Author

Topic: Wallet Restoration - Password needed? (Read 174 times)

legendary
Activity: 2268
Merit: 18748
February 24, 2021, 01:11:12 AM
#15
I know it's necessary to restore your wallet with your seed phrase when due, but what should be the exact reason(s) why a wallet owner should add an additional word to an already default seed phrase given
Extra security is one. With a long enough passphrase which cannot be brute forced, if someone discovers your seed phrase back up then your coins remain safe since they don't know your passphrase. This of course means you have to back up your passphrase as well, and in a different location(s) to your seed phrase. Plausible deniability is another. If someone physically coerces you to hand over your bitcoin, you can give them your seed phrase and let them steal a small amount of coin held within, while the bulk of your money stays safe and hidden behind a passphrase.

Also, as an instance, if seed extension is added successfully on electrum wallet, I don't think it would be possible to import the 13th/25th seed phrase on another wallet like trust wallet since typically 12/24 words are required, if possible, then how?
You can't import Electrum seeds to Trust Wallet anyway, since they use a different format to the usual BIP39 seeds. But regardless, there are plenty of good wallets which do support additional passphrases.
sr. member
Activity: 1232
Merit: 379
February 23, 2021, 05:39:59 PM
#14
All that is needed to recover the wallet in full is the seed phrase plus any additional passphrase/seed extension/13th word/25th word/etc.
I got all points stated here so I got some little questions to ask here mate, I know it's necessary to restore your wallet with your seed phrase when due, but what should be the exact reason(s) why a wallet owner should add an additional word to an already default seed phrase given,
Also, as an instance, if seed extension is added successfully on electrum wallet, I don't think it would be possible to import the 13th/25th seed phrase on another wallet like trust wallet since typically 12/24 words are required, if possible, then how?
legendary
Activity: 2268
Merit: 18748
February 22, 2021, 05:52:00 AM
#13
You can't have a full wallet restoration without your password in as much as you have your wallet passphrase you still need you password which is the secondary security.
This is not correct.

Any local password you set on the wallet software itself, such as a password to unlock an app or a password to decrypt a wallet file, is only required to open that particular piece of software and/or that particular wallet file. It is device and software specific. All that is needed to recover the wallet in full is the seed phrase plus any additional passphrase/seed extension/13th word/25th word/etc. you have set (it goes by a number of names).

The password is used locally to protect your wallet should someone access your device.

The passphrase is used with the seed phrase to derive your wallet. You do not need your device/software password to recover your wallet, provided you have your seed phrase and passphrase.
legendary
Activity: 2268
Merit: 18748
February 22, 2021, 02:54:56 AM
#12
I'm using a reputable wallet, I'm sure it secure.
What makes you sure? I'm not being antagonistic here, but asking a genuine question to make you examine your security practices. Is it open source? Have you reviewed all the code yourself? Or do you trust people who have?

Even if I'm using a reputable, open source wallet, which I have reviewed myself and has thousands of other people in the community also reviewing it, I still can't be sure that it is completely secure, and indeed, I'm not sure "completely secure" even exists.

How do these wallets typically generate the entropy? Is it based on the time code or device state somehow?
Most good wallets use entropy from the operating system, typically using a function such as /dev/urandom, which draws entropy from activity and noise of your computer hardware, user input, etc.
newbie
Activity: 8
Merit: 4
February 21, 2021, 04:32:55 PM
#11
Isn't it a little insecure just to have my device choose the seed words?
Maybe.

If you are using a good open source wallet, then you can review the code and determine how it is generating the entropy which it then uses to generate your seed phrase. If the entropy is generated in a secure and random manner, then it is perfectly safe. If you are using a closed source wallet, however, then you have no idea how the seed phrase is generated and it could indeed by very insecure.

I'm using a reputable wallet, I'm sure it secure.

How do these wallets typically generate the entropy? Is it based on the time code or device state somehow?

Thanks, I appreciate thee reply!
legendary
Activity: 2268
Merit: 18748
February 21, 2021, 02:34:37 PM
#10
Isn't it a little insecure just to have my device choose the seed words?
Maybe.

If you are using a good open source wallet, then you can review the code and determine how it is generating the entropy which it then uses to generate your seed phrase. If the entropy is generated in a secure and random manner, then it is perfectly safe. If you are using a closed source wallet, however, then you have no idea how the seed phrase is generated and it could indeed by very insecure.

There are a variety of good open source software and hardware wallets which can be used to generate the words. If you still feel uncomfortable with this, then it is possible to generate your own entropy physically by doing something like flipping a coin or rolling a dice, and then encoding that entropy in to a seed phrase. Note that you should never be tempted to just pick words yourself from the list - humans are incredibly bad at being random (regardless of what we often think), and any wallet generated in this way would be very insecure.

And as discussed above, you can always add a passphrase which is used alongside your seed phrase when generating your wallet for additional security. Note that if you forget your passphrase and lose your back ups, though, then you will lose access to your coins. Your seed phrase on its own will not restore the same wallet or addresses as your seed phrase and the passphrase together.
newbie
Activity: 8
Merit: 4
February 21, 2021, 01:30:34 PM
#9
We need to distinguish the password that is added to the crypto wallet to encrypt the wallet in a way that we need it whenever we want to open that wallet or make a transaction. If we set such a password in a wallet like Electrum, then we can do recovery with seed without any problems - the password is completely irrelevant in that case.

It is quite another thing if we extend our seed with one extra word that we can call paraphrase - because that extra word becomes an integral part of the seed, and if we use only seed without that extra word, we will get a completely different wallet with new coin addresses.

Ah I see! Okay I was getting my words confused. One follow up though. Isn't it a little insecure just to have my device choose the seed words? There isn't that many words to choose from and how can I be sure my computer is choosing the words randomly?
legendary
Activity: 2394
Merit: 2223
Signature space for rent
February 21, 2021, 01:07:14 PM
#8
It depends on which wallet are you using. Don't mix the seed phrase password with the password that used encryption the wallet file. Even you forgot the wallet file password, but still you can recover the funds if you have a seed phrase. But if you use extended seed words during seed creation for extra protection then you should need it as well to recover your funds. Extra words shouldn't call password instead of seed extension. It's quite complicated to remember extensions seed, writing with the original seed doesn't make any sense or any extra layer of protection. So just make sure you aren't encrypting your seed with seed extension (seed password).
legendary
Activity: 2492
Merit: 1232
February 21, 2021, 12:13:39 PM
#7
AFAIK, in restoring your crypto wallet just like Electrum, there's no need for you to use your password (but I advise you to keep it), instead, just only restore in a seed phrase and then create a new password.  But once your password was lost it is not possible to recover, the use of a password is used as a key to AES (Advanced Encryption Standard) encryption for encrypting the seed and other data in a wallet file just like what mentioned above.

Quote
I must need to use the original password along with the seed words to reproduce the root key?
Yes, it must be, that's why every time when we create a new wallet it's always advisable to save this or write it down on a sheet of paper.
legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
February 21, 2021, 11:18:35 AM
#6
If you are going to restore your wallet using the wallet file then you will need the password which was used to encrypt it. Otherwise, the wallet's software will not be able to decrypt it and read it. Besides, the wallet file might not be compatible with other wallets (e.g: you can't import a bitcoin core wallet file into Electrum).
However, the extra word in case of seeds does not encrypt the seed. It just adds an extra layer of security to it. If someone steals your seed, he won't be able to recover your wallet without the extra word. This is why it is important to save them in different places.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
February 21, 2021, 10:09:22 AM
#5
You will need the password you used when you created your wallet. In electrum, you need to input the password and the seed phrase you saved so that you will be able to use your wallet in another wallet provided thta supports the wallet. If your back up is not seed phrase instead you have private key then you only need to paste it to a wallet provider then you can access your wallet.
No, if you are restoring your wallet back, only seed phrase is required, but provided extended word or passphrase is not enabled. Let me make a clearer explainations about this.

Seed phrase, very important for wallet restoration

Passphrase, just like password but not password because it is like a seed extention too, if the seed phrase is imported, you do not need the passphrase until you want to spend your coins, if the passphrase is not provided, the coins balance can be seen with seed phrase importation but can not be spent which will make the wallet useless.

Password, it is not needed at all, it does not go beyond your old device, if your decide to change and you import the seed phrase into a new wallet, you will have to set new password without old password needed.

Extended word, just like in electrum wallet, very important. If you move to another wallet with seed phrase importation, you also need the extended word along.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
February 21, 2021, 09:32:38 AM
#4
You will need the password you used when you created your wallet. In electrum, you need to input the password and the seed phrase you saved so that you will be able to use your wallet in another wallet provided thta supports the wallet. If your back up is not seed phrase instead you have private key then you only need to paste it to a wallet provider then you can access your wallet.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
February 21, 2021, 09:27:36 AM
#3
We need to distinguish the password that is added to the crypto wallet to encrypt the wallet in a way that we need it whenever we want to open that wallet or make a transaction. If we set such a password in a wallet like Electrum, then we can do recovery with seed without any problems - the password is completely irrelevant in that case.

It is quite another thing if we extend our seed with one extra word that we can call paraphrase - because that extra word becomes an integral part of the seed, and if we use only seed without that extra word, we will get a completely different wallet with new coin addresses.
legendary
Activity: 1148
Merit: 3117
February 21, 2021, 09:08:41 AM
#2
According to bitcoin.it wiki you need the password as well :

Quote
Seed phrases, like all backups, can store any amount of bitcoins. It's a concerning idea to possibly have enough money to purchase the entire building just sitting on a sheet of paper without any protection. For this reason many wallets make it possible to encrypt a seed phrase with a password.

The password can be used to create a two-factor seed phrase where both "something you have" plus "something you know" is required to unlock the bitcoins.

This works by the wallet creating a seed phrase and asking the user for a password. Then both the seed phrase and extra word are required to recover the wallet. Electrum and some other wallets call the passphrase a "seed extension", "extension word" or "13th/25th word". The BIP39 standard defines a way of passphrase-protecting a seed phrase. A similar scheme is also used in the Electrum standard. If a passphrase is not present, an empty string "" is used instead.
newbie
Activity: 8
Merit: 4
February 21, 2021, 09:01:19 AM
#1
Hi, there is something about wallets that I don’t understand and I was hoping someone could help me with.

Let’s assume I create a simple wallet with a password which I back up in a safe place. If I then try to restore that wallet somewhere else, is the original password used at the time of the wallet creation required? Or can I restore my wallet with just the original seed words?

When you first create a wallet, I believe the password is used in conjunction with the seed words to create a root key. So presumably if I want to then restore that wallet somewhere else, I must need to use the original password along with the seed words to reproduce the root key?

Is that correct or am I way off base here? Does it differ in anyway depending on the blockchain?

Thanks!
Jump to: