0 sats \ 2 replies \ @ek 6 Sep 2023 \ parent \ on: Hiding a seed phrase meta
These apps are secure and strongly encrypted.
Wasn't the case with LastPass
And if you're really worried, you can extend the idea to 3 password managers with 4 words on each.
If you're really worried (like I am about my regular passwords), I would self-host the password manager (for example using vault warden) and hide it inside a VPN.
I know people who hide their seed in "plain sight" by typing them inside a random image (like family picture). They usually do that using very small fonts so you would need to zoom in multiple times to actually see the words.
Zooming in? You sure? I thought you were taking about steganography
partial storage
This idea seems flawed since it's a bad trade-off between you forgetting them and an attacker having to brute force just 3 words in case.
If you make the position non-trivial, you also have to remember that.
You won't be able to keep up with an attacker with enough resources to brute-force the words+position vs you trying to not forget them
Securely storing a list of 12 words is not that difficult (although I'm not crazy about your fish tank idea).
Securely storing it for extended periods of time is.
write
preview
21 sats \ 1 reply \ @phygit 6 Sep 2023
Yes, I'm sure about the zooming. I didn't mention stegano because it's obviously more complex.
As I said, partial storage + memory is not ideal, but the main idea is that an attacker would hesitate to try to brute force a seed without being sure of how much money is attached to it. Too lazy to make the calculations, but pretty sure it would cost some money to brute force 3 out of 12 words without knowing the positions.
reply
0 sats \ 0 replies \ @ek 6 Sep 2023
but the main idea is that an attacker would hesitate to try to brute force a seed without being sure of how much money is attached to it.
I see. Didn't consider that. Good point.
reply