to put my funds at risk. And even more so, I never saved passwords on my laptop or phone, because this is probably the first place where they can steal it. Pen and notepad it's the easiest and most reliable way that has never let me down.
hero member
Activity: 882
Merit: 860
January 09, 2023, 06:03:30 AM
#48
No online password security will be as strong as storing offline, either it's 2FA or 3FA Authentication do not use them to store your wallet's private seed.

There is no malware, spyware or hackers without online/ internet access, think about it, the only way to stay safe is offline 100%.

Writing seeds down on a paper book or steel carving is the best practice ever.

keeping our seed 100% safe and offline is the safest practice to avoid hacker attacks! transcribing one's seed sentence on sheets of paper or on steel platelets still has its degree of danger! paper is easily perishable in case of fire, for example, or it can be easily found by prying eyes if badly preserved, the steel plate could be lost, for another example. therefore security can never be 100%. It would be necessary to make many backups and a lot of care and conserve well
legendary
Activity: 2604
Merit: 2353
January 08, 2023, 03:09:38 PM
#47
There is nothing as important as the private key.

Because the seed phrase can produce the private key, that is why the seed phrase is very important but there is nothing as important as the private key.

Bitcoin core do not have seed phrase, either you backup the master private key or the wallet file. If you backup the wallet.dat, the password will be important if you encrypt it.
Actually Bitcoin Core uses HD wallets with private keys derived from a seed since several years. Only the first versions of the software didn't use them. The seed is not in the BIP 39 mnemonic format but in the WIF private key one, that's why so few people are aware about it.
But you can simply get it by doing a dumpwallet and looking at the first lines of the dump file. The seed will be a key named hdseed in the file.
Quote
Set or generate a new HD wallet seed. Non-HD wallets will not be upgraded to being a HD wallet. Wallets that are already
HD will have a new HD seed set so that new keys added to the keypool will be derived from this new seed.
[...]
2. seed (string, optional, default=random seed) The WIF private key to use as the new HD seed.
The seed value can be retrieved using the dumpwallet command. It is the private key marked hdseed=1
https://bitcoincore.org/en/doc/24.0.0/rpc/wallet/sethdseed/
legendary
Activity: 2730
Merit: 7065
January 08, 2023, 07:27:41 AM
#46
Much better if you keep your seed phrase physically. What I mean is you can write down your seed phrase with a piece of paper and keep it in your trust case or something.
Seed phrases should only be stored physically on paper or metal and in no digital form whatsoever. You can't hack a piece of paper safely tucked away somewhere where no one can find it. I am not sure what a 'trust case' is supposed to be. Are you talking about safety boxes maybe? I hope you don't mean carrying the seed with you in your briefcase or another type of bag or physical wallet because that is not recommended at all.
full member
Activity: 308
Merit: 108
January 08, 2023, 06:59:38 AM
#45
Much better if you keep your seed phrase physically. What I mean is you can write down your seed phrase with a piece of paper and keep it in your trust case or something. Your seed phrase is much more important than your password so always keep in mind.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
January 08, 2023, 04:39:46 AM
#44
I agree that's too complex of a password
It's not too complex, I think that's a normal password Smiley One that's actually a password, and not just some simple characters.

Quote
the only way to work with that conveniently is through a password manager.
Once you use a password manager, there's no reason not to use decent passwords anymore. Except for certain websites that restrict the use of characters and length of the password (to reduce security because their system can't handle it).

Quote
Simpler alternatives are good enough for most people. You can still generate strong passwords made up of uppercase and lowercase letters, numbers, and special characters without making it look like your dog laid down on your keyboard.
Of course. And I can remember even a few of them. But that's not enough. I just checked: for webshops alone, I have more than 50 different accounts, all with their own unique strong password.

Quote
And if you found yourself in a life-threatening situation where you absolutely had to access something from your phone while away from home, but you use a password like that, your chances are pretty slim.
I can't think of such a situation. I don't do banking on my phone, but have my debit and creditcard with me. I have cash and an encrypted paper wallet in my wallet, I have an emergency loan system in place on Bitcointalk. We have emergency services that arrive within a few minutes, and the country is so densely populated I can crawl to a house in a few meters. I don't need any of my passwords in an emergency.
legendary
Activity: 2730
Merit: 7065
January 08, 2023, 04:19:42 AM
#43
That means you either have weak passwords, or a very hard time using them. Example:
Code:
K7pKmC*ed^Pxjmd=u^5GHv!d4Vf2cbB+
Most of my passwords aren't week. I say most, meaning for the sites and services I care about. Dummy accounts or accounts created for testing purposes don't belong in that group. I agree that's too complex of a password, and the only way to work with that conveniently is through a password manager. Simpler alternatives are good enough for most people. You can still generate strong passwords made up of uppercase and lowercase letters, numbers, and special characters without making it look like your dog laid down on your keyboard.

And if you found yourself in a life-threatening situation where you absolutely had to access something from your phone while away from home, but you use a password like that, your chances are pretty slim.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
January 08, 2023, 04:01:08 AM
#42
I never saw the allure of using password managers to help me with my passwords
Once upon a time, I used a clear-text file to store my passwords. Then, I installed a password manager and I'm still happy with it. I have at least 100 passwords, each with (give or take) 25 random characters.

Quote
let alone for storing seeds or private keys.
Agreed. Although it could work on a dedicated system without internet and sufficient backups, most people just shouldn't do this.

Quote
This is not the first leak or hack that involved password managers.
Password managers aren't the problem, it's the ones that add internet functionality. Don't do that, don't upload your passwords in the cloud. Keep it local, and make local backups.

Quote
Just keep your private data to yourself
Agreed!

Quote
and think of a system of how to create secure passwords that will still be easy to remember.
I did, and that "system" is a password manager that runs on my own system with heavy encryption and regular backups.

Quote
I would rather use good old pen and paper and a notebook if it became tedious to remember all the different pass combinations.
That means you either have weak passwords, or a very hard time using them. Example:
Code:
K7pKmC*ed^Pxjmd=u^5GHv!d4Vf2cbB+
Writing that down will lead to mistakes. If your system is to make small adjustments to your password for different websites, that means you're making it very easy for one compromised site to access your other accounts.



I always hate having to enter a password on mobile, and I bet most people use weak passwords because it takes far too long to type the above password on a mobile keyboard.
legendary
Activity: 2730
Merit: 7065
January 08, 2023, 03:37:00 AM
#41
I never saw the allure of using password managers to help me with my passwords, let alone for storing seeds or private keys. Sooner or later something nasty was bound to happen and LastPass is proof of that. This is not the first leak or hack that involved password managers. I don't keep track of it because it's none of my business, but I think LastPass was attacked in the past as well.

Just keep your private data to yourself, and think of a system of how to create secure passwords that will still be easy to remember.   
I would rather use good old pen and paper and a notebook if it became tedious to remember all the different pass combinations.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
January 08, 2023, 03:11:51 AM
#40
The most important thing is the seed phrase, nothing at all.
You can recover a wallet without a password, just simply import it using the seed phrase. 
There are too many ways how to protect our seed phrase or private key as long as you stay away online, you're safe.  A piece of paper or engraved on metal, it's up to you as long as you know it's safe.
There is nothing as important as the private key.

Because the seed phrase can produce the private key, that is why the seed phrase is very important but there is nothing as important as the private key.

Bitcoin core do not have seed phrase, either you backup the master private key or the wallet file. If you backup the wallet.dat, the password will be important if you encrypt it.
full member
Activity: 728
Merit: 151
Defend Bitcoin and its PoW: bitcoincleanup.com
January 07, 2023, 10:27:33 PM
#39
I have not used LastPass password manager before, some people said it is also used for 2 factor authentication, but this is about people that are convenient to store their seed phrase, private key and password using a password manager that can connect online. The password manager uses vault to store people's information which are encrypted. In August 2022, hacker breached data of LastPass users, but can only be accessed using the password the users used to encrypt the data, said LastPass.

LastPass attacker stole password vault data, showing Web2’s limitations
LastPass data breach led to $53K  Huh stolen, lawsuit alleges

What do you think about this? Before hacker can have access to something, that means the vault is online. If something is online, it can be hacked. If a password manager is not offline, do not use it. I like to put my seed phrase on a paper, if you want it safer, you can use a steel backup for it, there are steels that you can buy to backup your seed phrase and it is not a waste of money.

If you are afraid of people not to see your seed phrase and steal it, keep your seed phrase in a very safe place but use passphrase to make it safer.
Its really not safe to store your info to the cloud or to a third party software, first thing is when their system is attack and the hacker gain access to their system, its an open book for them, they can see everything.
The best approach is to put in offline making multiple copies just incase, I'm not saying its the best option, but since online everything is not safe, hackers have a lot of ways, they have their ways to access if they want to, only a matter of time for them.
I'm not saying thats its bad but if you really wan't to be safe I think its one of the best option that I can see.
hero member
Activity: 2184
Merit: 531
January 07, 2023, 07:13:31 PM
#38
LastPass has a terrible reputation. The last story is still not fully understood. On December 22, the team admitted that the leak was more serious than they expected. And yes, we also remember that the team did not immediately react to warn users. There is an explanation of what happened; you can follow the link.
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

But by trusting third parties with our seed phrases or passwords, we are tacitly signing a disclaimer. Therefore, in order not to blame ourselves for any incidents, such as theft or leakage, we must rely only on ourselves. In addition, we all exaggerate the complexity of storing important data. There is always a place in your personal space where you can store things away from prying eyes, be it paper with a seed phrase, a flash drive, or something else. And it is better that there are several archives, but in reasonable quantities.

Everything should be approached with caution and limited trust. I use last pass, it's a great tool. It should not be used to store the most important information like all of your important email addresses, bank accounts, anything that has to do with money or private information.

I use it for burner spam emails, sites that require registration to access but it's nothing important. I've downloaded software a few times that wouldn't allow me to use all features without registration. I don't need to remember my password to such sites in case I ever need them. Also, as long as the data is encrypted and they inform users about a breach you have a lot of time to change your leaked passwords before someone cracks the encryption.

Seed phrases, private keys, everything of this sort should be kept offline, preferably engraved on something that doesn't burn and well hidden.
legendary
Activity: 2492
Merit: 1232
January 07, 2023, 06:56:02 PM
#37
  • If you need to have a backup for recovery, seed phrase is most important. Without it, you can not recover your wallet if your device is broken and can not be fix technically so that you can access your wallet file.
  • If you don't have a backup but your device is well, wallet file is usable, you only need a password to decrypt it and access it. So in this case, password is more important.
  • Of course a backup (should be multiple backups) should be a first thing to do before using any wallet.
I can prefer file backup for wallet.dat but if using a seed phrase wallet, I will only just prefer to go for seed phrase which makes password not to be important to access my coins because if I forget the password, I can still import the seed phrase on a new wallet to have access to my coins, but with wallets like bitcoin core that do not have seed phrase, I will prefer file backup.
The most important thing is the seed phrase, nothing at all.
You can recover a wallet without a password, just simply import it using the seed phrase. 
There are too many ways how to protect our seed phrase or private key as long as you stay away online, you're safe.  A piece of paper or engraved on metal, it's up to you as long as you know it's safe.

It's our responsibility to keep them safe and treat the same as money or any valuable stuff that can be stolen anytime.
hero member
Activity: 1008
Merit: 520
Leading Crypto Sports Betting & Casino Platform
January 07, 2023, 05:32:14 PM
#36
Passwords and other information shouldn't be stored online because they will be exposed to hackers at any time and better to store them in an offline way, but writing them on a piece of paper is not also advisable since third parties can get access to the papers and use your seed phrase at any point.
So it all balls down to you as a person and since passwords can be easily memorized you can memorize them but what about wallet seed phrase that has multiple words and characters that is not possible to memorize them at a go?
What becomes the best option for storage is it online or offline but this also leads us to one fact which is personal discipline a d being able to protect your data from being exposed to third parties.
hero member
Activity: 2142
Merit: 670
Hire Bitcointalk Camp. Manager @ r7promotions.com
January 07, 2023, 04:59:14 PM
#35
We often get notifications and also share about how to store our seeds or private data offline to prevent various malware and especially cyber crimes. But basically, sometimes most people ignore it and think that online is more effective when we are going to use it wherever and whenever. Even though actually storing the data online is very risky. This is not surprising that many people got attach by hackers or malware and then end up losing assets.
hackers can easily find our data and then get access to everything if they want. Moreover if we are opening the ways such as by posting our assets or activities in the social media. So this will attract hackers to do mroe with us.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
January 07, 2023, 04:41:43 PM
#34
That's the problem with people who use a program to manage something. If you want to use a manager then at least choose the right program to use when managing your passwords. Even though I said or write what's on my mind about that thing is I never use password manager at all. Each person have their own way to store their passwords and I write my password on a piece of paper and also laminate the paper to make it a lot stronger and it will take a long time before it will decay. I would also have another back up stored offline if ever I lose the back up. In short, a back up or a back up.
legendary
Activity: 2604
Merit: 2353
January 07, 2023, 04:19:13 PM
#33
I had an experience where I stored my keys in the cloud, and I lost access to the cloud. Since then I no longer store any seed and pass phrase associated with my wallet in any software or online repository. I prefer to keep my phrases in a book that I can easily keep at home. Indeed, books can be lost, but I always save with backups and this makes me feel safe.
It’s not safer anymore to trust your seed phrases online even how trusted the app is because as long as its operated online, it will always be at risk of losing or hacking, and lose it completely. Personally, I have my own record book about all my passwords and seed phrases of my important documents. Yes, it can still be a subject for stealing but all I have written in there are already having their own duplicates and I kept hodling them in my secret vault at home.
I guess masulum is talking about BIP38 keys, or mnemonic seeds with passphrase (BIP39). It's not unsafe (against hackers) to store them online, if you keep the passwords or passphrases associated with them locally. But as he says, it's not safe against inaccessibility. If the host provider loses its datas, closes its doors or become unavailable for a long time, you'll lose your keys and your funds with them.
So if you are doing that, to be able to access your keys and your funds from anywhere for example, you must keep a back up of them locally.
Using books and sheets of paper is good unless you don't lose them or suffer a fire and/or a flood (usually when you get a fire you get a flood after it, which can destroy things not burnt initially), so it's important to keep at least one back up elsewhere.
hero member
Activity: 1750
Merit: 904
January 07, 2023, 03:55:44 PM
#32
Saving your seed phrase or private key online is convenient and, in most cases, relatively safe. The majority of us won't suffer the consequences of our stupidity until it's not, and there goes your Bitcoin, disappearing into thin air. Poof!

I've done both and have suffered losses with both methods. I usually resorted to pasting it into a text document and storing it on my computer. Otherwise, I'd write it in a notebook and proceed to never be seen again. As you can imagine, I'm pretty good at losing such information.

In my opinion, it's best to write it on a few pieces of paper and hide them in a few spots around your house, or in a couple of USB drives ( at least two in case one is lost or fails).
full member
Activity: 784
Merit: 115
January 07, 2023, 02:26:42 PM
#31
Storing valuable data in the cloud is not a good idea because there is a possibility that hackers can hack the cloud. It's better to save it on a computer that is not connected to the internet so that your data will be safer than anything else. This also applies to storing the seed phrases in your wallet because each person is responsible for safeguarding all of their assets.

Or you can buy a FlashDisk, store all your data on it, and not carelessly connect the FlashDisk to any computer or laptop.
Pages:
Jump to: