Keep all your crypto safe & upgrade to a Ledger Nano X Hardware Wallet shop.ledger.com/pages/ledger-nano-x?r=5243ecbb8427 Alternatively, if you prefer a 100% Open Source wallet, a Trezor One is also a great value wallet shop.trezor.io/product/trezor-one-white?offer_id=14&aff_id=2922&source=TH-cam
So, if you are a safe person and you know the ins and outs of when to use the seed, and you protect the seed by not sharing any part of it with others, then what's the issue with 12 words? And, if you apply a passphrase to the 12 words, haven't you completely mitigated the issue? I think this is really more about how to properly secure the seed so that you can use it when needed but also so that its not easily usable by thieves. I think the best approach is a passphrase that is not stored with the seed. In fact, ideally its a passphrase that is never written down at all.
One of the other factors that I don't cover here which has increasingly been an issue is the checksum on 12 word seeds is really weak. Basically you can have a mistake and still have a 1/16 chance that it checksums correctly as opposed to 1/256 for 24 word seeds.
12 seed words is enough. The odds of someone guessing 12 seed words in the proper order out of 2048 words is a 40 digit number to 1! 1 quintillion is only a 20 digit number. Guessing 12 seed words in proper order is like winning the lottery and being struck by lightning at the same time
The best reason actually isn't covered in this video and that is the stronger checksum that 24 worss gives you... The checksum on a 12 words seed is so weak that you can swap two words and have a 1/16 chance of the checksum being valid. (Compared to 1/256 for a 24 word seed) A strong checksum makes it much easier to identify and resolve errors in your seed transcription... The other reason is for folk who roll their own entropy, basically if you are using something like biased dice, it actually ceases be an issue once you get up to 24 words. 24 is more secure when folk do things like splitting, scrambling, etc. (and is also secure for the Trezor "standard recovery" whereas 12 is not...
Forget the words. The words are just a representation of a large number. For 12 words that number has 132 bits (128 + checksum IIRC). That means there are 2^128 possible numbers, or 1 in 2^128 of "guessing" the same number. However that assumes a perfect random number generator that provides a uniform distribution of random numbers. That's unlikely to be true. It doesn't change the math very much, but figure 80% uniform instead. That reduces the space from 2^128 to 2^102, or the equivalent of dividing the possiblities by 2, 26 times. (Dividing by 2 twice means you have 1/4 as many, divide by 2 again and you have 1/8 your starting possiblities, etc.)
@@CryptoGuide Exactly. Which is why with a 12 word or 132 bit phrase, there are as I said, "2^128 possible numbers" in a perfect distribution. (And I looked it up, 12 words use 4 bits of the sha256 for the checksum.)
Forgetting the words works for understand how much entropy is being represented, but needs to be considered if you want a checksum that it actually useful ;)
Even quantum computers won't be solving 256bit keys any time soon. (They aren't magic) The networks themselves are also only using 256bit private keys, so there is also that.
Basically when you do standard recovery the Trezor device will tell you to enter the seeds in a random order, but for 12 word seeds will add in some extras. The problem is that if someone was keylogging your system and you ran through the process twice, you would reveal your 12 seed words. (As the random extras change every time) Descrambling a 12 words seed is a trivial matter.
@ I see, so this is only a problem on Trezor one, not model t, safe 3, safe 5? Right? The later models don’t have you entering the seed on the computer, it’s done on device.
@@martinlutherkingjr.5582 That's right. The main issue for a while there was where people had a 12 word seed from a Trezor T and was using a Trezor One as a backup device.
Glad it helped. One feature of 24 word seeds that I didn't talk about is that they have a much stronger checksum, so are far more robust against making a mistake writing them down.
I'm curious how you managed to permute all 12 mnemonic combinations and find the desired public key in just 20 mins. I did that and it takes a few hours (using a mac m1 cpu). I tried both Java and JS, which are fairly inefficient for these tasks. Do you have the source code for the one that resulted in 20 mins? Thanks!
It depends on the seed type, but if you just use BTCRecover (github.com/3rdIteration/btcrecover) you can easily do it in an hour with GPU acceleration, less for Electrum seeds.
Yea hot wallets generally do. If you really want a longer seed then you need to use another tool to generate it. (eg: Ian Coleman's BIP39 tool, Coinomi, etc) It's easy to mess this up so is probably not a good idea.
How secure is this, please: 6-word mnemonic PLUS a passphrase of at least 10 characters? I know this is less secure than 12 words. But I'm thinking of it as a "last resort" which I can definitely memorise and not writing anywhere at all. Thanks in advance.
A 6 word mnemonic is really low entropy and most wallets won't even accept it. Also, memorizing your seed is a really bad idea don't do it, you will lose everything. Your best bet is to go with a 12 or 24 word seed, keep it written down on something resilient like steel and then if you want to secure the backup, add a BIP39 passphrase. (Just using words off something like the EFF short list)
As a nurse, have you ever consider how fragile the human brain is? Car wreck, fall, stroke, and many others!!! I'm with you on worrying ab safety but I heard that from someone at work and it's a good point. 🤷🏻♂️
Yep, Ledger/Trezor (and most decent wallet vendors) will have no issue using BIP39 passphrase from each other. The only catch is things like Trezor limiting it at 50 characters, while Ledger is 100... Ledger doesn't support the ^ character, etc... Just s few small quirks like that.
If you choose the world yourself then it will be low entropy. Memorizimg the words is also really bad, as you are then one head injury away from losing everything.
@@CryptoGuide Although a seed phrase generated by a human has lower entropy. Wouldn't using a 256-bit 24 word seed phrase offset the lack of randomness enough to be acceptable?
Yep, basically even when people thing they are choosing randomly, they basically never are... If you want to choose your own, then use something like dice.
No, you would need to generate a new wallet. The reality is that a 12 word seed is fine as long as you aren't doing some of the common DIY things that I have seen folk do. (splitting it up across 3 cards, scrambling it, etc)
@@martinlutherkingjr.5582 with Trezor you have both your PC and the Trezor itself generating it and combining it, so even if either one of those sources of entropy work then you are ok. That said, if you want to do it trustlessly in a way that doesn't require code review, just use dice :) (this is why I love that the Coldcard lets you add some extra dice rolls yourself as part of the standard on-decice initialisation)
Would you be confident in Ledgers RNG to generate your seed? Overall, I really like the Ledger and its usability, but there's some doubt at the back of my mind about the seed generation that you simply have to trust.
@@FPFPV Ledger's RNG is likely better than anything that you would have in your browser or normal OS and certainly better than you choosing the words yourself. If you are worried about Ledger's RNG, then you can just load up Ian Coleman's BIP39 tool in Tails Linux and generate your seedbwith dice. :) (Or use something like a Coldcard where you can add dice-rolls to its seed generation step)
Love your channel. Can you please teach me how to set up 24 words seed phase with trezor T? I know you have mentioned to someone else regarding electrum.. Can you please make a video for dummys?
Once you have the firmware on the device (you can just do this with the standard web wallet), it's actually identical to what I cover in my video on setting up a Keepkey with Electrum.
@@CryptoGuide Thanks for the reply! I also saw you have a video regarding the python cmd line to add micro sd to trezor T for additional security. Meanwhile, I found that from trezor website, they have guideline regarding setting up 24 words seed with trezorctl. Which way do you recommend (electrum or trezorctl)? If latter, can you please make a video about it?
@@CryptoGuide Just watched your video "setting up a Keepkey with Electrum" It is a great video! Thanks! May I ask one question? I watched your other video regarding verify the electrum download (you even downloaded a scam version to demonstrate the signature check would fail with the scam version and would pass with the genuine version). Is this verification step only meaningful for those using electrum as their main wallet? In other words, if I only use electrum as a tool to setup my trezor device so that I can have a 24 word seed phrases, and I will only use trezor wallet from that time on (with trezor GUI), do I still need to worry about if the version of electrum I download is the real or scam version? (I am under the impression that the scam version of electrum may access the private key if I use electrum as my hot wallet. But if I use a hardware wallet like trezor, even the scam version of electrum should not be able to see my seed phrase on trezor device, do I understand it correctly? ) Thank you so much!
If you are using Electrum with a hardware wallet then even a malicious copy of that wallet can't steal your funds. I actually have a video on Electrum vs Malware that demonstrates this.
Hey!, (sorry for my bad english), i have a question, ¿Can a virus steal my seedphrase while im generating it on my Trezor setup? ¿There is some type of security system that protects the passphrase generation? And the last one: ¿It really matters on terms of security, if i setup my trezor with the internet connection off? Im new on this and im a bit paranoid about all this questions, keep your work on dude, you are amazing.
Your Trezor is designed so that it can securely generate a seed, even if doing so while connected to a compromised PC. Some devices like the ColdCard take this a step further and protein perform all operations fully offline. (Though whether this is necessary is debatable)
The passphrase is just part is the BIP39 spec, so it works fine. With ledger you can choose to assign the passphrase to a second pin or to enter it each time.
Is there any reason to believe a 24 word seed generated on a Trezor One to input into a Model-T is less secure than a 12 word seed generated on a Trezor Model-T? Model-T only allows you to generate a 12 word seed but you can input a 24 word seed.
In terms of seed generation, Trezors mix the entropy from the HW wallet and your PC, so that is good. The Trezor T does actually let you initialise with a longer seed, you just need to use something like Electrum or the Trezor python library to do it. 12 is fine if you aren't doing things like splitting or scrambling your seed backups.
R-77 I’ll bet I can crack a 12 word seed on a phone within a day. It depends on the seed and how it was generated. It would likely cost more to brute force a randomly generated 12 word seed within a year than Bitcoin’s entire marketcap. Play the lottery if you want to gamble against bad odds.
I bought one to have a look and and it's so bad that I haven't been able to find the motivation to actually do a video review... It's on the comparison list here cryptoguide.tips/hardware-wallet-comparisons/
I just got a new hardware wallet. The old wallet has a 12 word and the new wallet offers 24 words. Although I hold a small amount on this wallet I still would like it to be safe. I'd have to send coin to the new wallet...and wipe the old wallet. Unless there's a way to restore a 12 word within a 24 word address lol... Not sure what to do. I thought Andreas antonopoulos said 12 words were still mathematically safe but I don't recall.
Most wallets that support 24 will also support 12. The main risk with 12 is the weaker checksum and dumb things people do like scrambling and splitting their seed. (These things can be secure for 24, but easily not for 12) So if you restore it and the funds are there then you are fine.
Yep, you just need to use Electrum to initialize it rather than Trezor suite. (Device behaves the same afterwards regardless of what you just to initialize it)
@@CryptoGuide OMG its so Complex 😵😢 Sir please help me....can i go with the TrezorOne for the default 24seed? Is that safe enough compared to TrezorT. I only own BTC & ETH. TrezorT is so good but that 24seed is what i need....i am so confused.
Doesn't support 3rd party software for wallets and also doesn't implement Bitcoin properly, just keeps on re-using the same address over and over again. I would avoid it.
@@CryptoGuide what do u mean with using the same address over and over again? Just bought the ellipal Mini and the passphrase Feature has no effect on the outcome...
Wrong and misleading, 12 words is more than secure enough. If you are watching this trying to figuring this out try to watch other information and not just rely in this video.
The main issue with this video is that it left out the most important factor, the BIP39 checksum, which is pointlessly weak for 12 word seeds, but quite robost for 24 word seeds :) Basically, 12 words might be secure when it comes to entropy, but isn't safe when it comes to usability.
I only wish that my trezor model T allowed me to make a 24 word seed. Because it has a screen and the word never once appear on the computer... they consider 12 secure enough and only give you that option... I also permanently imprinted the seed into my HODLR disk cold storage device ($150 but so beautiful and functional) so I dont wanna simply transfer my coins onto a 24 word seed address, rendering my HODLR disk useless. In the future I will buy another HODLR disk and create a 12 word but for now I'm stuck with my 12. On the plus side, I can easily memorize 12 words in case I need to smuggle my crypto into another country lmfao! BUT... I do have a passphrase that's like 50 characters long... so technically my seed is 13 words with the 13th word consisting of 50 letters. That's gotta come damn close to 256 bits! Edit: I just found a passphrase entropy calculator and I learned that in total, my 12 word mnemonic plus passphrase has 298 bits of entropy! Still wish I had a 24 word seed though because then I'd have 426 bits lol. USE THE PASSPHRASE FEATURE PEOPLE! It's future proof
That's only if you are using Trezor suite. It can be initialized with a full 24 word seed if you use something like Electrum, Sparrow, or Trezorctl in the command line.
@@CryptoGuide Ahh I see. Its all good now. After finding that entropy calculator I'm feeling great about having 298 bit entropy. Memorized 12 word seed and unforgettable passphrase will serve me just fine
If you bought a phone and just used it for crypto and didn’t worry about a hardware wallet because there a pain in the arse , would you be 100% safe ? Providing you didn’t go on a fake website or clicked on a bad link ?
Don't trust, verify. I have a number of videos where I run through how to do this via validation of things like address generation, others where I demo DIY hardware devices. Your best bet is to make a new comment thread, as TH-cam won't notify me of any subsequent replies you make here. (As the base comment in this thread is a year old)
One part that I missed in this video is that 12 words seeds have a really weak checksum compared to 24 word, something which is particularly important if your wallet doesn't validate seed at onboarding properly like a Trezor T.
Please suppress this BS video that misleads beginners. Today it's well known that a 24 words seedphrase doesn't give you more entropy than a 12 words one. In both cases, the entropy of your private key is 128 bits. This 24 words feature is completely useless and should be suppressed from Bitcoin.
This video actually misses the most important point which is that the checksum for 24 words is much better. I'll probably redo it to include both this as well as SLIP39 type seeds as well.
@@CryptoGuide 128 bits is the MAXIMUM entropy of every single Bitcoin private key! Educate yourself... "ECDSA and Schnorr are themselves 128-bits secure." Adam Back, March 13th 2023 Period.
That's correct and it would be nice if it were that simple when it comes to seed length, but engineering doesn't work that way. For example, do you know what a checksum is and how strong it is for different seed lengths? (Or different schemes if you include SLIP39) Are you confident that data you selected on the input is actually 128bits of entropy? (If you used a TRNG it's probably fine, but if you used dice then maybe not)
@@CryptoGuide The checksum's length in a seed phrase has nothing to do with securing private keys. It's purely for integrity verification. The actual security lies in the seed's entropy, which is robust against brute force attacks. Claiming otherwise shows a lack of understanding of how cryptographic security works. Saying TRNGs are more reliable than dice rolls is flawed. Physical randomness from dice, when done right, can be more trustworthy than a potentially faulty TRNG.
Integrity of you backups is part of security of your overall setup, so I'm glad that you at least understand that such a thing exists. The issue with BIP39 is that the checksum strength is tied to the seed length, so 12 word seeds are extremely error prone. (Though this problem is resolved in SLIP39, so the 128 bit share groups are fine) Dice are better in an ideal world, but both compensation for the base conversation with dice and accounting for dice bias is basically an unknown, but if you do enough rolls for 24 words you have more than accounted for both and can be confident that you still have more than 128 bits of real entropy. There is no disagreement that 128 bit keys are cryptographically secure, but rather a question of what is best once all the factors for creation and use of a backup set are considered.
Keep all your crypto safe & upgrade to a Ledger Nano X Hardware Wallet shop.ledger.com/pages/ledger-nano-x?r=5243ecbb8427
Alternatively, if you prefer a 100% Open Source wallet, a Trezor One is also a great value wallet shop.trezor.io/product/trezor-one-white?offer_id=14&aff_id=2922&source=TH-cam
So, if you are a safe person and you know the ins and outs of when to use the seed, and you protect the seed by not sharing any part of it with others, then what's the issue with 12 words? And, if you apply a passphrase to the 12 words, haven't you completely mitigated the issue? I think this is really more about how to properly secure the seed so that you can use it when needed but also so that its not easily usable by thieves. I think the best approach is a passphrase that is not stored with the seed. In fact, ideally its a passphrase that is never written down at all.
One of the other factors that I don't cover here which has increasingly been an issue is the checksum on 12 word seeds is really weak. Basically you can have a mistake and still have a 1/16 chance that it checksums correctly as opposed to 1/256 for 24 word seeds.
Exactly what I was looking for. Thank you, sir, for such specific info.
Glad it helped
12 seed words is enough.
The odds of someone guessing 12 seed words in the proper order out of 2048 words is a 40 digit number to 1!
1 quintillion is only a 20 digit number.
Guessing 12 seed words in proper order is like winning the lottery and being struck by lightning at the same time
The best reason actually isn't covered in this video and that is the stronger checksum that 24 worss gives you... The checksum on a 12 words seed is so weak that you can swap two words and have a 1/16 chance of the checksum being valid. (Compared to 1/256 for a 24 word seed) A strong checksum makes it much easier to identify and resolve errors in your seed transcription...
The other reason is for folk who roll their own entropy, basically if you are using something like biased dice, it actually ceases be an issue once you get up to 24 words.
24 is more secure when folk do things like splitting, scrambling, etc. (and is also secure for the Trezor "standard recovery" whereas 12 is not...
Forget the words. The words are just a representation of a large number. For 12 words that number has 132 bits (128 + checksum IIRC). That means there are 2^128 possible numbers, or 1 in 2^128 of "guessing" the same number. However that assumes a perfect random number generator that provides a uniform distribution of random numbers. That's unlikely to be true. It doesn't change the math very much, but figure 80% uniform instead. That reduces the space from 2^128 to 2^102, or the equivalent of dividing the possiblities by 2, 26 times. (Dividing by 2 twice means you have 1/4 as many, divide by 2 again and you have 1/8 your starting possiblities, etc.)
The checksum isn't part of the entropy and is dependent on the number of words used :)
@@CryptoGuide Exactly. Which is why with a 12 word or 132 bit phrase, there are as I said, "2^128 possible numbers" in a perfect distribution. (And I looked it up, 12 words use 4 bits of the sha256 for the checksum.)
Forgetting the words works for understand how much entropy is being represented, but needs to be considered if you want a checksum that it actually useful ;)
Because of your help more people are able to get into BTC, and that creates adoption and growth. Thank you!
Thanks
Thanks for making this video. Slowly learning with your help
No problem!
They should make a 96 word mnemonic phrase option so we can all just stop worrying about quantum computers stealing our lunch.
Even quantum computers won't be solving 256bit keys any time soon. (They aren't magic) The networks themselves are also only using 256bit private keys, so there is also that.
@@CryptoGuide interesting
They can't even 12😂
That's right, though they will certainly get broken far earlier than the larger seeds.
Having more entropy than Bitcoin as a network uses for encryption wouldn’t help you.
What do you mean by trezor “padding out” a 12 word seed when doing recovery? Where does that show up? Where could it be leaked from?
Basically when you do standard recovery the Trezor device will tell you to enter the seeds in a random order, but for 12 word seeds will add in some extras. The problem is that if someone was keylogging your system and you ran through the process twice, you would reveal your 12 seed words. (As the random extras change every time)
Descrambling a 12 words seed is a trivial matter.
@ I see, so this is only a problem on Trezor one, not model t, safe 3, safe 5? Right? The later models don’t have you entering the seed on the computer, it’s done on device.
@@martinlutherkingjr.5582 That's right. The main issue for a while there was where people had a 12 word seed from a Trezor T and was using a Trezor One as a backup device.
If I were to order a Trezor and wanted to create a 24 word seed, how can I do this if it does not support 24 words on set up?
If you use Electrum for the wallet setup you can select that you want 24 words.
Does MetaMask support 24-word seed phrases?
No
Thanks , just what I needed to know right now :)
Glad it helped. One feature of 24 word seeds that I didn't talk about is that they have a much stronger checksum, so are far more robust against making a mistake writing them down.
I'm curious how you managed to permute all 12 mnemonic combinations and find the desired public key in just 20 mins. I did that and it takes a few hours (using a mac m1 cpu). I tried both Java and JS, which are fairly inefficient for these tasks.
Do you have the source code for the one that resulted in 20 mins?
Thanks!
It depends on the seed type, but if you just use BTCRecover (github.com/3rdIteration/btcrecover) you can easily do it in an hour with GPU acceleration, less for Electrum seeds.
@@CryptoGuide That tool is actually very interesting, I'm glad people work on these and let everyone use it. Thank you!
I actually maintain that fork, it's certainly useful for a lot of folk who get in to trouble :)
Could please tell which hot wallets support 24 words in seed phrase?
What are you trying to store?
@@CryptoGuide BTC, eth, opt, arb, sol, near
If you want to have all those then you probably just need to use something like trust wallet and generate the seed using something else.
@@CryptoGuide but it supports just 12 words, as far as I know
Yea hot wallets generally do. If you really want a longer seed then you need to use another tool to generate it. (eg: Ian Coleman's BIP39 tool, Coinomi, etc) It's easy to mess this up so is probably not a good idea.
How secure is this, please: 6-word mnemonic PLUS a passphrase of at least 10 characters?
I know this is less secure than 12 words. But I'm thinking of it as a "last resort" which I can definitely memorise and not writing anywhere at all.
Thanks in advance.
A 6 word mnemonic is really low entropy and most wallets won't even accept it. Also, memorizing your seed is a really bad idea don't do it, you will lose everything.
Your best bet is to go with a 12 or 24 word seed, keep it written down on something resilient like steel and then if you want to secure the backup, add a BIP39 passphrase. (Just using words off something like the EFF short list)
As a nurse, have you ever consider how fragile the human brain is? Car wreck, fall, stroke, and many others!!! I'm with you on worrying ab safety but I heard that from someone at work and it's a good point. 🤷🏻♂️
This is basically it... Nobody plans to have a car accident...
How about 25th passphrase on trezor hidden wallet, can be recovered on ledger? Will ledger generate same address?
Yep, Ledger/Trezor (and most decent wallet vendors) will have no issue using BIP39 passphrase from each other. The only catch is things like Trezor limiting it at 50 characters, while Ledger is 100... Ledger doesn't support the ^ character, etc... Just s few small quirks like that.
Trying to wrap my head around this.
Why would a 24 word seed created by the wallet owner that is easily memorized by the creator be at risk
If you choose the world yourself then it will be low entropy. Memorizimg the words is also really bad, as you are then one head injury away from losing everything.
@@CryptoGuide Although a seed phrase generated by a human has lower entropy. Wouldn't using a 256-bit 24 word seed phrase offset the lack of randomness enough to be acceptable?
Yep, basically even when people thing they are choosing randomly, they basically never are... If you want to choose your own, then use something like dice.
Can I covert my 12 word to 24 and keep my same addresses?
No, you would need to generate a new wallet.
The reality is that a 12 word seed is fine as long as you aren't doing some of the common DIY things that I have seen folk do. (splitting it up across 3 cards, scrambling it, etc)
Crypto Guide Assuming you’re confident in Trezor’s ability to generate randomness.
@@martinlutherkingjr.5582 with Trezor you have both your PC and the Trezor itself generating it and combining it, so even if either one of those sources of entropy work then you are ok. That said, if you want to do it trustlessly in a way that doesn't require code review, just use dice :) (this is why I love that the Coldcard lets you add some extra dice rolls yourself as part of the standard on-decice initialisation)
Would you be confident in Ledgers RNG to generate your seed? Overall, I really like the Ledger and its usability, but there's some doubt at the back of my mind about the seed generation that you simply have to trust.
@@FPFPV Ledger's RNG is likely better than anything that you would have in your browser or normal OS and certainly better than you choosing the words yourself. If you are worried about Ledger's RNG, then you can just load up Ian Coleman's BIP39 tool in Tails Linux and generate your seedbwith dice. :) (Or use something like a Coldcard where you can add dice-rolls to its seed generation step)
Love your channel. Can you please teach me how to set up 24 words seed phase with trezor T? I know you have mentioned to someone else regarding electrum.. Can you please make a video for dummys?
Once you have the firmware on the device (you can just do this with the standard web wallet), it's actually identical to what I cover in my video on setting up a Keepkey with Electrum.
@@CryptoGuide Thanks for the reply! I also saw you have a video regarding the python cmd line to add micro sd to trezor T for additional security. Meanwhile, I found that from trezor website, they have guideline regarding setting up 24 words seed with trezorctl. Which way do you recommend (electrum or trezorctl)? If latter, can you please make a video about it?
There is no difference really, Electrum just let's you do it without needing to use the command line.
@@CryptoGuide Just watched your video "setting up a Keepkey with Electrum" It is a great video! Thanks! May I ask one question?
I watched your other video regarding verify the electrum download (you even downloaded a scam version to demonstrate the signature check would fail with the scam version and would pass with the genuine version). Is this verification step only meaningful for those using electrum as their main wallet? In other words, if I only use electrum as a tool to setup my trezor device so that I can have a 24 word seed phrases, and I will only use trezor wallet from that time on (with trezor GUI), do I still need to worry about if the version of electrum I download is the real or scam version?
(I am under the impression that the scam version of electrum may access the private key if I use electrum as my hot wallet. But if I use a hardware wallet like trezor, even the scam version of electrum should not be able to see my seed phrase on trezor device, do I understand it correctly? )
Thank you so much!
If you are using Electrum with a hardware wallet then even a malicious copy of that wallet can't steal your funds. I actually have a video on Electrum vs Malware that demonstrates this.
Write with lemon juice, then hot iron press the paper to make it visible
What is better then splitting up my seed for storage? That’s what I was planning to do. 24 word.
Adding a BIP39 passphrase, Shamir shares if you have a Trezor T or Cobo Vault Pro.
Hey!, (sorry for my bad english), i have a question, ¿Can a virus steal my seedphrase while im generating it on my Trezor setup? ¿There is some type of security system that protects the passphrase generation?
And the last one: ¿It really matters on terms of security, if i setup my trezor with the internet connection off? Im new on this and im a bit paranoid about all this questions, keep your work on dude, you are amazing.
Your Trezor is designed so that it can securely generate a seed, even if doing so while connected to a compromised PC.
Some devices like the ColdCard take this a step further and protein perform all operations fully offline. (Though whether this is necessary is debatable)
@@CryptoGuide Nice, i really appreciate your answer. Have a good day!
.
Which hot wallet has 24 seed and it's also an opensource?
Most software wallets don't use it by default. Basically Metamask, Electrum and Blue wallet will all let you use a 24 word seed.
Should my trezor 1 break can i use the 24 word seed on a ledger nano? If so, is it also possible if i added password security to my trezor? TIA
Yea the 24 word seed will work the same in any BIP39/44 wallet, passphrase or not. (Ledger, Coldcard, Keepkey, etc)
@@CryptoGuide What about the fact that I have added layer of security on my Trezor of a password? how do I access the password protected wallet?
The passphrase is just part is the BIP39 spec, so it works fine. With ledger you can choose to assign the passphrase to a second pin or to enter it each time.
Is there any reason to believe a 24 word seed generated on a Trezor One to input into a Model-T is less secure than a 12 word seed generated on a Trezor Model-T? Model-T only allows you to generate a 12 word seed but you can input a 24 word seed.
In terms of seed generation, Trezors mix the entropy from the HW wallet and your PC, so that is good. The Trezor T does actually let you initialise with a longer seed, you just need to use something like Electrum or the Trezor python library to do it.
12 is fine if you aren't doing things like splitting or scrambling your seed backups.
Crypto Guide Yeah, I heard you can only generate a 24 word seed on the Model-T using command line. So strange that Trezor did this.
R-77 I’ll bet I can crack a 12 word seed on a phone within a day. It depends on the seed and how it was generated. It would likely cost more to brute force a randomly generated 12 word seed within a year than Bitcoin’s entire marketcap. Play the lottery if you want to gamble against bad odds.
.
does coinomi wallet give the option for a 24 word seed ?
Coinomi can restore seeds of all major lengths. For creating a new wallet, it will give you a 24 word seed.
@@CryptoGuide thanks ..have you done a review on the safepal hardware wallet ?
I bought one to have a look and and it's so bad that I haven't been able to find the motivation to actually do a video review... It's on the comparison list here cryptoguide.tips/hardware-wallet-comparisons/
I just got a new hardware wallet. The old wallet has a 12 word and the new wallet offers 24 words. Although I hold a small amount on this wallet I still would like it to be safe. I'd have to send coin to the new wallet...and wipe the old wallet. Unless there's a way to restore a 12 word within a 24 word address lol... Not sure what to do. I thought Andreas antonopoulos said 12 words were still mathematically safe but I don't recall.
Most wallets that support 24 will also support 12. The main risk with 12 is the weaker checksum and dumb things people do like scrambling and splitting their seed. (These things can be secure for 24, but easily not for 12) So if you restore it and the funds are there then you are fine.
12 word passphrase is garbage it's not good enough. how do I import a 24 word phrase to metamask?
You would need to use another wallet like Coinomi to generate the 24 words and then import them in to Metamask
@@CryptoGuide thanks so much perfect
@@CryptoGuide no that doesn't work...I get this message.
Cannot convert string to buffer. toBuffer only supports 0x-prefixed hex strings
Sounds like you are trying to enter a mnemonic in to the "import private key" function in metamask.
Sir
I am buying the TrezorT
Can i use 24words instead of default 12?
Yep, you just need to use Electrum to initialize it rather than Trezor suite. (Device behaves the same afterwards regardless of what you just to initialize it)
@@CryptoGuideSir, is it Safe ?
It's the same as initializing it in the command line. It's still as safe as all the seed generation still happens on the Trezor.
@@CryptoGuide OMG its so Complex 😵😢
Sir please help me....can i go with the TrezorOne for the default 24seed?
Is that safe enough compared to TrezorT.
I only own BTC & ETH.
TrezorT is so good but that 24seed is what i need....i am so confused.
12 is fine, but be sure to run the full recovery check as the Trezor doesn't fully verify the seed at the initial setup.
Whats your opinion on the Elipal Titan cold storage wallet?
Doesn't support 3rd party software for wallets and also doesn't implement Bitcoin properly, just keeps on re-using the same address over and over again. I would avoid it.
@@CryptoGuide what do u mean with using the same address over and over again?
Just bought the ellipal Mini and the passphrase Feature has no effect on the outcome...
.
Wrong and misleading, 12 words is more than secure enough. If you are watching this trying to figuring this out try to watch other information and not just rely in this video.
The main issue with this video is that it left out the most important factor, the BIP39 checksum, which is pointlessly weak for 12 word seeds, but quite robost for 24 word seeds :)
Basically, 12 words might be secure when it comes to entropy, but isn't safe when it comes to usability.
I only wish that my trezor model T allowed me to make a 24 word seed. Because it has a screen and the word never once appear on the computer... they consider 12 secure enough and only give you that option... I also permanently imprinted the seed into my HODLR disk cold storage device ($150 but so beautiful and functional) so I dont wanna simply transfer my coins onto a 24 word seed address, rendering my HODLR disk useless.
In the future I will buy another HODLR disk and create a 12 word but for now I'm stuck with my 12.
On the plus side, I can easily memorize 12 words in case I need to smuggle my crypto into another country lmfao!
BUT... I do have a passphrase that's like 50 characters long... so technically my seed is 13 words with the 13th word consisting of 50 letters. That's gotta come damn close to 256 bits!
Edit: I just found a passphrase entropy calculator and I learned that in total, my 12 word mnemonic plus passphrase has 298 bits of entropy! Still wish I had a 24 word seed though because then I'd have 426 bits lol.
USE THE PASSPHRASE FEATURE PEOPLE! It's future proof
Trezor T supports 24 word seeds just fine. You just need to initialize it with something other than Trezor suite.
@@CryptoGuide
It supports a 25 yes but it doesn't create a 24 when you set it up. It creates a 12
That's only if you are using Trezor suite. It can be initialized with a full 24 word seed if you use something like Electrum, Sparrow, or Trezorctl in the command line.
@@CryptoGuide
Ahh I see. Its all good now. After finding that entropy calculator I'm feeling great about having 298 bit entropy. Memorized 12 word seed and unforgettable passphrase will serve me just fine
Good to hear your sorted it. Just be sure to back up your BIP39 passphrase, you don't want to be one knock to the head away from losing everything.
If you bought a phone and just used it for crypto and didn’t worry about a hardware wallet because there a pain in the arse , would you be 100% safe ?
Providing you didn’t go on a fake website or clicked on a bad link ?
Nope
is the password done with letters or numbers?
Your seed phrase is only words that are part of the BIP 39 word list.
@@CryptoGuide so they are preset words i randomize?
Your wallet will generate them for you. Humans are terrible at picking secure passwords, so this is why your wallet does it for you.
@@CryptoGuide how can i trust a stupid piece of technology?
Is it safe? :"V
Don't trust, verify. I have a number of videos where I run through how to do this via validation of things like address generation, others where I demo DIY hardware devices.
Your best bet is to make a new comment thread, as TH-cam won't notify me of any subsequent replies you make here. (As the base comment in this thread is a year old)
Interesting info.
One part that I missed in this video is that 12 words seeds have a really weak checksum compared to 24 word, something which is particularly important if your wallet doesn't validate seed at onboarding properly like a Trezor T.
12 or 24 i don't feel like making a password....why can't coinbase just keep my crypto safe?
Not your keys, not your coins...
@@CryptoGuide :")
HODL to the MOON
.
Please suppress this BS video that misleads beginners. Today it's well known that a 24 words seedphrase doesn't give you more entropy than a 12 words one. In both cases, the entropy of your private key is 128 bits. This 24 words feature is completely useless and should be suppressed from Bitcoin.
This video actually misses the most important point which is that the checksum for 24 words is much better.
I'll probably redo it to include both this as well as SLIP39 type seeds as well.
@@CryptoGuide 128 bits is the MAXIMUM entropy of every single Bitcoin private key! Educate yourself...
"ECDSA and Schnorr are themselves 128-bits secure."
Adam Back, March 13th 2023
Period.
That's correct and it would be nice if it were that simple when it comes to seed length, but engineering doesn't work that way. For example, do you know what a checksum is and how strong it is for different seed lengths? (Or different schemes if you include SLIP39) Are you confident that data you selected on the input is actually 128bits of entropy? (If you used a TRNG it's probably fine, but if you used dice then maybe not)
@@CryptoGuide
The checksum's length in a seed phrase has nothing to do with securing private keys. It's purely for integrity verification. The actual security lies in the seed's entropy, which is robust against brute force attacks. Claiming otherwise shows a lack of understanding of how cryptographic security works.
Saying TRNGs are more reliable than dice rolls is flawed. Physical randomness from dice, when done right, can be more trustworthy than a potentially faulty TRNG.
Integrity of you backups is part of security of your overall setup, so I'm glad that you at least understand that such a thing exists. The issue with BIP39 is that the checksum strength is tied to the seed length, so 12 word seeds are extremely error prone. (Though this problem is resolved in SLIP39, so the 128 bit share groups are fine)
Dice are better in an ideal world, but both compensation for the base conversation with dice and accounting for dice bias is basically an unknown, but if you do enough rolls for 24 words you have more than accounted for both and can be confident that you still have more than 128 bits of real entropy.
There is no disagreement that 128 bit keys are cryptographically secure, but rather a question of what is best once all the factors for creation and use of a backup set are considered.
👍
👍
Glad it helped