Pages:
Author

Topic: [Tips] Ways to Protect Recovery Phrase - Mnemonic (Read 327 times)

legendary
Activity: 2268
Merit: 18771
With multisig you can lose your coins if your friends start losing their keys. IMO this is even worse than a bank, because banks specialize at storing things, but regular people easily lose and forget things.
Which is the whole point of multi-sig - to build redundancy in to the system so it doesn't matter if one or two friends start losing the keys. If you really don't trust your friends, then go for something like a 4-of-8, meaning 50% of them can lose the keys and you can still recover your wallet. But if your friends can't be trusted to safely hold on to a piece of paper, then maybe you should be looking for other friends/relatives/locations to store your keys with.

This can be the last resort in certain situations. Like being in a warzone or in a place affected by some natural disaster. When all your physical backups can be lost at any second, even the ones you store in other places.
If you have absolutely no other options, then it's marginally better than just committing your seed phrase to memory, which is obviously the worst possible method. But I wouldn't go recommending in a thread aimed at newbies who don't understand the distinction.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
Given that this thread is in the Beginners and Help forum, the whole topic could be condensed as follows:

Write it down on paper, make at least two copies, and store them safely and separately.

That's it.
I agree with you. Keep it simple for newbies. They just make several copies and keep them safe and in secret place.

It's not good if they start with complicated process and don't actually know what they are doing. In the end, it would be a nightmare if they lose in a complicated procedure to recover their wallet.

So, to start off, they should use a simple method, backup on paper, test validity / usability of their backup, try to recover their wallet with backup. If the recovery works, they can start using wallet.

The step to test validity/ usability of backup is very important because if you make some mistake when backing up your wallet, it won't work in case you need it definitely. So in the end, it is like you don't have any backup at all.

After being proficient with a cycle from create, backup, recover wallets on paper, they can try other methods.
legendary
Activity: 1862
Merit: 5154
**In BTC since 2013**
I disagree with this advice. Don't store your seed phrase in the cloud, period.

This can be the last resort in certain situations. Like being in a warzone or in a place affected by some natural disaster. When all your physical backups can be lost at any second, even the ones you store in other places.

That's true. But using novem to store this information requires great care and the highest possible level of protection.

If you get to use this, in addition to the various measures already mentioned by other users, it will be to have this information inside a file in which its name has nothing to do with the cryptos and the content of the file has much more information than just the keys.

For example, writing the words in the middle of a 200 page book. It's not easy and much less recommended, but here's this suggestion.
legendary
Activity: 3038
Merit: 2162
Going to the effort of stamping my seed phrase on washers, and then covering them up with some tamper evident seal, and locking them in a fireproof safe in my basement which is bolted to my foundations, all becomes pointless if I then also store my seed phrase in a text file on my daily use computer. When we have a back up method which is both one of the most secure and also by far the easiest - write it down on paper - then why suggest anything else to newbies?

It doesn't completely negate a good back up, it rises risks against certain threats while lowering risks against other threats. In your example the person would have a drastically higher chance of losing their coins to malware, but the steel plate seed will give them a good chance of saving their seed from a house fire.

The best way around this is to use multi-sig. I can leave individual seed phrases with multiple friends or relatives knowing that they cannot access the coins within.

With multisig you can lose your coins if your friends start losing their keys. IMO this is even worse than a bank, because banks specialize at storing things, but regular people easily lose and forget things.

I disagree with this advice. Don't store your seed phrase in the cloud, period.

This can be the last resort in certain situations. Like being in a warzone or in a place affected by some natural disaster. When all your physical backups can be lost at any second, even the ones you store in other places.
legendary
Activity: 1974
Merit: 2124
Given that this thread is in the Beginners and Help forum, the whole topic could be condensed as follows:

Write it down on paper, make at least two copies, and store them safely and separately.

That's it.
That's right because most of the newbies here don't have any idea about using different ways to store their seed safely and in that case the perfect advice is to store them safely on piece of paper only without any online storage involvement.They should note it down once they have setup their wallet and no pictures should be taken or saved as notes in the mobile phone which could be reason for loss of funds.Having proper backup in two or more places is important because if one place is compromised you can have it from other sources.

You cam trust someone close to you in case something happens to you they can use your funds but keep in mind trust is the vital factor that plays major role in keeping your funds safe.



Splitting your seed phrase or obfuscating it with swapped words or order is always a bad idea. It very rarely increases your security in a meaningful way, and more often simply leads to problems recovering your coins in the future. If you want to have a 2-factor back up, then use passphrases or multisig.
Mixing up the words maybe confusing for the person himself and he needs to sort the words in order to use his funds or transfer them but in the case of splitting it becomes more difficult as you have to collect the words and if any of the 12 or 24 words is not in correct order or not available with you then funds are lost permanently.So why go with such complex methods when you some simple and traditional way can save you from lot of troubles.

Memorizing your seed phrase is a terrible idea and should be practiced by no one.
I remember there was one such thread on the forum where member was using unique way of memorising the seed phrase like with images of Queen Elizabeth, elephant and relevant example but it sounds too complex and bad idea to many including me as human mind is strong and can have storage but there are some limitations and we should not experiment with them in such risky way.So avoid this is really bad way of keeping it safe as it this could direct lead to fund loss.

Other than writing on paper, the only other item on that list which is acceptable is a metal back up. However, this is by no means necessary since paper is a perfectly adequate back up, and metal back ups require far more time and effort than writing on paper. There is no need to get hung up on making a metal back up instead of just making paper back ups and converting to metal at a later time.
You can try different methods other than paper definitely but it's time consuming and you need to have proper metal that can survive extensive condition of heat also so that in any case of calamity or fire it could survive the damage with seed backup safely printed on it.Members could take a look at these threads:

Securing Your Seed Phrase with Washers

n0nce's Steel Washer Backup jig (customisable)

There are many such ways in which you can protect your funds but see they all are offline ways because storing them in online storage like cloud,drives or even having them stored on your device as soft copy is prone to hacks and stealing of your funds so be safe not to use them and keep your funds safe because it's your responsibility.
legendary
Activity: 1862
Merit: 5154
**In BTC since 2013**
After feedback from several users, I inform you that I updated the OP.
I removed some options, which would be more controversial, and can lead to security breaches in the youngest.

I appreciate the feedback.
legendary
Activity: 2268
Merit: 18771
And it's also important to remember that you don't have to use just 1 method, you can have many backups with different methods.
The problem with this approach is that one poor back up can completely negate other goods ones. Going to the effort of stamping my seed phrase on washers, and then covering them up with some tamper evident seal, and locking them in a fireproof safe in my basement which is bolted to my foundations, all becomes pointless if I then also store my seed phrase in a text file on my daily use computer. When we have a back up method which is both one of the most secure and also by far the easiest - write it down on paper - then why suggest anything else to newbies?

If you worry about theft, you need to use encryption. This also affects the physical mnemonic seed - you need to use a bip39 extension word, which is basically a password.
I would move away from using the phrases "extension word" or "password" in relation to a BIP39 passphrase, because it encourages people to use exactly that - a single word. A passphrase should be strong and random enough to resist brute forcing, and so should be at a minimum several random words or a string of random characters. It also isn't encryption.

But since most people don't have multiple private properties, this means some trust is required. I.e. storing an encrypted seed in your relatives house or a bank deposit box.
The best way around this is to use multi-sig. I can leave individual seed phrases with multiple friends or relatives knowing that they cannot access the coins within.

It can be tempting to use cloud storage for your encrypted seed or wallet file, but the password needs to be very-very strong, it should be truly random and has 128 or more bits of entropy. Which means it would be unfeasible to memorize it, unless it's a specially designed mnemonic system.
I disagree with this advice. Don't store your seed phrase in the cloud, period.
legendary
Activity: 3038
Merit: 2162
IMO the method of storing your seed should be decided by what sort of threats you are trying to mitigate. And it's also important to remember that you don't have to use just 1 method, you can have many backups with different methods.

If you worry about theft, you need to use encryption. This also affects the physical mnemonic seed - you need to use a bip39 extension word, which is basically a password. Don't bother with changing order of words or splitting your seed - it's not secure and more likely to backfire. Speaking of backfiring, using a password means you need to manage one more piece of secret information, and losing it will lock you out of your funds. There is no "I forgot my password" button in Bitcoin. If you are not sure about your ability to manage a password, than don't use encryption.

The other threat is loss of your backup. It can happen due to damage or misplacing it. The best way to deal with it is to have multiple backups in different places. But since most people don't have multiple private properties, this means some trust is required. I.e. storing an encrypted seed in your relatives house or a bank deposit box.

Digital threats are also something that must be considered. There's already a lot of malware that targets wallets, and incentive to develop and spread it will only grow. The best way to deal with it is to use airgapped devices for doing operations with wallets. It can be tempting to use cloud storage for your encrypted seed or wallet file, but the password needs to be very-very strong, it should be truly random and has 128 or more bits of entropy. Which means it would be unfeasible to memorize it, unless it's a specially designed mnemonic system.

legendary
Activity: 2268
Merit: 18771
Given that this thread is in the Beginners and Help forum, the whole topic could be condensed as follows:

Write it down on paper, make at least two copies, and store them safely and separately.

That's it.

Beginners should not be using electronic back ups, regardless if this is a text file, password manager, USB drive, or whatever. To safely create an electronic back up then you need to have a permanently airgapped computer running a clean open source OS, with no cross contamination to your online devices. Most beginners cannot do this safely or securely, and so should not be using these methods.

Splitting your seed phrase or obfuscating it with swapped words or order is always a bad idea. It very rarely increases your security in a meaningful way, and more often simply leads to problems recovering your coins in the future. If you want to have a 2-factor back up, then use passphrases or multisig.

Memorizing your seed phrase is a terrible idea and should be practiced by no one.

Other than writing on paper, the only other item on that list which is acceptable is a metal back up. However, this is by no means necessary since paper is a perfectly adequate back up, and metal back ups require far more time and effort than writing on paper. There is no need to get hung up on making a metal back up instead of just making paper back ups and converting to metal at a later time.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
What about storing it in two different password managers and splitting them and only accessing each part of one in a separate computer in case one computer might have malware?
Try and read the posts of people that have replied to OP. Do not have a force sense of security because you think you split your seed phrase, if one halve of it is compromised, very possible the whole seed phrase can be generated (brute force). If you can not go for paper backup, you can get yourself a steel sheet. Password manager is not recommended at all.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Sorry to say, but you seem to have misunderstood (or understand only partly) what I meant. Probably also because I've been too brief.

I do not say that the method of having a TXT file is better than having it on paper. Nor is it the ideal method. Just present ways on how to store the information.
Also, I make it clear that when you do this, you must save the respective file in an inaccessible location, perhaps offline. For example on a pen drive, in the same place where you can keep a paper with the key.

The problem is not only the "inaccessible location". The problem is that the HDD will still have traces of that file (so there's a risk to get stolen).
The problem is that pen drives and even HDDs or SSDs can suddenly crash/become irrecoverable.
The problem is that when you plug in a pen drive, if you are online, you expose it.

All in all, the best way to handle the seed is to generate it offline (preferably in a live OS with no persistence or hardware wallet) and keep it always offline. So the proper solutions are not IT related: paper, steel, ...

Far be it from me to try to fool newbies!

Fooling them can mean bad intentions. I didn't say that. I said mislead, which can be unintentional.

Once again I make it clear that the memorizing method is not for everyone, although it is possible.

By the way, many who are in the cryptocurrency world have very good mental abilities, some are excellent mathematicians and high level programmers. What may seem difficult to decorate for some, can be very easy for others. It is up to each person to know their capabilities and act accordingly.

You are missing important points. Yes, many have excellent brain now. But that doesn't mean the situation will be the same in 10 years. Even more, many are young, so this is normal. But time plays strange games with the brain and one may not remember things exact in some years. Then, accidents can happen (from car crash to falling off a cliff or brain stroke), damaging badly one's memory. So no, memorizing can be handy but it's very unsafe.

Either way, the indicated methods do not need to be used alone, the combination or use of several is possible and recommended.

Using more than one method can indeed be good and convenient as long as one doesn't use methods that can help hackers (txt file).
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
TXT File - Bad because it can be hacked in normal conditions. Unless if you encrypt it and put somewhere safe. But, this is still more dangerous than a piece of paper, because you can be hacked before the encryption or you might do something wrong if you are a newbie.
I don't use it because of above reasons. Not all people manage to assign an air-gapped devices to store such things so we should not use it at beginning.

I use paper to store mnemonic seed too but I never store them on digital device.

Another recommendation is people should have plan, in case they accidentally pass away, someone they love should know where they store seed and know basic steps to recover wallet.
full member
Activity: 1792
Merit: 186
What about storing it in two different password managers and splitting them and only accessing each part of one in a separate computer in case one computer might have malware?

legendary
Activity: 2534
Merit: 1233
I tend to agree with those stated OP above except on these two options, store in your memory and password manager it seems not a good option IMO.

Storing in your brain is not good because I tried it before, years had passed for sure you will forget those seed phrases that you store in your mind, we aren't computers that we can able to save the file in our mind, it might a matter I days or week you will forget those phrases.

Store password on manager seems the risk too, it's a third-party app that you shouldn't trust.  I have seed phrases that wrote on the book, each word as I was spread on the different pages just like a birth month and birth day, that's maybe a good idea to confuse and not easy to track.
hero member
Activity: 1456
Merit: 940
🇺🇦 Glory to Ukraine!
What is more likely to cause lost coins? Loss of private keys or hacks? I wonder is there any research on the topic?

I bet it is more likely for people to lose their keys due to forgetfulness than theft. Thus, I think any method that involves human memory is a bad option. Even if you write a private key down on paper, there is a high probability that you will forget where you kept it after some time.
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
Using memory and brain to remember mnemonic seed is bad because even you have excellent brain and memory which do help you to remember mnemonic seed in normal condition. Unfortunately, you don't know that will your body be normal or get accident in future. If it turns to be abnormal by any accident which causes damage on your brain, destroy your memory partially, who will be able to help you for recovery?

certainly, the worst option is the brain as storage for remembering recovery phrases or even only passwords.
how complicated it becomes when you have several similar services, whereas for security you have different phrases or passwords. then some potential security breach happens so you have to change it all, delete old phrases from your brain and replace them with a new one... (don't ask me how I know)
I would remove this category if we want to single out only safe ways.
legendary
Activity: 1862
Merit: 5154
**In BTC since 2013**
If you are looking for a less analogue method, without spending money and without being dependent on third parties, a simple TXT file can be the solution.

If you consider text file a proper solution for backup then, sorry, you don't know what you're talking about.
At least the memorizing part you've got it somewhat correct, although I would not call it safe exactly because memory loss is a fact.

I do not say that the method of having a TXT file is better than having it on paper. Nor is it the ideal method. Just present ways on how to store the information.
Also, I make it clear that when you do this, you must save the respective file in an inaccessible location, perhaps offline. For example on a pen drive, in the same place where you can keep a paper with the key.



Using this method is not easy, and requires a lot of training and memory capacity, but it is safe. The disadvantage is if there is a memory lapse, which can happen to even the best, and the recovery phrase can be lost forever. So, even if you memorize the phrase, it is always recommended to keep it somewhere, out of your mind.

All in all, my advice is to read what people tell you here and update the OP accordingly. Right now you have a good chance to mislead newbies and that's not OK.

Far be it from me to try to fool newbies! Once again I make it clear that the memorizing method is not for everyone, although it is possible.

By the way, many who are in the cryptocurrency world have very good mental abilities, some are excellent mathematicians and high level programmers. What may seem difficult to decorate for some, can be very easy for others. It is up to each person to know their capabilities and act accordingly.


Either way, the indicated methods do not need to be used alone, the combination or use of several is possible and recommended.
legendary
Activity: 1316
Merit: 1089
Goodnight, o_e_l_e_o 🌹
All the methods above a feasible or workable, but some are very far from an ordinary man. Which means you have to have some skills before you can use a method. Example, to inscribe on a steel will need some mechanical skills of metals. Password manager need digital skills of encryption because it's an online service.

The most common and less technical means should be paper kept safe.
Otherwise I will recommend combination of two means; using ones means as major and the other as a backup plan.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
If you are looking for a less analogue method, without spending money and without being dependent on third parties, a simple TXT file can be the solution.

If you consider text file a proper solution for backup then, sorry, you don't know what you're talking about.
At least the memorizing part you've got it somewhat correct, although I would not call it safe exactly because memory loss is a fact.

Using this method is not easy, and requires a lot of training and memory capacity, but it is safe. The disadvantage is if there is a memory lapse, which can happen to even the best, and the recovery phrase can be lost forever. So, even if you memorize the phrase, it is always recommended to keep it somewhere, out of your mind.


All in all, my advice is to read what people tell you here and update the OP accordingly. Right now you have a good chance to mislead newbies and that's not OK.
legendary
Activity: 1792
Merit: 1296
Playbet.io - Crypto Casino and Sportsbook
I'll add some points of my own:

Write on Paper
This option can only be used as a temporary solution until you choose another method for yourself. Paper is a very unreliable storage medium, prone to rotting, burning, dissolving and other forms of destruction. You can reduce the influence of these factors by placing the paper in a protective film or case, capsule. But as I said above, this temporary solution is completely unsuitable for long-term storage.

Steel Card
One of the good options for long-term storage with the disadvantages of paper eliminated. The variant described here is preferable to the steel card or plate due to its compactness and difficult access to mnemonic phrase due to the fact that you can't accidentally peep the text.

TXT file
The device on which the TXT file is stored should in no case be in contact with devices that have access to the Internet. Better yet, don't contact any devices at all. It is safer to store this file encrypted or at least in a password-protected archive. Also not the best option for long-term storage, as the device or storage medium on which this file is stored may fail. Can be used as an additional storage method, not the main one.

Password Manager
It can be called a kind of TXT file+password, but with one big weak point. It is not known who wrote the program for this manager and there are no guarantees that the information stored here will not fall into the wrong hands. Also, the two listed methods have the disadvantage that devices and electricity are needed to access the information, without which they will not work.

Safe
Roughly speaking, it is a capsule for storing the above methods. Having a safe will tell anyone that something valuable is stored in it and will be the first to attract attention, therefore, this is the worst place to store. By itself, a safe for a professional burglar does not represent any obstacle. The best solution would be to use an inconspicuous and unattractive metal capsule instead of a safe.

To memorize
Extremely unstable and sensitive (for example, to a 5$ wrench) to the effects to storage space It is risky to use not only in the long term, but also in the short term, because an accidental injury or forgetfulness can leave you forever without information. Absolutely not recommended for use for most people.
Pages:
Jump to: