I recently published a post with 10 tips to protect your seed phrase:
I was surprised how many people found the concept of passphrase (25th word) fascinating and didn't know about it before.
Thus, I'm writing this post to explain what a passphrase is and how it can protect you even further.
Background & Prerequisites
To understand this post, you need to have at least basic understanding of self-custody.
Understanding seed phrases (12 or 24 words) and how you need to protect those to keep ownership of your wallet.
However, even if you do everything correct technically, you're still vulnerable to the $5 wrench attack.
The Wrench Attack
The $5 wrench attack is a non-technical but social engineering attack, where you are forced to give out your private keys against your will.
It's called the $5 wrench attack because someone can get a cheap wrench, come to your house, and pass any security you have by using violence.
Needless to say, many of us would succumb to this in many cases - especially if our loved ones' lives are in danger or we're threatened with loss of freedom by the government.
The Passphrase (25th Word)
A passphrase is an extra word you can use on top of your 24 words.
This will allow you to control a completely new set of addresses.
Having a 25th word is crucial, because you can choose the word yourself - it's not part of the BEP39 word list.
This makes it easy to remember and adds extra security in case someone gets access to your 24-word seed phrase.
Handling Wrench Attacks the Right Way
So, you posted a story about crypto on your Instagram and the local hoodlums decided to raid your home. They see that your CEX accounts are empty and ask you for your seed phrase.
You give them your seedphrase.
You lost 1% of your portfolio, but your wealth is still safe in your wallets behind the passphrase.
You already got it: put a relatively small amount of crypto in the wallet controlled by your seed phrase., but the majority of your portfolio should be stored behind the wallets controlled by the 25 words.
This way, even if you find yourself in a situation where you are forced to give out your seed phrase, you can comply and still keep custody of your actual portfolio.
Tutorial
Now that you know the word "passphrase", it's quite easy to find it in your wallet provider.
For Ledger users, you go to Settings -> Security -> Passphrase -> Set Temporary and enter your 25th word.
For Trezor users, it's similar - go to Settings -> Device -> Security and click toggle next to passphrase.
This means that the passphrase will only be effective for this session and once you plug your device out, it will restart.
Pro Tip
You can have practically infinite passphrases.
So whenever you feel a certain address gets "heavy", you can always create a new set of addresses and continue accumulating there.
And of course, never link your identity to any of the other wallets.
TLDR: Use a 25th word so if you lose/are forced to give your 24 words, you still can control the addresses behind the passphrase.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments