Bitcoin Q&A: Optional Passphrases (Advanced Security Feature) and Seed Storage
Рет қаралды 62,754
Күн бұрынDo optional passphrases protect against leaks or compromises of mnemonic seed words? Why are brain wallets usually insecure? Why should you not "roll your own crypto" and promote creative schemes that deviate from the standards (like BIP39), without at least getting peer review and testing from other developers, cryptographers, or security researchers?
See the documentation and support pages of various hardware wallets for more information:
Trezor - doc.satoshilabs.com/trezor-fa... blog.trezor.io/using-advanced...
Ledger Nano S - support.ledgerwallet.com/hc/e...
Ledger Blue - support.ledgerwallet.com/hc/e...
KeepKey - help.keepkey.com/start-here/i... help.keepkey.com/how-to-guide...
On the topic of inheritance and estate planning, see: • Video
Chapters
0:00 Is it unsafe to publicly publish on Facebook or Twitter the twenty-four word seed, treating my passphrase as the thing that protects my assets in my hardware wallet?
5:24 Brain wallets
7:50 The most important rule in cryptography is, don't roll your own crypto.
10:45 I took my BIP-39 seed, cut it into twenty-four pieces, mixed them up, encrypted them, put them on Dropbox, then erased it from the web, and I can only access it on the archive.
12:36 Passphrase, does that mean the password on the hardware wallet?
These questions are from the August monthly Patreon Q&A session, which took place (late) on September 1st 2018. If you want early-access to talks and a chance to participate in the monthly live Q&As with Andreas, become a patron: / aantonop
RELATED:
How do I choose a wallet? - • Bitcoin Q&A: How Do I ...
Secure, tiered storage system - • Bitcoin Q&A: Secure, T...
Hardware wallets and attack surface - • Bitcoin Q&A: Hardware ...
Setting up secure storage devices - • Bitcoin Q&A: Setting U...
What is a private key? - • Bitcoin Q&A: What is a...
How do mneomonic seeds work? - • Bitcoin Q&A: How Do Mn...
Using paper wallets - • Bitcoin Q&A: Using Pap...
Wallet design and mass adoption - • Bitcoin Q&A: Wallet De...
Cryptographic primitives - • Bitcoin Q&A: Cryptogra...
Public keys vs. addresses - • Bitcoin Q&A: Public Ke...
Re-using addresses - • Bitcoin Q&A: Re-using ...
Coin selection and privacy - • Bitcoin Q&A: Coin Sele...
Multi-signature and distributed storage - • Bitcoin Q&A: Multi-sig...
Nonces, mining, and quantum computing - • Bitcoin Q&A: Nonces, M...
Software distribution security - • Bitcoin Q&A: Software ...
Protocol development security - • Bitcoin Q&A: Protocol ...
Geopolitics and state-sponsored attacks - • Bitcoin Q&A: Geopoliti...
How to get people to care about security - • Bitcoin Q&A: How to Ge...
Honest nodes and consensus - • Bitcoin Q&A: Honest No...
Why running a node is important - • Bitcoin Q&A: Why Runni...
Andreas M. Antonopoulos is a technologist and serial entrepreneur who has become one of the most well-known and respected figures in bitcoin.
Follow on Twitter: @aantonop / aantonop
Website: antonopoulos.com/
He is the author of two books: “Mastering Bitcoin,” published by O’Reilly Media and considered the best technical guide to bitcoin; “The Internet of Money,” a book about why bitcoin matters.
THE INTERNET OF MONEY, v1: www.amazon.co.uk/Internet-Mon...
[NEW] THE INTERNET OF MONEY, v2: www.amazon.com/Internet-Money...
MASTERING BITCOIN: www.amazon.co.uk/Mastering-Bi...
[NEW] MASTERING BITCOIN, 2nd Edition: www.amazon.com/Mastering-Bitc...
Translations of MASTERING BITCOIN: bitcoinbook.info/translations...
Subscribe to the channel to learn more about Bitcoin & open blockchains!
Music: "Unbounded" by Orfan ( / orfan )
Outro Graphics: Phneep (www.phneep.com/)
Outro Art: Rock Barcellos (www.rockincomics.com.br/)
Join the aantonop Channel: aantonop.io/joinaantonopyt
@richardpickering2452 5 жыл бұрын
We need clones of Andreas to replace a lot of the other so called crypto "experts" You are a much needed voice in this space, Thank you Andreas.
@PeterSosinski 5 жыл бұрын
why not just 'donate to them' :-) www.patreon.com/aantonop
@camirov 3 жыл бұрын
We must make it EASIER for common folks to understand and use
@sys8188 5 жыл бұрын
Andreas, I like the laid back camera angle. Nice
@margoomahony9565 5 жыл бұрын
Aaaaand once again my brain expanded a little because I listened to you. Thank you for remaining a class act in a sector that seems to grow more phonies everyday.
@topaciot 5 жыл бұрын
I completely agree with you. Cheers from EU ☺️
@edlearned8173 3 жыл бұрын
Thank you! I've been trying to understand how a passphrase added extra security as many videos alluded to it being wallet centric. Understanding that is used in the generation of the private key now has the pieces falling into place.
@sansegkh 5 жыл бұрын
Love the foreground and background. Much nicer to watch.
@petera6191 3 жыл бұрын
Hi Everyone and as mentioned by Andreas, NEVER EVER Publish your seed and passphrase online. When you generate your seed, you should also do it, offline and do not share this seed with anyone. It should only be shared with people you trust (i.e.: the people you intend to pass on your Crypto, such as your next of Kin, etc) and it should be done with caution and indirectly (i.e.: using security strategies to gain the information when you have gone in the after-world).
@DonteeWeaver 5 жыл бұрын
Thanks for the video!
@rachel1448 5 жыл бұрын
So far no trolling the new set up. 👏🏼
@bilfy9202 3 жыл бұрын
You’re the man, thank you ❤️
@whoyatoya 5 жыл бұрын
Thank you Andreas.....
@predator4832 2 жыл бұрын
Спасибо! Было крайне полезно.
@whatsthedealoneill1 4 жыл бұрын
thanks for great content.
@gdrgdr9884 3 жыл бұрын
awesome info.. thank you!
@pachmann4869 3 жыл бұрын
Thank you for this. Question: if you are forced to open your ledger live, won't an attacker be able to see all your regular account's transactions and won't they display the movement of the bulk of your funds somewhere else (in this case, the passphrase account)?
@barefootmillionaire6544 3 жыл бұрын
this goes straight over my head, you are a genius but this is too hectic, lol
@mashtea818 2 жыл бұрын
Thank you Andreas, what if you have your 24 seed and added the passphrase but may have mistyped on the small trezor. I wrote down my passphrase and it is not working. So sad about this. Because I believe in the tech and have somehow messed up. From what I have gathered from this video if I have some of the words in my passphrase is there a tech (what is it called) to maybe run different combos of a space or a letter that was mistyped? I can see the funds but can not access them by typing in the passphrase or trying to send or receive using the passphrase. Thank you inadvanced.
@nion456789 5 жыл бұрын
Smashed the like
@vydasdasvy8600 5 жыл бұрын
smashed the like for you for all those times you smashed for Andreas.
@joac21 6 ай бұрын
Would you consider using the same passphrase to create various seeds in different wallets a good practice? How about using your full name as passphrase. This is just a substitute for the amnomic word and makes your seeds a bit different from all others generated right ?
@simonelof2129 5 жыл бұрын
Oh lovely, some fresh content. Big things happening in crypto over here in Liechtenstein, let me know if you want to visit!
@topaciot 5 жыл бұрын
I want to visit ☺️
@ketzalkiawitl 5 жыл бұрын
Eres la daga Andreas
@Ljungdurst Жыл бұрын
🧡
@johngrear6506 2 жыл бұрын
If splitting 24 seed words in two is not secure, does this mean a wallet with only 12 seed word is not secure?
@Fa1rplayy 5 ай бұрын
Yeah, seems illogical. No one can answer?
@Firemedic2105 3 ай бұрын
It's my understanding that 12 words is 128 bit entropy but I'm not an expert. 🤷🏻♂️
@geromiuiboxz765 3 ай бұрын
🇨🇱 I understand that the security level, or entropy, is mainly given by the exponent, or hash lenght. So half of a phrase lenght is a bit less secure, but not half as secure ⁉️🤔
@compatibilizer6184 3 жыл бұрын
Andreas, the standard is a piece of art in cryptography, unfortunately it includes some unfortunate wording... Today 90% of software wallets don't support the BIP39 passphrase, when developers read "optional" BIP39 passphrase, they think it is optional to implement into their software. Please, please pretty please, remove the word "optional" in the definition, just write "you can use empty string if you want" and that should be enough to prevent them skipping this very important feature, most fail to understand the value of it.
@osibig 4 жыл бұрын
Any thoughts on BC VAULT wallet? Thx👍
@fbafelipe7666 5 жыл бұрын
How many rounds of key stretching hardware wallets use?
@Francesco-cj3oi 2 жыл бұрын
In other words, just do some work, get your wallet as secure as possible, and don't worry about it unless you become an ultra millionaire
@andychin8982 3 жыл бұрын
can someone explain the 'attached to pin' and 'temporary pin'
@bitcoinjustin9436 5 жыл бұрын
Can you tell me lets say I keep my 24 word key secure and add a word for my passphrase. How secure would that second wallet be? Assuming they don't assume a 25th passphase and they dont have the 24 word seed?
@frustratedmajority851 Жыл бұрын
Basically it's secure enough for you to never need to worry about anything.
@Firemedic2105 3 ай бұрын
Does the past phrase only protect if they physically have the wallet? Or if somebody does find my seed phrase do they still have to decrypt the passphrase in order to access my bitcoin on the Blockchain??? I've watched 1 million videos and I haven't been able to figure that out I think that's what you were saying here but I'm still not 100% sure
@bomeyer1964 7 ай бұрын
Is there a tool (I can use it offline) that allow me to convert a mnemonic phrase to a mnemonic phrase plus passphrase?
@VishalRaoOnYouTube 4 ай бұрын
2:13 mentions PBKDF2
@sarasotafl 3 ай бұрын
Hi, does the generators of seed phrases know of the existing seed phrases already created? so as not to generate the same one?
@Btree33 3 ай бұрын
It doesn’t know but the combination of words is so large it’s almost impossible
@BillyJakeBulda 10 ай бұрын
Is there any hot wallet that support passphrase
@d.s.1409 2 ай бұрын
Trezor safe 3 only allows 12 words seed phrase, ist it not good enough?😢
@johngrear6506 2 жыл бұрын
A passphrase is not just a brain wallet if you use a random source to generate the words, which of course you should be doing.
@Tom-bn5zd 2 жыл бұрын
And can I save the passphrase on lastpass?
@johngrear6506 2 жыл бұрын
@@Tom-bn5zd As long as your seed words are secure (hidden, locked away and never entered into a potentially compromised computer), then I'd say yes, although it's a trade-off. It is less secure than not storing it in Last Pass but you're probably less likely to lose it, especially if you also have it written down in a secure location as a backup. If anything happened to you also make sure your loved ones know exactly what to do.
@carpettunnel8837 5 жыл бұрын
So does this mean that using the 12 word seed with the trezor model-t is significantly less secure than a Trezor one with a 24-word seed? The model-t only allows for generating a 12 word seed (via GUI) so it would seem trezor’s new product is bad purchase unless you have an existing 24-word seed you can input? If I have a ledger nano s should I just generate the seed on there and then input that into the trezor model-t or is that not advisable Incase ledger has an unknown vulnerability which would essentially make it like putting all your eggs in one basket?
@khongten4247 5 жыл бұрын
A 12-word recovery seed contains 128 bits of entropy, which is more than sufficient for security of your private keys. For comparison, Bitcoin utilizes 256-bit private keys, but the security of the elliptic curve is around half of the used bits, so 128 bits for the secp256k1 curve used. The TREZOR One uses a long, 24-word recovery seed to increase the strength of obfuscation by mixing up the order during recovery, giving you 24! (6.4 × 10 ²³) possible orderings for each seed. The Model T no longer needs a long recovery seed, as all sensitive operations, including the restoration of your recovery seed into the Model T, are done via the device touchscreen. Therefore, the Model T only needs to generate 12 words.
@carpettunnel8837 5 жыл бұрын
Không Tên So then if someone gets ½ of your 24 word seed does it become any less secure than a 12 word seed?
@khongten4247 5 жыл бұрын
@@carpettunnel8837 Way less secure, yes. But still relatively secure against many levels of attack. This is where Andreas is wrong. He assumes all attackers are highly sophisticated attackers with resources. He fails to consider that most thieves would have NO idea what to do with a seed, much less half of one. If John Q Burglar finds half a seed...you think he even would understand wtf 10^35 even is, much less being able to crack it? But he could very easily import a FULL seed into any easily downloaded app. (If he even knew this much. But in time, most people will know what a seed is and what it looks like....similar to how most people know what a credit card looks like.) But I am with Andreas in one respect. Do NOT store in the cloud. Do not, do not, do not. Do not store digitally. Do not, do not, do NOT!
@nasty1182 5 жыл бұрын
TIL! thank you very much :)
@bendik1232 3 жыл бұрын
Should you use space between the words or put something in between?
@doublepownage7571 3 жыл бұрын
Dont believe u do, its one long password made from different words a passphrase because longer phrases are more secure then short weird ones.
@davincij15 5 жыл бұрын
My question would be if BIP39 is a standard isn't it subjected to the standardized attack vector. So a hacker only needs to break BIP39 and has the ablity to attack all wallets in existance.
@steph1804 5 жыл бұрын
"Only" in this case means computing 10^37 unique combinations of BIP 39 phrases and that's if you're only using 12 words. That would take approx 1 trillion years with $1 billion worth of computing equipment using today's benchmarks.
@bauerphotography2654 5 жыл бұрын
Perfectly Balanced like all things should be
@VladimirLukyanov Жыл бұрын
What would be considered a very strong complex passphrase? Is it a string of characters x-digits long, or does it also have to be like a "sentence" with several "words"?
@xA18kND1x 29 күн бұрын
The longer the better, just like any password...
@floesh-408 3 жыл бұрын
Is the 12 word seed on Trezor T less secure than the 24 word seed on Ledger Nano S? If so, is it safe enough?
@ananamusly 3 жыл бұрын
It is less safe versus 24 of course but for now it's still safe enough. That may change in a few years so definitely just stick to 24 from the beginning.
@Tom-bn5zd 2 жыл бұрын
@@ananamusly what's the sweet spot for passphrase? 6 words?
@austingilbert3935 5 жыл бұрын
Andreas are there any hardware wallets you would recommend?
@Redbird093 3 жыл бұрын
He uses a Trezor. I lke that one too because its software is also open source.
@FajorMuckup 5 жыл бұрын
But half a seed representing 128 bits is still more than enough, isn't it? You just said, seeds are 12 to 24 words. So half of a 24 word should still be plenty secure? It's curious because at Honeybadger 2018 the Trezor dev said the same thing so you are probably correct. But why?
@carpettunnel8837 4 жыл бұрын
Are all of the combinations of the first 12 words of a 24 word seed, valid 12 word seeds? If not then it might be easier to brute force because it would eliminate some of the possible combinations.
@b.griffin317 5 жыл бұрын
10:55 "erased it from the web" ha ha ha ha ha ha ha!
@robertpadgett4192 6 ай бұрын
Can a passphrase consist of some figure more than 12 words but less than 24?
@pastuh 4 ай бұрын
100 symbols? I think 15 words would be ideal
@themagicman2599 5 жыл бұрын
Hi Andreas! Can you please cover the current bug report: bitcoincore.org/en/2018/09/20/notice/ Its hard to understand what this actually means today. Does this bug mean that today some malicious miner that didn't update can print new bitcoin? secondly, If someone does create additional bitcoin than is suppose to be made... is there a way to tell that its in the system?
@sibral8413 2 жыл бұрын
Hi there! Does the passphrase have to contain words only in English or can it be in other languages as well? Thanks
@kotgc7987 2 жыл бұрын
11:55 Andreas' rules are as below, which I'm sticking with🙂: book: not written from this mnemonic list (seed phrase): not from this movie: not from this. phrase: no search engines: not from this spaces: no words: 6-8 English Although I might be wrong that I'm using a passphrase which is a mnemonic that helps me remember some tough abbreviations. E.g. Trying to learn/remember the abbreviation DNA: DeoxyriboNucleicAcid (but something with 6-8 words).
@onlineincomejobs265 Жыл бұрын
I use Ledger and there is an option for passphrase, you can put any letter up to 100 characters including special letters. Also you can set up the secondary PIN which is connected with passphrase. That means you don need to enter passphrase every time you want to get access - you just need to enter the secondary PIN.
@Think-For-Yourself-Man 3 жыл бұрын
Andreas, at 12:00 you suggest “us a 6-8 word passphrase “, apologies for being confused, passphrase for what? I thought it’s a 24 word passphrase...
@aantonop 3 жыл бұрын
I'm referring to an additional passphrase to secure the 24 words.
@jediforbear 5 жыл бұрын
12:50 password different from seed
@messiiileo1456 2 жыл бұрын
I need help. I had a recovery with my 12words and I can only see my xrp coins and money my other coins is still 0$ help pls
@jcjensenllc 5 жыл бұрын
The channel named Crypo's Price Forecast mirrors your content and monetizes it by selling adds.
@pewpew518 5 жыл бұрын
0:00
@pooounderscoreman 5 жыл бұрын
Can you steelman Bitcoin Cash then explain why it's either: a scam, an attack or otherwise illegitimate or inferior to Bitcoin?
@Btree33 3 ай бұрын
So you’re saying use 24 words not 12?
@governmentisslavery 5 жыл бұрын
"Your money's gone..." LOL. "Don't roll your own crypto"
@edlearned8173 3 жыл бұрын
Wait! How did you guess my passphrase? LOL
@ravenskydaisy 5 жыл бұрын
Using quantum grammar in your titles,!? Nice touch A,😉
@JOSEPHCHARLESCOLIN2024 3 жыл бұрын
Because of Bitcoin 4 years ago I created Time Priced Art & in Description I have a Counter. Counter Keeps track of money Times the Minutes = $1 per Minute . Painting Price go's Up $1 Per Minute Forever. Sold all my Crypto .
@Jacob930321 5 жыл бұрын
11:40 how to
@panagiotisagelakis533 5 жыл бұрын
where i can submit questions?
@rachel1448 5 жыл бұрын
Questions are submitted by patrons on Andreas' patreon page. The link is above if you'd like to check it out. 🙂
@panagiotisagelakis533 5 жыл бұрын
why cant i become a patreon with bitcoin bummer i dont have any credit on my credit now
@rachel1448 5 жыл бұрын
panagiotis agelakis. Lol. Yeh that would be ideal. :-))
@GlennBrian 3 жыл бұрын
the trim on your window is so wrong
@jandebuur8060 5 жыл бұрын
I used Shamirs Secret Sharing to cut my seed into a 3 of 5 that is distributed in different locations. What is your opinion on that?
@bitcoin.seit.2016 4 жыл бұрын
bad idea
@uskrusader 2 жыл бұрын
Assuming your 24 word seed is very secure, is it ok to use simple (weak) phase phrases as a savings/filing system? Making your hardware wallet have different “savings accounts” separated by phase phrases? For example: 24words+ “House” 24words + “car” 24words +”kids”
@kotgc7987 2 жыл бұрын
11:55 Andreas' rules are as below, which I'm sticking with🙂: book: not written from this mnemonic list (seed phrase): not from this movie: not from this. phrase: no search engines: not from this spaces: no words: 6-8 English Although I might be wrong that I'm using a passphrase which is a mnemonic that helps me remember some tough abbreviations. E.g. Trying to learn/remember the abbreviation DNA: DeoxyriboNucleicAcid (but something with 6-8 words).
@dajosova 5 жыл бұрын
What about BitFi wallet ? how to storage or protect funds that are needed to be used regularly for trading, etc.!?
@harimauplayer 5 жыл бұрын
would you review Abra wallet one day, 13 words (+ a phone number to create / recover the wallet)
@ziomanzo 5 жыл бұрын
I memorize my words with a story. (memory hack) my phrase was never online 😉
@Lukas-kh5gu 5 жыл бұрын
oh, that is still quite risky. The chances of your mind altering a small detail over time and then memorizing the mistake is definitely very plausible. Sure, sounds strange right now, but happens a million times. You do not have to memorize your seed in order for it to never have been online, just saying. there are way easier, more comfortable and more secure ways. obviously, a hardware wallet is always a great idea.
@ziomanzo 5 жыл бұрын
The mnemonic phrase that I learned is from a hardware wallet 😉 I also have them written somewhere. but In case of a fire or something, I still have a backup 😉
@krishnayogi 3 жыл бұрын
You can be hypnotized by some one to extract it .. that's not good buddy plus you might forget it easily too ya
@Tom-bn5zd 2 жыл бұрын
@@krishnayogi can you give me tips on where to save the passphrase? Is in lastpass enough? And are 6 words passphrase the sweet spot for most people? Thanks in advance.
@AGoogleUser-hf5zg 5 жыл бұрын
OCT. 1 IS COMING!! Q4= FRESH MONEY FOR BTC!!
@v4freedom 5 жыл бұрын
Ledgers do not have passphrases...hmmm...
@carpettunnel8837 5 жыл бұрын
v4freedom the nano s does
@bitcoin.seit.2016 4 жыл бұрын
Wrong
@10thaccount 5 жыл бұрын
Hi Andreas, would it be safe to mix 6 random words (that you have memorized) into your 24 seed words, and then make it public (so you will never lose it)?
@aantonop 5 жыл бұрын
Not safe.
@fsmoura 5 жыл бұрын
It's ok, Andreas, I devised my own infallible scheme! I'll post my passphrase, _and_ my mnemonic seed online, but I'll post each one with different account. The seed with jondoe07, and the passphrase with jondoe08. Then no one will be the wiser! 👌 👌 👌
@renhoek7927 7 ай бұрын
brilliant!
@memecoinmafia2732 3 жыл бұрын
how to make something simple sound complicated 👎
@Tom-bn5zd 2 жыл бұрын
Are 6 words random passphrase from the dice the sweet spot for most people?
aantonop
Рет қаралды 38 М.
Doug Bopst
Рет қаралды 12 М.
Crypto Guide
Рет қаралды 17 М.
Jonathan Levi - Bitcoin for the Masses
Рет қаралды 4,2 М.
Rozetked
Рет қаралды 470 М.
Tokparty
Рет қаралды 1,8 МЛН