Hi everyone,
There's been ongoing discussions in the past few days regarding the Ledger Recover service where it seems the seed phrase gets encrypted, split in 3 then placed in 3 jurisdictions (US, UK and France)
At first it seems like a compromise regarding security as it opens the door for collusion and state intervention to get access to one's funds, but what about this idea: use the backup service for the 24 words, and keep all funds under a passphrase. This way, you only need to remember one word/phrase (you can write it anywhere, with the benefit that it doesn't loop suspicious at all like the 12/24 words combination), you can recover the base 24 words at any time, and even if the state or some hackers manage to recover your seed phrase, there's no funds there since everything is under a separate passphrase.
This would also cover the case when someone impersonates you and managed to trick the KYC process - they would know the 24 words, but without the passphrase they have nothing.
So in the end it seems like the security game in this scenario has changed from having to secure 24 words (plus a passphrase optionally), to securing a single passphrase, which arguably is much easier.