Überlegungen zur Speicherung von Passphrase und Seed

[root_s2yse8vt]

Up

0

Down

::

Ich erwäge, meine Daten als solche zu speichern:

– Passphrase offline
– Auf Passwort-Manager wie KeePass setzen

In den meisten Artikeln oder Beiträgen, die ich gesehen habe, wird empfohlen, den Seed offline zu speichern, aber viele dieser Personen haben keine Passphrase eingerichtet, so dass ich das Risiko verstehen würde, dies nicht zu tun.

Aber würde es bei der Verwendung einer Passphrase einen Unterschied machen, ob man die Passphrase oder den Seed offline speichert?

Ich frage, weil es für mich viel einfacher wäre, mir eine persönliche Passphrase zu merken als eine zufällige Kombination von Wörtern, falls ich die physische Kopie verlieren sollte.

Ich bin dankbar für jeden Beitrag. Danke!

[pifumd]

Up

0

Down

::

there was another thread recently about exactly this topic. https://old.reddit.com/r/ledgerwallet/comments/rs180p/25th_word/

i can understand the thought process „if an attacker needs *both* seed and passphrase to get to my funds, and only 1 is kept in a manager, what’s the harm?“

the problem is with keeping the seed in the manager vs the passphrase. especially in the hypothetical you’re talking about where you would ‚memorize‘ the passphrase. your seed is way more resistance to being cracked than anything you could likely memorize (that’s probably an understatement). so in the event your password manager is compromised (or your machine is already compromised) 1 the attacker is going to recognize the seed as a seed, and 2 now all they have to crack is your ‚memorizable‘ passphrase.

the opposite scenario – keeping the seed offline and storing the passphrase in a manager, is a better scenario imo.

[Whitehatnetizen]

Up

0

Down

::

Hey, do what you want, but you will be ignoring ALL warnings, everything that makes a cold wallet a cold wallet is that the seed phrase and private keys NEVER touch an internet-connected device, in ANY form.

Have a read through this thread: https://www.reddit.com/r/ledgerwallet/comments/rrsvk6/all_my_crypto_assets_are_stolen/?utm_medium=android_app&utm_source=share

The guy took a photo of his seed phrase and stored in his cloud drive.

I know you have a passphrase, but think about how you can store your seed offline.

[p4tz3r]

Up

0

Down

::

Store the password in a password manager. Store the seed phrase offline. That’s the only approach that makes sense.

If your password is compromised you can reset it. If your seed phrase is compromised you have to transfer all assets to new accounts with a new seed phrase (assuming they’re not all stolen in the interim).

[Huth_S0lo]

Up

0

Down

::

Theres only one way to store a seed. Hand written on a paper.

[metulburr]

Up

0

Down

::

Passphrase is not as secure. So you are weakening your protection by giving up the seed basically. You might as well consider your passphrase the only protection then. Do yourself a favor and do not type your seed into anything other than a ledger, PERIOD. You only need a seed in rare occasions of theft or failure. It’s not like you need it for transactions. Why subject it to be compromised so easily when you so rarely need it and it is the highest protection you will get?

[hashgraph9]

Up

0

Down

::

do not store your 24 words NOR your 25th passphrase online.

stamp your 24 words on a metal plate, hide it somewhere safe and only you can access. and for the 25th word, memorize it. and write it on a small paper that can be easily hidden somewhere else that’s not in the same location as your 24 words. there’s a chance you might forget your 25th passphrase someday…even 1 character off would mean you won’t be able to recover the acct.

idea: you write that passphrase on a small piece of paper and stash it in a pen. then store that pen at your work hidden in your personal locked cabinet. just a random idea. don’t actually use this idea because your coworkers will steal your pen. and if that happens, you would be in a „pen…IS missing“ situation.

[Autor]

Beiträge