pull down to refresh

Is your passphrase strong enough?blog.trezor.io/is-your-passphrase-strong-enough-d687f44c63af
173 sats \ 8 comments \ @klk 3 Jul bitcoin
write
preview
related posts
38 sats \ 4 replies \ @Scoresby 3 Jul
I have always been a little doubtful of passphrases. It seems like you are just turning your 1 of 1 into a 2 of 2, which to me, increases the likelihood that you will lock your own self out of your funds.
If you want better security, why not just use multisig?
reply
102 sats \ 2 replies \ @klk OP 3 Jul
Let's say you have a back up of the seed in a safe in a house in another country.
It's not impossible for someone to break in and get it. If there's no passphrase, bye bye funds.
If there's a passphrase, even a shitty one, you would have enough time to find out and move the funds somewhere else before the passphrase can be cracked. You probably don't need a passphrase that resists years of bruteforcing, but that few weeks advantage can be very handy.
If not, how do you store your backups? Can they really be distributed and accessible enough for yourself while at the same time not for others? If not multisig of course. But even with multisig I would be uncomfortable with the possibility of someone obtaining a copy of my key anytime.
reply
76 sats \ 0 replies \ @Scoresby 3 Jul
I use multisig and don't feel worried at all. If you made a 3 of 5, you could have two keys get compromised and still be good. Store the backups in tamper evident bags and check 'em once a year.
reply
121 sats \ 0 replies \ @avo 22h
I agree with you. A passphrase allows for backup in separate locations and increases entropy of seed, not sure how one can argue against that. Musig is something different and of course is most secure, with the tradeoff of complexity. The Bitbox article going around makes a comment against passphrases that someone might see you enter it in public....no! Passphrases are for cold storage only, never take a HWW out in public. If one needs to spend somewhere use Lightning or hot wallet with small amount on phone.
reply
102 sats \ 0 replies \ @denlillaapan 3 Jul
Yep, exactly my error... With a wallet now containing 24 says (hashtag generational wealth)
reply
0 sats \ 1 reply \ @d680ecaa8e 3 Jul
I think facial recognization is better than passphrase how could be easily compromized.
reply
36 sats \ 0 replies \ @5atoshiNakamoto 3 Jul
No, biometric makes a $5 wrench attack way easier
reply
0 sats \ 0 replies \ @denlillaapan 3 Jul
No, probs not
reply