Picking a Good BIP39 Passphrase (25th Word) or avoiding a bad one. For Trezor, Ledger, & Keepkey

Описание к видео Picking a Good BIP39 Passphrase (25th Word) or avoiding a bad one. For Trezor, Ledger, & Keepkey

Securely Backup your seed and passphrase
ColdTI: https://www.amazon.com/TopHat-Technol...
CryptoSteel: https://www.amazon.com/Cryptosteel-MN...

Keep all your crypto safe & upgrade to a Ledger Nano X Hardware Wallet https://shop.ledger.com/pages/ledger-...

Alternatively, if you prefer a 100% Open Source wallet, a Trezor One is also a great value wallet https://shop.trezor.io/product/trezor...

Notes and spreadsheet on GitHub: https://github.com/3rdIteration/BIP39...

Further Reading:
https://www.eff.org/deeplinks/2016/07...
https://ledger-donjon.github.io/Unfix...
https://blog.trezor.io/is-your-passph...
https://coldbit.com/can-bip-39-passph...


---------------------

If you are new to Crypto, my suggestion is that you start with buying ~$150 worth of Bitcoin, Ethereum, Litecoin @ Coinbase and get familiar with storing it, moving it around, etc.

For your first purcahse, just stick with CoinBase: https://www.coinbase.com/join/5691c9d...

For Trading, just start with Binance: https://www.binance.com/?ref=18111926

By sticking with large, reputable exchanges for your first purchase (Coinbase) and first trade (Binance) you can avoid getting scammed right at the start by purchasing a non-existing coin off a scammy exchange. (You would be surprised how many people fall into this trap)

Don't have a hardware wallet?
Be safe and buy them direct from the manufacturer. (Not just through some random on eBay, Amazon, etc)
Get a Ledger: https://shop.ledger.com/?r=5243ecbb8427
(If you are just starting out, I would just recommend a Ledger Nano S)

If this was helpful, feel free to send me a tip:
BTC: 37hiiSB1Poj6Shs8WawPS2HjT2jzHkFSQi
BCH: qr9qenlgjh0xlyz802h70ul69rpdj8z6qyuh7m79ah
LTC: MRWnUcsyofisVp5GvX7nxMog5caneycKZ6
ETH: 0xCe41d43349E1c8C53E02631650E236d94A899a95
VTC: vtc1qxauv20r2ux2vttrjmm9eylshl508q04uju936n
ZEN: znUihTHfwm5UJS1ywo911mdNEzd9WY9vBP7

Selecting a BIP39 Passphrase (or 25th Word or two-factor seed phrase)
Or at least avoiding a bad one...
Plenty of FUD and paranoia out there...
Some key things to understand to help you make an informed decision...
Assumptions to Avoid
1) The tools/process/etc to crack a BIP39 password are hard to come by and hard to use
1a) A potential adversary has access to the same tools I do...
2) I have a Ledger, not a Trezor, so key extraction isn't something I need to worry about...
3) An 8 character password works for "online service name" so it is ok for this too...
4) My memory is reliable...
5) A passphrase that is secure today will be secure in 10 years' time...
6) I need a 37 character long, fully randomized passphrase...
7) Everyone needs a passphrase...

At the end of the day it's about clearly understanding the risks and taking steps to manage them in light of your particular circumstances...

Points to Consider when Selecting a Passphrase
1) Clearly understand what your objective of using a BIP39 passphrase actually is.
2) Pick something that you won't forget, most important point of all :)
2a) Include consideration of your passphrase in your backup process
2b) Know that your passphrase doesn't have rules or limits that make it robust to mistakes like your 24 word seed does...
(EFF Diceware Short 2.0, unique 3 characters)
3) Don't reuse a password from somewhere else, especially an online service
4) Don't use something short (6 chars or less) unless its for plausible deniability
5) Check lists like RockYou.txt, phpbb.txt to make sure your passphrase isn't on there :)
6) If you are using stuff like diceware, understand the different advantages that the long list provides (security) vs the EFF 2.0 short list (robust backups). Make sure you use enough words...
7) Assume that anything which could be recovered within a year via BTCRecover could be recovered via someone with proprietary tools, GPU tool, etc, in under a month.
8) Review annually
Suggestions for...
To balance...
*Security (Passphrase length)
*Robust backups (only diceware words, no upper case, symbols, etc), *Randomness (diceware)
Assuming
10x CPU - GPU performance vs 48 vCore Linode...
1000x GPU - ASIC performance vs 1080ti
Taking seriously probabiliy to break, not full computation time.
Plausible Denyiability (1% chance of finding within a month):
Securing Backup (1% chance within of finding within 5 years):
Paranoia (1% chance finding within 100 years) :

Backups: Crypto Steel

#bitcoin #btc #ethereum #eth #cryptocurrency #crypto #ledger #trezor #security

Комментарии

Информация по комментариям в разработке

Похожие видео