pull down to refresh

So in the end it seems like the security game in this scenario has changed from having to secure 24 words (plus a passphrase optionally), to securing a single passphrase, which arguably is much easier.
It depends. The advantage the passphrase has in this scenario is that it is easier to memorise (i.e. backup). But it can also be bruteforced if not of sufficient complexity.
I think your idea has merit, but the best answer is to stay away from Ledger Recover altogether.
For sure, for technically capable-people it's not a good idea as it goes against sovereignty. But for normies... they freak out when they hear they need to secure 24 words somewhere... Multi-signature is another option but again it's just not for beginners really. Beginners need to know someone has their back, even if they need to pay a monthly fee like to Ledger.
Having this as just an additional option I think makes sense, I heard Pascal the CEO of Ledger talking on the WBD podcast and he does make some valid points... the current best practices we have work just fine for a small set of people, the rest get freaked out and keep their money on CEX platforms which is a terrible idea.
Indeed the passphrase can be brute forced, but you can adjust your security depending on the threat level. If you're like a potential target in a hostile country or something like that, you want to go more secure; if you're in a relatively peaceful place where the possibility of seizure is not that high, I think you can get away with a shorter one, just so you fend off any smaller attackers that might get a hold of your seed phrase.
So for myself and close people, I'm sure I'll definitely stay away from such a service, as I can secure my seed just fine by myself. But I can see some cases where I talk about bitcoin to less technical people and seed phrases come up, and the option to use such a service might make sense for their particular situation.
reply