Hiding a seed phrase \ stacker news ~meta

4696 sats \ 20 comments \ @Billy_Dow 6 Sep 2023 meta

What are some cool and interesting ways you hide/store your seed (long term)?

My seed is hand written and lamminated then put in a sealed vacuum sleeve then is under the substrate layer in my fish tank. I have 1 orange fish in there called Satoshi and he protects it for me.

Interested to hear what out side the box ideas you guys have come up with. If your spot if rather boring try and come up with an idea to share instead.

✌️

view all related items

2356 sats \ 0 replies \ @orthwyrm 6 Sep 2023

Simple 2-of-3 multisig hidden across different geographic locations I check regularly.

Each backup contains a paper copy of the seed, the HWW device (ColdCard Mk4), and the xPub quorum for all 3 keys. Backups are stored in waterproof, tamperproof bags and further enclosed in a plain manilla envelope.

It's tempting to do elaborate backup schemes the same way Voldemort hides his horcruxes, but simple is always best.

579 sats \ 0 replies \ @SatsCats 6 Sep 2023

I love the fish names lol

I've memorised my phrase but now that I'm moving to multi sig I need to think of a new way

52 sats \ 10 replies \ @phygit 6 Sep 2023

Generally speaking, I'm against storing seeds in physical forms (and totally against writing them on pieces of paper, as it still wrongly recommended by so many wallet providers...).

There are plenty of clever ways to store them digitally. To name only 3:

. Password Managers (Bitwarden and others) Store your first 6 words on one PM, the last 6 on a second one. These apps are secure and strongly encrypted. An attacker would need to crack your device (phone or computer), then crack the 2 apps to get full access to the seed. Pretty safe. And if you're really worried, you can extend the idea to 3 password managers with 4 words on each.

. Images I know people who hide their seed in "plain sight" by typing them inside a random image (like family picture). They usually do that using very small fonts so you would need to zoom in multiple times to actually see the words. You just need to remember which image of your database plays this specific role (could be a picture with a special meaning only to you). Doesn't look very safe at first sight, but make sense if you have a large image database (the idea is that an attacker would not look into images and, even if they do, will have to check thousands of images one by one to try to detect something).

. Partial storage Seed word being simple, dictionary words, it's quite easy to remember a few of them. Just store safely a part of your seed (say, the first 9), than keep the last 3 in your brain. Not totally safe, as the computing power required to find the 3 missing words when you know the others is not that high, but still a long way to go for an attacker: first cracking an app to find the 9 words, then working out to find the last 3, without knowing where they are placed, and without knowing if it's worth it (nobody knows how much money is in your wallet).

Anyway, I still dont' understand the fuss about seeds. Securely storing a list of 12 words is not that difficult (although I'm not crazy about your fish tank idea).

1302 sats \ 3 replies \ @pillar 6 Sep 2023

For anyone reading, I would like to say all of these methods are flawed for various reasons. Please, read on regular, simple best practices instead of doing funky approaches.

10 sats \ 1 reply \ @phygit 6 Sep 2023

What is truly flawed is the general advice, that I've seen dozens of times along the years, recommending people "to write down the seed on paper and keep it in a safe place". It's just plain absurd.

Nothing "funky" in using apps designed for encrypted storage of sensitive data, already storing all your most important data (id/passwords, bank cards etc.) to also store your Bitcoin seeds.

0 sats \ 0 replies \ @ek 6 Sep 2023

Nothing "funky" in using apps designed for encrypted storage of sensitive data, already storing all your most important data (id/passwords, bank cards etc.) to also store your Bitcoin seeds.

That's a good point. But the main difference between bitcoin and your ID, passwords and bank cards is that most actions can be reversed by a central party or LE can attempt to do something.

With bitcoin, no amount of LE will probably help you if you lose your bitcoins

0 sats \ 0 replies \ @orthwyrm 6 Sep 2023

agreed

0 sats \ 2 replies \ @btcthinker 6 Sep 2023

Physical storage is correct. The risk of any digital storage or network storage is much higher than that of physical storage.

A cheap sheet of metal can be carved more safely with a carving knife than write paper.

Don't trust memory too much, people's memory is quite insecure. Most people can't remember what they had for dinner yesterday.

Any electronic product has the risk of breaking. Never think that it is safe to store it offline in a flash drive（SD card/SSD).

0 sats \ 1 reply \ @phygit 6 Sep 2023

The problem is not just the material you use, but where you keep it. Most people don't have a safe at home (and even if they do, it's not 100% secure). Metal or not, your physical seed can be lost, stolen, burnt...

Most people can remember many the names of persons (2 or 3 complex words) for decades. I don't see why they could not remember 3 or 4 simple dictionary words.

0 sats \ 0 replies \ @btcthinker 6 Sep 2023

A safe is an obvious target, why is it considered safe to place it in a safe? Everyone has their own method of storing items, and usually adding a passphrase is much safer.

The human brain has a hard time remembering random things, even just twelve random words.Even a random eight-letter password is impossible for most people to remember.

0 sats \ 2 replies \ @ek 6 Sep 2023

These apps are secure and strongly encrypted.

Wasn't the case with LastPass

And if you're really worried, you can extend the idea to 3 password managers with 4 words on each.

If you're really worried (like I am about my regular passwords), I would self-host the password manager (for example using vault warden) and hide it inside a VPN.

I know people who hide their seed in "plain sight" by typing them inside a random image (like family picture). They usually do that using very small fonts so you would need to zoom in multiple times to actually see the words.

Zooming in? You sure? I thought you were taking about steganography

partial storage

This idea seems flawed since it's a bad trade-off between you forgetting them and an attacker having to brute force just 3 words in case.

If you make the position non-trivial, you also have to remember that.

You won't be able to keep up with an attacker with enough resources to brute-force the words+position vs you trying to not forget them

Securely storing a list of 12 words is not that difficult (although I'm not crazy about your fish tank idea).

Securely storing it for extended periods of time is.

21 sats \ 1 reply \ @phygit 6 Sep 2023

Yes, I'm sure about the zooming. I didn't mention stegano because it's obviously more complex.

As I said, partial storage + memory is not ideal, but the main idea is that an attacker would hesitate to try to brute force a seed without being sure of how much money is attached to it. Too lazy to make the calculations, but pretty sure it would cost some money to brute force 3 out of 12 words without knowing the positions.

0 sats \ 0 replies \ @ek 6 Sep 2023

but the main idea is that an attacker would hesitate to try to brute force a seed without being sure of how much money is attached to it.

I see. Didn't consider that. Good point.

10 sats \ 0 replies \ @TomK 7 Sep 2023

Good thread with important suggestions and hints. Thank You all!

5 sats \ 0 replies \ @Lux 6 Sep 2023

https://imgprxy.stacker.news/LApTK3HDT6SzuojbiCHXjoRzgAKOa4Pec0_4oN-ZzEY/rs:fit:600:500:0/g:no/aHR0cHM6Ly9pLmliYi5jby9jOEZ3UnhNL0lNRy0yMDIzMDkwNi0yMDQxNTYtMzU2LmpwZw

2 sats \ 0 replies \ @billiam 6 Sep 2023

I have a parrot that knows the words by heart. His name is Hal.

0 sats \ 0 replies \ @Jon_Hodl 8 Sep 2023

I don't have a place that I would necessarily keep it but I have a list of characteristics that I think would make a good place as well as a number of places that I would try to avoid. You can find all of those in this article I wrote about it. https://www.whatisbitcoin.com/security/store-your-seed-phrase

Also, I think there are a lot of good ideas in the geocaching community that are next to impossible to find unless you know that something is in a specific location and you know what to keep an eye out for.

There are also a lot of hidden in plain sight sort of products that you can buy that look like a soda can or a head of lettuce but those are probably best suited for people who live alone.

0 sats \ 0 replies \ @Zepasta 6 Sep 2023

I have seen people using AI to create a beutiful QR Code Art, like this:

https://imgprxy.stacker.news/2utjx-KabYIrVk_mU29nSqzbdlYsioV_sQIOcL0t0Kg/rs:fit:600:500:0/g:no/aHR0cHM6Ly93d3cuc3RhcnRwYWdlLmNvbS9hdi9wcm94eS1pbWFnZT9waXVybD1odHRwcyUzQSUyRiUyRmRhdGFjb25vbXkuY29tJTJGd3AtY29udGVudCUyRnVwbG9hZHMlMkYyMDIzJTJGMDYlMkZIb3ctdG8tbWFrZS1BSS1RUi1jb2RlLWFydC0zLmpwZyZzcD0xNjk0MDE0MzUwVDljMTZiMTBhMmExMmRlN2MwMTIxNDM4YzQ2ODA5NmFlNjFhNjI2YTJhMWU3ZjlhYWY0OWE0ZDcyY2EwYmJlYjc

You can store your seedphrase in a QR Code. I reccommend using a passphrase tho.

0 sats \ 0 replies \ @Natalia 6 Sep 2023

Make a poet out of it, but leave one word out; if people figure it out, one word is still missing
Separate it into three parts and put it into different places
Use TailsOS with a super normal USB stick that nobody would had guess
Connect them with a story and memorize it with my brain

0 sats \ 0 replies \ @Chep 6 Sep 2023

Memory