pull down to refresh

What's your go-to way for saving and backing-up your wallet information?
I'm asking 'cause as of now, i'm not all that happy with my current setup (words + passphrase all in one location).
I've got the words backed-up in steel, the passphrase is still on paper, though.
Also, what are some good alternative ways of storing said information? I dont intend to do much sending from that wallet, so it's no problem if logging-in is a pain in the ass.
Also-also; While setting up my current wallet, I've done everything "right" as far as opsec goes, at least I think I did.
I've shut the blinds, covered every camera in the room and tried to not mumble any words or details I typed in (the hardware wallet) or wrote down.
I also bought a brand new laptop and a reputable hardware wallet from the manufacturer, verified the hardware wallet's software on authenticity (checked the Hash) and done nothing fishy with anything involved... And I still feel vulnerable.
I'm getting the "urge" of creating a brand new wallet (reset the device and move funds to the newly generated wallet) just to be "clean" again. Im overreacting ain't it?
If anyone would have access to my stack, it'd be long gone already, and I've played everything to the book so nobody will get to my stack anyways...
Anyways, how do I improve on my current situation of storing said information?
99% of "stolen" coins were practically handed over on a silver platter or they were sitting in plain sight (using bad entropy).
99% of "lost" coins would have been just fine on a piece of paper in a safe at home. But the holder got too paranoid and locked themselves out somehow.
Whoever sold you a HWW is profiting off your paranoia. Keeping a secret doesn't require a fancy calculator. You're doing just fine bro.
reply
Nah dude, I've worked hard and long for the stack I've got, I gotta have the extra protection, albeit a bit fancy for some...
reply
For those that don't know about cost effective ways to put your seed phrase on steel. Here's a cheap, safe, and easy way to do it.
Buy a bolt and washers. Buy a letter and number stamp set. Press your seed into the washers and put it on the bolt. Secure it somewhere safe.
For more info check out Econo Alchemist's write up.
reply
Anyways, how do I improve on my current situation of storing said information?
So you currently have:
Seed Backup #1: HWW Seed Backup #2: Steel Plate Passphrase Backup #1: Paper Passphrase Backup #2: Memorised (?)
That covers the back-up redundancy, but there are some weak points here.
Some ideas:
  1. You currently have S1, S2 and P1 stored together at the same place. Consider moving S2 and P1 to secondary secure locations if you have access to them and can check them regularly (say every 3-6 months).
  2. As you won't be accessing S2 and P1 regularly (only to restore the HWW), consider placing these in opaque, tamper-proof envelopes. This way you can check if either of the secrets have been compromised.
  3. There is some other data you may wish to consider backing up too, such as the derivation path, HWW PIN, and anti-phishing code (supported by some devices like the ColdCard).
reply
Is this THO's Stacker News account, lol?
You're fine aside from the few week points @orthwyrm pointed out, just make sure not to forget certain information; being too secure makes its easier to lose track of information that ensures your ability to access that secured info.
reply
Consider using a password manager for secure storage. Encrypt the information.
reply
Before resetting the device make sure you've got the words exactly right otherwise you may lose your money. My 2 sats
reply
Check.
reply
Is it still safe if someone knows the private keys but do not know the added passphrases ? Therefore, there is nothing on the origin wallet. Only passphrases has balance.
reply
Doesn't change the fact that either one of them works with addresses, thus nothing changes: in both options a private key could be guessed, albeit it that the chances for that are impossibly small.
reply
i encrypt it with gpg -c seed.txt
reply
reply
Moreover, make it a 2/3 multisig, GPG encrypt the seeds and then distribute the encrypted seeds to friend/family in other states/countries.
reply
I'd rather have it offline.
reply
Multisig requires the x/y/z Keys to be backed-up too, correct?
reply
Yes, that's right. The public keys themselves don't grant permission to spend of course, so you can make many copies.
A multi-sig backup scheme could look like the following:
1: HWW #1 + Seed #1 + xPubs #1, #2, #3 2: HWW #2 + Seed #2 + xPubs #1, #2, #3 3: HWW #3 + Seed #3 + xPubs #1, #2, #3
Where the seeds and xPubs are stored on laminated paper.
reply
yes, that is good. but an encrypted backup you can just email yourself is good too imo.
reply
Dude, that'd trigger my paranoia to the max.
reply
I mean.. you'd have to type it before you encrypt it. There's a half dozen vulnerabilities on the way to that
reply
Exactly.
reply
Just dont do that
reply
deleted by author