20 sats \ 0 replies \ @orthwyrm 23 Dec 2023 \ on: Help me improve on this. security
So you currently have:
Seed Backup #1: HWW
Seed Backup #2: Steel Plate
Passphrase Backup #1: Paper
Passphrase Backup #2: Memorised (?)
That covers the back-up redundancy, but there are some weak points here.
Some ideas:
-
You currently have S1, S2 and P1 stored together at the same place. Consider moving S2 and P1 to secondary secure locations if you have access to them and can check them regularly (say every 3-6 months).
-
As you won't be accessing S2 and P1 regularly (only to restore the HWW), consider placing these in opaque, tamper-proof envelopes. This way you can check if either of the secrets have been compromised.
-
There is some other data you may wish to consider backing up too, such as the derivation path, HWW PIN, and anti-phishing code (supported by some devices like the ColdCard).