PIN

MiguelLancaster

The security of your hardware wallet when it's outside of your possession isn't what you need to be focused on protecting, it's the security of your seed mnemonic Do your roommates know you self custody bitcoin? Do you trust your roommates? I'm assuming you don't -- because this thread you started -- so you shouldn't tell them that you self custody bitcoin Your hardware wallet has a PIN number for access, and should allow for it to factory reset itself after a certain number of incorrect attempts. That will protect your roommates from accessing your coin. But where did you backup your seed mnemonic? Does that also live in your rented room? If your roommates found that, that could be disastrous, there's no PIN on top of a seed mnemonic! Except there is. If you aren't already using a 25th word passphrase, do that. That will protect your seed words from theft. Now you're covered, so just one more question: Are you going to spend any of your bitcoin while travelling? No: leave your hardware wallet at home Yes: leave your hardware wallet at home, bring a hot wallet with a small balance

smartfbrankings

Because it's not like a gold bar, where someone needs to get past the PIN to actually access it. Because evil maid attacks happen.

rdyplayerB

Hi, Burner Bitcoin might be worth a look. It’s a credit card sized NFC hardware wallet that uses the same secure chip tech found in more expensive devices. No seed phrases (it uses a PIN code instead), no software to install. Just tap it to your phone and it opens BurnerOS in your browser, where you can manage your BTC. It’s currently on sale for $9 (normally $19). I’d recommend picking up a second one as a backup since you can duplicate them for redundancy. I don’t think I’m allowed to share the website link here, but DM me if you can’t find it. Happy to answer any questions. (Disclaimer: I’m on the team that built it, so I’m probably biased. But I genuinely think it’s a solid option worth considering.)

HSuke

I'm assuming the initial key exchange still requires people to talk to each other in person to exchange a PIN or something similar. And then they can talk over the phone while standing next to each other.

AstroRoverToday

For your ATM card, do you use a 4-digit PIN or a 6-digit PIN?

Dettol-tasting-menu

Your private key is actually very simple. It’s just a very very large number. That’s it. It’s a 256 bit number, so that’s just 101110101011101 etc etc. All 1s and 0s, 256 digits long. The words are just a human readable representation of this 256 bit number. 256 bit would translate to 24 standard English words (from a standard list), and some wallets choose to use a 128 bit private key (half as long) so that translates to 12 words. Both are plenty secure. Note no SHA256 is involved here. It literally transcribes a random binary number 1011001000101…. into words. Each word represents a 11 bit binary. You can google BIP39 word list and look at the mapping. 00000000000 is ABANDON, 00000000001 is ABILITY, 00000000010 is ABLE, etc etc. You can flip a \[fair\] coin, head being 1, tail being 0, do it 128 or 256 times, write down the result on paper and then manually refer to this word list and find out the English words, then you have your seed phrase aka private key. No SHA is needed. \>shares it safely when I need to authorize a transaction No your cold wallet never \*shares\* your private key, not sharing the key is the whole point of a cold wallet. It \*knows\* your private key but it will never disclose it. When you want to spend your coin, you put together a transaction -- like A (you) send 0.1 BTC to B (on this address). Once you (really it's your software paired with the cold wallet) put together this transaction details, it get sent to the cold wallet for signature. Cold wallet \*signs\* it with the private key, but never tell the software what the key is. Think of it like, your cold wallet is a guy hiding inside a secret room with a secret authorisation code, you slip a piece of paper (the transaction details) under the door, the guy picks it up and use the authorisation code to \*sign\* the paper. Once done, he slips the paper back out to you. You now have a signed transaction, fully authorised, ready to broadcast to the world, but you (your software) never get to see the authorisation code (your private key), you only get to see the final produce which is the signature, the signature can go public to the worlds. You must always make good back up of the words. Write it down on paper, or better yet stamp the words on steel plates. Never type it out on a computer, never take pictures of it with a phone (otherwise it defeats the purpose of using a cold wallet!) If you lose your hardware wallet (which holds your key) that's ok because it's impossible (or at least extremely hard) to extract your keys from the hardware, and your hardware is protect by your PIN, if the person picked up the hardware and key in wrong PIN a number of times your hardware just wipes itself clean. etc. So losing your hardware is ok as long as you have a copy of the words, again, that's your private key. You can buy another hardware wallet (even another brand, most are BIP39 compatible) and restore your private again using your words. so ultimately your 12/24 words are what you need to safekeep, everything else can be replaced, you can buy a new phone, a new cold wallet, new PC... as long as you have your words your coins will be safe. \>that is why I can use them to “restore” my wallet? Except that isn’t really restoring my wallet, just allowing me to authorize a new device to use Yes, you're restoring your private key, into any compatible wallet software or hardware. Your bitcoin is just information, it's not physical. It's just a bunch of words that you can memorise in your head and your coins follows you. And no one in the world can stop you from remembering 12 words.

lgopenr

You’re asking exactly the right questions, and they’re very common when people first get into Bitcoin self-custody — so let’s break it all down step by step, ELI5-style: ⸻ ✅ First, you are correct about this part: My actual crypto/wallet is stored on the blockchain. Viewable publicly, but any transactions from that “wallet” can only happen if I know the “keys”. YES. The Bitcoin lives on the blockchain, not inside your wallet. What your wallet gives you is control over it — by holding the private key. ⸻ 🗝 What are keys and seed phrases? • A private key is like your password to spend BTC. • A public key (derived from the private key) is like your bank account number, used to receive BTC. • The 12 or 24-word seed phrase is a human-readable backup of your private key. So, what determines if you get 12 or 24 words? • It’s usually a setting when creating a new wallet. • 24 words = more entropy = theoretically more secure. • 12 words = still secure, but shorter and easier to write down. • Both are recoverable across most wallet systems. ⸻ 💾 What does the Jade (or any cold wallet) actually store? Your Jade hardware wallet stores the private key, securely. Here’s what it does: 1. Generates and stores the private key inside the device. 2. Never lets it leave the device. 3. Signs transactions within the device. This means you can sign a transaction to send BTC, without exposing your key to the internet. So: • Yes, you set up a PIN on the Jade to prevent someone else from using it. • The Jade stores your key and requires PIN access to use it. ⸻ 🔌 What about plugging the Jade into a computer? Yes, you need to connect it to a computer (or use it wirelessly) to interact with the blockchain via a wallet interface (like Sparrow or the Blockstream Green app). BUT: • The Jade is designed to be “air-gapped”: your private key never leaves the device. • Even though it connects via USB or QR codes, all the signing happens internally. • This means even if your computer has malware, it can’t steal your private key — the Jade never exposes it. ⸻ 🔐 Can I receive or spend BTC without unlocking my Jade? • Receiving BTC? ✅ Yes! You can generate your receive address ahead of time and give it to others to send you BTC. (Your address = derived from your public key = not sensitive.) • Spending BTC? ❌ No, not without unlocking Jade. You must connect and use your PIN to sign any outgoing transaction. ⸻ 🔥 What if my Jade is destroyed in a fire? This is where your 12/24-word backup comes in. That is your wallet. • You buy a new Jade (or any other wallet that supports BIP39 — which is nearly all of them). • You enter your 12/24 words to restore your private key. • Boom: You now have access to all your BTC again. The Bitcoin is still sitting on the blockchain, and your seed phrase is the key to it. ⸻ ❓So… why do I need the Jade if all I need is the seed phrase? Good question — here’s the answer: • You can use the 12/24-word phrase directly in a “hot wallet” (like a phone app), but… • Then the private key lives on an internet-connected device, which can be hacked or infected. The cold wallet (Jade) protects your private key by: • Keeping it offline. • Never exposing it. • Letting you sign safely. So it’s like putting your money in a vault with one tiny opening — you can drop in money (receive BTC), but to take it out, you need your hardware device + PIN. ⸻ TL;DR: Cold wallet basics Thing What It Does Blockchain Stores all Bitcoin balances + transactions. Public ledger. Your wallet address A public identifier that can receive BTC. Anyone can send BTC to it. Private key Gives you control over spending the BTC tied to your address. Keep it safe! Seed phrase (12/24 words) A human-readable backup of your private key. Jade (cold wallet) Stores your private key securely + signs transactions without exposing it. PIN Prevents others from using your Jade even if they steal it. ⸻ 🔐 Why it protects you from online attacks Because: • Your computer or phone never holds the private key. • Only the Jade signs transactions. • So even if a hacker controls your computer, they can’t move your BTC without the Jade and your PIN. ⸻ If you’d like, I can walk you through a step-by-step process of buying BTC on Strike, setting up the Jade, and moving it safely. Let me know if you want that!

disruptioncoin

As I said, the PIN is entered in a trustless way. The password is not however, you type it right into your computer (the password is optional, but allows for a certain degree of plausible deniability if you use multiple passwords to make multiple wallets, AND allows you to protect your seed further in case someone finds it)

disruptioncoin

I prefer the Trezor One, simply because it's been out longer and has had more time for people to find vulnerabilities. It's also pretty cheap which is great for newbies. I'm sure all their newer products are great too though, and I really like the idea of transferring the unsigned/signed transactions to/from the device using QR codes for a truly airgapped operation. That's one thing I don't like about Trezor one, you have to plug it in, and you have to enter your password through your computer (not sure if that second one is fixed with newer models), but at least your PIN is entered in a trustless way.

Yodel_And_Hodl_Mode

KRUX! https://selfcustody.github.io/krux Krux is my favorite hardware wallet. It's free and fully open source, and it runs on off the shelf K210 devices. Right now, the best devices for Krux are the WonderMV ($65) or the Yahboom K210 Visual Module ($45). They have a touchscreen and a camera. The main difference is the WonderMV is metal and the Yahboom is plastic. **The benefits of using Krux as a hardware wallet:** It's airgapped. You use QR codes and a touchscreen. It's stateless. You can use Krux without saving your seed on the device. It's incredibly easy to use yet very advanced. The best way to use Krux is to save your seed phrase as an encrypted QR code. Then create another QR code with your decryption key. With Krux, you don't have a PIN code to unlock the device, since your wallet isn't on the device. Boot the device. Scan your Encrypted Seed QR. Scan your decryption key (or type it). Done! Your wallet is loaded. It's faster and easier to load your wallet on Krux than it is to enter a PIN code on most hardware wallets. The benefit of having a hardware wallet like this is, if the device gets stolen... no worries. Your wallet isn't on it. And if your QR code gets found, it's just a weird QR code that won't scan unless the thief knows it's encrypted and has an app that handles encrypted QRs... and even then... the thief doesn't know the decryption key, so they can't decrypt it. Use a strong decryption key and you've got rock solid security. Krux is free and open source. It's been around for years, but it's been picking up momentum since 2022. They've received grants from Open Sats and have been recommended by Crypto Guide, NVK of ColdCard, Ben from BTC Sessions, and many others. Krux is still mostly under the radar, but they're legit. Pair Krux up with Sparrow Wallet for desktop and BlueWallet for mobile, and you've got the best Bitcoin hardware wallet money can buy, at any price... and it cost you less than $70.

r_a_d_

It’s not an extra door… it’s another function after the same door. PIN and physical access let you do whatever with your funds, now it can also enable “Recovery” and export your seed as shards. So it’s no additional security risk because even without that ability, if an adversary could authenticate this far, they would have been able to empty your wallet anyways.

Evening-Relative-409

>Ledger Recovery Key: A physical NFC smart card enabling offline private key storage, allowing users to recover access to their assets by simply tapping the card and entering a PIN. It is built with Secure Element, the same technology used in Ledger wallet devices, and is protected by its own PIN. >Compatibility: The Ledger Recovery Key works specifically with the Ledger Flex and Ledger Stax wallets. It connects directly to the Ledger device via NFC communication, with no intermediary involved. I think it's an improvement.

Copyof

Your 20 word (or 12, or 24) key (seed phrase) can be used to still access Bitcoin associated with that seed phrase. Just buy a new cold wallet, input your seed phrase, and you'll have access again. Cold wallet (physical devices) holds your seed phrase and makes it easier to access your BTC. It usually has its own protection. Example: you set a PIN when you set your Trezor cold wallet up, so you can unlock it with that PIN instead of having to enter your seed phrase each time, or having a physical device lying around that anyone could use to access your BTC if they got their hands on. Most important thing to understand with BTC management is that no device, program, or software "holds" your BTC. It exists on the block chain and you're accessing it through the use of your seed phrase. Similarly though, if someone got access to your seed phrase they likely can access your BTC (some exceptions, such as using a pass phrase, or multi-sig to increase security)

Circusssssssssssssss

Self custody has its own risks especially over a long period of time make sure you research them  * A family member throwing away your hard wallet during a cleaning  * Losing the secret keys and or having them stolen * A family member or friend deliberately stealing from you  * The firmware for your device getting outdated and software not existing for you to extract the crypto  * Forgetting your PIN or passwords  * Getting held hostage (a problem in many parts of the world) Make sure you do research and get mitigation techniques like hiding your crypto on different continents (no joke the "Bitcoin Family" does this and of course they have to deal with the possibility the keys get lost) Now that there is widespread awareness of it, bad actors will try to steal your money. The financial institutions and financial system exist in part to protect your money; act outside it and you will have to handle the security yourself (think of all paranoid situations -- nothing is too evil for example fake wallets malware installed on premade computers or even printers and so on)

laumbr

I once used my PIN code to buy food, went out and back in. Forgot it. Same code I used for 10+ years almost daily. Cannot remember it to this day 15 days later. I was in the process of changing banks anyways so I just left the card and begun using the new one.

GeneralZex

So you installed BRD wallet, made a new wallet, wrote the seed phrase down which was stored in a security box that she only had access to. What happened to the phone that BRD was installed on? Was BRD locked with PIN or biometrics? Assuming she didn’t fall for a scam demanding her seed phrase, and the wallet/phone wasn’t compromised from afar in someway the only avenues for attack would be physically on the security box or the phone.

partymsl

PIN THIS. People nowadays haven't read even the first sentence of the BTC whitepaper.

CyclonicHavoc

Only if you’re using an identity theft service, which has been an unfortunate necessity for me for over seven years now. I’ve been a victim of quite a few major data breaches, so criminals have attempted to use my identity for everything ranging from opening bank accounts and new loans to stupidly attempting to file taxes with it. Luckily, the IRS provides me with a PIN every single year for this very reason and I have multiple identity monitoring services, some provided for no cost due to data breaches and others I pay for, such as Aura, who I have been with for many years now. As for my accounts, every single password I have is completely unique and has never been recycled, so in order to get access to any of my accounts, a hacker would have to have every single one of my passwords. For this reason, I imagine it would be an incredible pain in the ass for them to even remotely try to gain access to my accounts when I have hundreds, all different passwords with most having 2FA. Like others have said, I would not fret too much as much of the recent articles are hype, and we have yet to be presented with any real evidence showing that much of this data hasn’t been compiled from old breaches. As long as you’ve done what’s necessary to secure each individual account and aren’t recycling passwords, I wouldn’t panic… at least, yet. Lol. This isn’t the first time it has happened and will not be the last. As my husband (*an IT Technician*) always says, there’s no such thing as a safe computer.

wh977oqej9

Lot more effort? Last time I did that, I got my sats from my HW to Binance in 12minutes, including typing PIN in Ledger. When on Binance, it's then sold in 1 second.

diradder

For something to be outdated you would need to offer something better and more popular. So what do you suggest? Until then seed words and all its extension are not outdated. All the current alternatives imply more complex and demanding solutions than writing down 12 words, and many of them imply more trust/requirements/risks... but if you prefer them they exist (and unsurprisingly many of them still use seed words and just abstract them at some point, because BIP39 is a great standard): social recovery wallets, HW wallets secured with PIN/Pass, Smart Contract wallets on chains that support them.

cryptocurrencyfrenzy

Check out Cypherock Cover - it’s a non custodial inheritance service by Cypherock. 1. Setup Process: The user configures their Cypherock X1 device, which includes one X1 Vault and four X1 Cards. For each wallet on the device, the user can set up a distinct estate recovery plan. The user designates a nominee (e.g., family member, lawyer) and provides their email address. One of the X1 Cards is given to the nominee. The user sets a reminder interval (e.g., every 6 months) for activity checks. 2. Inactivity Monitoring: Cypherock sends periodic emails to the user based on the set interval to confirm activity. If the user doesn't respond within a 30-day buffer period, the estate recovery process is initiated. 3. Recovery Process: The nominee receives an email with instructions to begin the recovery. Using the X1 Card provided and a Cypherock X1 Vault (which can be purchased separately), the nominee follows the guided steps. The process involves decrypting the necessary information (e.g., wallet PIN) using the hardware, ensuring that the seed phrase remains secure and is never exposed online.

ToTheBatmobileGuy

Yubikey 5C NFC has many features and two methods of use: Methods of use: 1. USB (plug it into a PC or device) 2. NFC (tap it to a NFC reader on your smartphone etc) Features: 1. FIDO based authentication (aka "Security Key" or "Passkeys") 2. Static password (Yubikey turns into a keyboard momentarily and will type any password you tell it to (there are limits). Anyone with the Yubikey can access this password by tapping it.) 3. Time based one time codes (the 6 digit codes that rotate every 30 seconds) 4. OpenPGP 5. PIV 6. HSM 4 to 6 are irrelevant to you. Currently the smartphone Yubico Authenticator App can't modify static passwords, so to use this feature you will need a PC or Macbook of some kind. This leaves you with 1 or 3. 3 will be used with the Smartphone App. You swipe down on the screen and it will ask for an NFC tap. Tapping will show all the codes stored in the Yubikey unless you checked the "must tap to show" button when adding the account. To add an account, tap the button in the corner and tap "Add account"... scan the QR code or paste in the secret for the time based 2FA, and it will ask you to tap the NFC. Then it will store the secret on the key. You need to tap the NFC every time a new code is displayed (every 30 seconds) but you will almost always just input the first code you see so it's not needed to tap more than once usually. For 1, you need to register the FIDO key ("Passkey" / "Security Key") with a site. If you would like to use the Yubikey as a "Passkey"... then in the Yubico Authenticator Smartphone app you must open the options menu, and click "Change PIN" under "FIDO"... tap the key, enter the new PIN twice, then tap the key again to set the PIN. This PIN will be needed when you use the Yubikey as a "Passkey". Coinbase can register the Yubikey as a Passkey (ie. only the Yubikey tap + Yubikey PIN is needed to login to Coinbase) or a Security Key (ie. the Security Key tap + your Coinbase password is needed to login)... Each website lets you register the Yubikey in different ways. Explore the various websites and figure it out. You can not use a Yubikey to store crypto keys. Some Crypto wallets might have security key / Passkey based 2nd authentication, but you can't store a crypto wallet's private keys directly on the Yubikey. (Some wallets have a multisig setup where the static private key inside the Yubikey can be used as one of the signers, but this is too advanced for most people).

Niwde101

I have Keystone 3 Pro and used bitcoin only software. Done some trading with it and after a while it hits me that this kind of hardware wallet is a bit technical for someone who is a beginner in crypto space. Since I store my Sats in here, what happened if I suddenly pass away? Although I already told my wife about my PIN, it doesn't guarantee that she will be able to use it properly. So I decided to transfer my Sats into a more user friendly hardware wallets like Trezor and Tangem. Well, that's just me.

riscten

My preferred way of using Jade is [entirely stateless](https://help.blockstream.com/hc/en-us/articles/20144489592857-Use-Jade-as-a-stateless-signing-device). The device will forget your mnemonic after each power down. Every time you start it up, you'll set up a temporary signer and enter your 12/24 words. This is supremely secure as Jade basically holds no information about your wallet. If you lose it or it gets stolen, there's no way for anyone to retrieve your coins as the data isn't even there. It's also possible to make your own [SeedQR](https://help.blockstream.com/hc/en-us/articles/10426338606873-How-do-I-create-a-SeedQR-from-my-recovery-phrase). You can then point Jade camera's at the SeedQR instead of typing the words. If you do want to keep the mnemonic saved on the device, you'll need to set up a PIN and use the blind oracle. You can also set up [your own blind oracle](https://help.blockstream.com/hc/en-us/articles/12800132096793-Set-up-a-personal-blind-oracle) if you don't trust Blockstream services. But even then, if no blind oracle is available, you can always restore your wallet from the 12/24-words and passphrase, either in stateless mode, or on any other BIP39-compatible wallet (like Trezor). In other words, the blind oracle is only used to access the mnemonic and passphrase saved on the device, it is not tied to the actual Bitcoin wallet. It's as if the Jade was a safe, that you stored your mnemonic and passphrase in that safe, and the PIN+BO acted as the lock for that safe. If you have the mnemonic+passphrase also stored elsewhere, then you can still access your coins.

NiagaraBTC

That's not multisig. Don't split your seed like that. And using a safety deposit box adds unnecessary fees into this (if you already have one, use it I guess for a part of your backup) Deleting all the exchanges and hot wallets is not useful. If someone is targeting you they have information that you own Bitcoin - ie from the recent Coinbase incident. Either use a wallet like Sparrow that's only on your home computer (no mobile), or use a wallet that offers a duress PIN feature like Nunchuk or Bluewallet. Using a hardware wallet with a duress pin - like ColdCard - feature is also good. Whatever wallet you choose, use a passphrase.

HSuke

It's a normal Mastercard credit card that can be used anymore. No PIN since it's a credit card. You can get rewards in a cryptocurrency of choice, but I just get it in stablecoin since I don't want to complicate my taxes.

mecker-zausel

If you're not using an information in your memory, you can eventually lose it.  Hell, I suddenly forgot my bank PIN that I used almost daily. Had it committed to muscle memory, but when I tried to consciously remember it, nothing came up.  It can happen 

quetzalcoatl-pl

I do not know the 'cashapp' thing. But if he worked for you and requested you to pay via this channel - I can't see how this could be a scam or a risk for you, as long as you control how much you transfer. From its description on its website, "cashapp" is a "wallet" type of a service, So you should be able to transfer money (fiat or crypto) to that wallet, and make transfers out of that wallet. So, with your safety in this in mind, if you don't trust the app, just be careful to NOT send too much money to your 'cashapp account', do not enter to it any passphrases/passwords/PIN/etc to your other accounts, wallets, etc. Install the cashapp app, learn how to "deposit money" to that app, do deposit USD/etc in moreless enough value to buy what you need to send, then send the BTC to that guy. Depending on how much it is, you might want to do a test run first, i.e. if you have to send $1000 worth in BTC, deposit $50 first, convert and send it, and after recipient confirms he got it all, send the remaining $950. This way you will also learn about all the fees along the path, as when you deposit $50 and do everything, the guy at the end will likely receive less than $50 (there may be deposit fee, there may be USD<>BTC trade fee, there may be withdrawal/sending fee...)

ProtectionHour5091

Wait, they stole your Iphone and you had no PIN code to unlock? No faceID?

Amber_Sam

>**After verifying their identity**, the user selects the “send” option, chooses to pay to a Lightning address, enters the amount (1,000 sats), confirms with a PIN, and the transaction is completed, with the funds appearing instantly in the recipient wallet. I think I'll gonna skip this one.

adequate_redditor

All of these are non issues. Never enter your seed phrase on any website, never ever. Malware is also not an issue if the wallet is air gapped. The malware could change the receiving address if you copy and paste, but you can mitigate that risk by verifying the address after pasting. The other issues are risks but would only be an issue if you lose BOTH your backup words and HW wallet. For example if both are in your house and burn down. Someone stealing your HW wallet is not an issue as they require a PIN. Most good wallets have duress features against wrench attack.

VeryThicknLong

The press always chatter about BTC getting hacked, or being useless with quantum computing, but literally everything else that’s protected by encryption of any kind will be hackable. All your passwords, all your data, all your bank PIN numbers.

MicroRootAI

This actually sounds plausible, and not necessarily a scam—especially if your brother really did make the transfer and can still see the wallet with BTC in it. Back in 2011-2012, a lot of Bitcoin trades happened peer-to-peer, especially through forums like Bitcointalk. People would share wallet addresses, and security was often… loose, to say the least. If he received a wallet address and can still see the funds there, the critical question becomes: was this a wallet the seller controlled and simply showed your brother, or was it a wallet your brother was supposed to have control over? If your brother owns the wallet (i.e., it was created for him), then he needs the private key or the seed phrase (not a PIN). A PIN might refer to a mobile wallet app, but most likely, what’s needed is a private key or a 12- or 24-word seed phrase. That’s the only way he can access the funds. Sadly, if the other party never gave him that, it might mean your brother was essentially just shown a wallet that was never his to control, even if the funds are technically ‘there.’ That would mean the BTC was never actually under his ownership—just ‘viewable.’ Bottom line: If he doesn’t have the private key or seed phrase, he can’t move or sell the Bitcoin. Encourage him to keep searching all his old emails, backups, apps he might’ve used, etc. Don’t email the seller—that account is almost certainly long dead or compromised. This could be life-changing money, so it’s worth turning the house upside down.

Interesting_Loss_907

Your old device would still work. If you restore using your old seed phrase, you’ll see your existing coin balance using the new device. (But if someone else found it they couldn’t access your funds as they wouldn’t know your PIN # or passphrase).

Interesting_Loss_907

I’ve carried Trezors through TSA many times. Never had any concern & never any issues. Even if they did confiscate it, they wouldn’t be able to access it unless you wrote down your PIN code and passphrase & gave that to them as well. For $75 you could replace the device & restore with your recovery seed. So what’s your concern OP…?

riscten

This is the terrifying downside of being a gullible idiot. I mean if this story is even true... OP willingly gave some random people the mnemonic to their retirement money. It's as if they gave their SSN or the location and PIN to their personal safe to some guy on a spam call. Don't take this as an excuse to hand over your money to a crypto bank aka a centralized exchange. It's very easy, the mnemonic is only for yourself. Anyone who has it can spend the coins.

NoChanceItsHer

If you're going to be keeping it for a decent amount of time, why not use multiple passphrases? Then there's only one seed to protect and the passphrases can be relatively simple and are easy to switch in the Trezor app once the PIN is entered. It'll be so much less hassle for retrieving funds / sending without having to reset, change seed, switch back etc.

user_name_checks_out

> Is the paraphrase the same as the PIN I created? Passphrase. No.

red98GTSR

Is the paraphrase the same as the PIN I created?

user_name_checks_out

> Agreed. Single sig is fine. Even without a passphrase. If you have a 24 word private key, and a good hardware wallet with a PIN code.. that’s all you need. Digital media such as a hardware wallet is susceptible to failure and is not suitable for backups. So, whether or not you have a hardware wallet, you must store a backup of your seed phrase, on paper and/or steel. If you have a single sig wallet with no passphrase, then each backup comprises a single point of failure. I recommend using a passphrase, or setting up a multisig wallet. I do not recommend splitting up a single seed phrase into multiple parts.

Natural-Spirit3171

Agreed. Single sig is fine. Even without a passphrase. If you have a 24 word private key, and a good hardware wallet with a PIN code.. that’s all you need.

OrdinaryMacaroon5823

Biometrics sound secure, but they're not the silver bullet people think they are. Unlike a PIN, you can't change your fingerprint if it gets compromised and storing that kind of data safely is a whole other can of worms. Maybe Ledger and Trezor avoid biometrics because they know it adds complexity without necessarily improving real-world security. Plus, hardware wallets are supposed to be air-gapped and minimal adding fingerprint sensors introduces more potential attack surfaces. I'd be cautious about trusting less-established wallets just for a “cool” feature that might backfire.

viajador_AR

99.99% of burglars won't recognize a cold wallet. How many people are un crypto business in the whole world? 1%? How many of them can be robbers broking into houses, finding a Razor and thinking "voilá! I'll introduce the PIN and get away with 1M USDT!"

Cureflowers

i still have the wallet, and i guess i still remember the PIN

Aussiehash

>Can you please explain in simple terms what the actual ledger nano, with the PIN set on it 3 x incorrect PIN entry will factory reset the Ledger, such that if you lose the device, and have a strong PIN, you're pretty safe. Having said that Nano S is using older chips with more studied and recognised vulnerabilities to secret extraction (whilst Donjon is Ledger's team, see their papers on extracting seeds from competitor's hardware wallets). >Does that also mean if someone gets hold of my seedphrase, me having the ledger won't have any value Anybody with access to your mnemonic seed can sweep your funds at any time, they don't need your Ledger, they could enter the Mnemonic Seed words into a phone or desktop wallet and sweep all of your Bitcoin.

CaviarBiryani

My bad, I meant the seedphrase. Can you please explain in simple terms what the actual ledger nano, with the PIN set on it, does for security? Does that also mean if someone gets hold of my seedphrase, me having the ledger won't have any value?

drunkmax00va

PIN is only used to unlock your physical device. It has nothing to do with your seed

CaviarBiryani

Thanks for that mate. So, it means that PIN doesn't act as the 25th word? I just have the 24 word seedphrase and you're saying that as long as I have that, the PIN didn't add an extra layer of security on the actual asset? Can you please elaborate what is that PIN used for then?

Liminal_Fox

I think you are fundamentally misunderstanding what cold storage is. Your crypto is not "stored on a USB stick." Your crypto is stored on the blockchain. In fact, cold "storage" in some respects is maybe a misnomer. The only thing your cold wallet does is securely store your seed phrase. The cold wallet generates a seed phrase that never touches the internet and allows you to "unlock" your little piece of the blockchain so to speak. It stores your seed phrase, that is essentially all. When generating said seed phrase, you ALSO back this up by securely writing down as many back up copies that you want (preferably on metal). If your cold wallet is lost, damaged, or even stolen (you put a strong a PIN on it that would be extremely unlikely to be hacked) that is actually not a huge deal because you backed up your seed phrase. I can enter that backed up seed phrase into any new wallet and again unlock my piece of the blockchain. Nothing on an exchange really belongs to you. There is no such thing as FDIC insurance on any of the exchanges for crypto. It's not at all the same protection as putting your cash in the bank. You just have to trust a company's word that it'll always be there. Getting your account hacked is a severe possibility, but smaller things like an exchange suddenly putting a hold or ban on your account with no explanation (I see posts all the time and I myself for no reason had my Kraken account on hold for 2 weeks for no reason provided). And again, getting an account hacked is much more likely when on an exchange vs. off. To each their own, but I would never leave over a few thousand even on an exchange for very long at all.

Arbiter_89

Google "Paper Bitcoin Wallet" It looks pretty, but it's not recommended. If you're printing this, just to handwrite the seed phrase, then why do you need this at all? You can just use a plain piece of paper. It'll probably be more ledgible. If you're typing or generating your seed phrase here then how do you know this code isn't malicous? Even if it's not, how do you know there isn't a virus on your machine, searching for seedphrases? There's no security feature, so if you use this and someone else stumbles on your printed paper, nothing will stop them. No PIN. No Pass code. Lastly, paper wallets have a terrible reputation of accidentaly getting destroyed or thrown out. Use at your own discretion.

DeaderthanZed

I wouldn’t say they are being transparent…they are coming clean because they were probably about to be busted. This has been a known attack vector for years. And Zachxbt and others have been posting about coinbase customers getting social emgineered for awhile now. Personally I am feeling very unsafe right now. Going to check the kyc documents I have on file today and I hope it’s an old address. They can text and email me all they want I will never fall for it because I am the most skeptical mfer there is but I put my kids at risk by transacting through coinbase with coinbase having my PIN and that is not ok.

MiguelLancaster

where you store your hardware wallet is of almost zero consequence I leave mine out in the open, on my desk it has a PIN to access it that, if entered incorrectly more than 3-5 times will reset the device -- almost all hardware wallets have the same feature what is important is hiding your seed words if you're worried about those being found, you can use a 12/25th word passphrase which brings you to a totally different wallet than just the seed phrase on its own I have my seed well hidden, but I also have a copy with my parents as a backup Because without the passphrase *and* the seed words, a thief has nothing

Liminal_Fox

even if somebody steals it, the likelihood guessing my long PIN is low. even less likely to somehow hack the device itself

Liminal_Fox

I understand the fear. It's like wanting the comfort of a bank. So much scam protection and FDIC insurance, customer service, etc. with a bank. However, I had to realize that crypto is fundamentally different. I actually had pretty good customer service with Kraken, for example, but they fundamentally can do nothing once you get scammed AND give your seed phrase or send the coins. It just doesn't work that way no matter how good of a company the exchange is. I felt sick to my stomach when I first moved coins from an exchange to cold wallet, so I get the fear. It can take a bit of time and I had an "oh shit" moment for sure. However, it feels great once it is on there. It's like managing my own private vault. Keep those seed phrases secure and never online, make a good PIN, and that's it. Not sure what you used, but I went with a Trezor Safe 3 and it's excellent. Felt very confident with its set up instructions and provides a lot of prompts to verify every sending or receiving.

Fishnshoot

The passphrase is the 25th word that is hardware wallet specific? Apart from the 24-word seed phrase. Also my wallet has a PIN? That’s just to turn the device on?

Cactusjack666226

Are you the prince that keeps calling my grandma???? She misses you, not even a how you doing just bank routing number, and new card number with the PIN number. She won bingo two weeks ago just so you know, but you never ask.

LNCrizzo

That's a Ledger cold wallet. No one can get into it without the PIN, but if you are moving a billion dollars on it you better hope no one knows or you'll get wrench attacked.

Aromatic-Clerk134

Without the PIN, the hardware wallet is useless. You can memorise the seed and..that’s it.

Amber_Sam

I'm using Jade Plus as a "temporary signer" without the PIN feature, usually with bluewallet, no issues whatsoever. Fully air gapped, never used the USB cable nor Bluetooth. Now that I'm thinking about it, isn't Bluetooth causing some of the issues like when closing Green?

Flaky-Leadership-749

Battery is a relatively inexpensive repair. ifixit has guides on their website for DIY Parts from mobilesentrix do me well, usually You'll likely need the PIN though

wagglyears

AI coins IMO will pump hard if this bull run gets going DSYNC, GPU, PALM, PIN, PAI

Crypto-Guide

You can store seeds, wallet descriptors, etc, and use it with SeedSigner. (Or an offline phone/PC) It's basically like a USB stick but a lot more durable and also has hardware protection like a PIN that wipes after a set number of attempts, so you aren't fully dependent on the strength of the encryption key.

riscten

You are trusting them with USB drives that are ultimately protected by at best, a 20-character numerical PIN. Assuming the PINs were selected randomly, that's less than 67 bits of entropy, equivalent to a 10 characters (upper/lower/numeric/symbols) passphrase.  Practically, this is less safety than splitting a 24-words mnemonic in two 12-words sequences, distributing one half to the heirs and the other to the DMS service.

rnvk

Yeah, the PIN alone wont let you change the policy limits

Odd_Science5770

Yes. I use deadmansswitch.net. It's just a one-time payment, and they accept Bitcoin. HOWEVER do not ever use this to distribute your seed phrase directly. I gave my family an encrypted USB stick, one of those with a physical keypad on it. If my dead man's switch is ever triggered, it will simply send the PIN-code for the USB stick. On the USB stick, there are PDF files with detailed instructions on how to find my seed and reclaim the funds.

FuelZestyclose3541

The purpose is to limit how fast the Coldcard can be drained if it was stolen along with the PIN?

Mochi101-Official

But, but, almost everybody carries a bank card and a PIN in their head. Surely this would be easier for a person in distress to remember. Four numbers versus 12 words.

EatMyNutsKaren

Also, any cold wallet is good, none is better than the other, they all do the same thing: keeping your keys. Just keep your PIN and seed phrases OFF the Internet.

Knurlinger

Yes but they need the PIN code to unlock the trezor.

Anonymous_Lurker_1

I have an Android, so can't speak for iPhone. The app works fine in that you can access and view your balances, etc. Its just a Lite version of the desktop version. I haven't looked in to sending or receiving from it however as I just prefer to use the computer. I'm wary of using my phone, as although I'm 99.9% certain I've not accessed anything dodgy, you never know what might have something built within an app/website that compared to a computer with anti-virus/malware could hopefully pick up on. Obviously, as long as the seed is stored sensibly, the PIN is entered via the Trezor, so any issues are unlikely... I just don't. A passphrase wallet is also accessed via the Trezor too btw. There is an option to enter it via the keyboard - but that seems to defeat the purpose of security/passphrase. There was a news article a week or so about a cache of seemingly new legit-looking Android devices found that were all pre-loaded with crypto-stealing software.

pqrs90

Good on you for protecting your bitcoin the way you are. My method is and I’m not saying you should do the same is I use slip 39. My shares are distributed in various private underground vaults geographically independent from one another I have one share with me a passphrase and the shares are on a steel plate. I keep my hard wallet with me with an extra PIN number I can enter if necessary which will wipe the wallet. Trezor5

NiagaraBTC

You are way over reacting to the tiny future risk of quantum computing and way under reacting to the small but current risk of having your cold storage balance carried around with you on your phone, and thereby being targeted for a wrench attack. Don't have your main stack knowable on your phone unless you have no other option and also are using a wallet with some kind of decoy password or PIN (Nunchuk or Bluewallet are good for this).

Azzuro-x

"It is the Ledger of my brother, I don't know the PIN"

Zombie4141

That’s a lot of money to have for someone who listens to astrologers. I would think people like this could be easily scammed. Personally I would tell your mother to buy like $100 worth and practice sending it from an exchange, to a hot wallet and back to the exchange and then to a cold wallet. And so on and so forth. I would tell her to research hardware wallets, and what a seed phrase, passphrase, PIN number are and proper ways to secure them. The do’s and donts. Then I would try to teach her about possible scams and how to avoid them. Then I would teacher about different hacks. After she can use bitcoin and properly store it. She needs to know that it could go down tomorrow to $60k and there could be a buying frenzy between governments that makes it go through the roof. Nobody knows. But what we all know is that if she holds it for 4 years she will be in the green. Bitcoin is a long term investment. But it’s extremely volitile.

__Ken_Adams__

Exactly. The PIN within a bitcoin wallet is only tied to that instance of that wallet & is unrelated to the seed phrase. If you have the seed phrase it will be valid without the PIN.

110010010011

Do whatever works for you. Don’t bother caring what people here think. In many ways an ETF is a far safer bet than holding actual BTC and it will give you the same leverage. In another post in this subreddit I’m helping a guy whose senile grandma threw out the seed to allegedly 40 BTC. She thinks she might know the PIN to her Ledger, but if she’s wrong, millions of dollars will evaporate after three tries. Personally, I have a pretty elaborate set up to ensure both the security of my wallet seed and the ability to pass it to my children/family if both me and my spouse die. If grandma or I had all IBIT, none of this would be a problem.

110010010011

If the Ledger device still works and has not been erased the funds are fully recoverable with the PIN. It is important to get the funds off of the device asap as it is likely several years old now and is the sole access point for the Bitcoin. If the device fails, the funds are gone which is why it’s important to secure the 24 words as a backup. I would honestly just send the funds back to Coinbase for now, so you’ll need to get into her Coinbase account and find a wallet address to send the funds to. Once the funds are on Coinbase, you can erase the Ledger and generate a new seed, which generates a new list of 24 words. Write those down and keep them somewhere fireproof and safe, and then transfer the BTC back to the device if you don’t want to keep it on Coinbase. There are some common issues that arise when using an old Ledger. They came with a Micro-USB to USB-A cable. Many newer computers don’t have a USB-A port, and a convertor (from A to C) will not allow the Ledger to authenticate. It needs to be a Micro-USB to USB-C cable. You’ll need to install Ledger Live onto the computer. Make sure you get it directly from Ledger’s website. Ledger Live might want to force a firmware update on the Ledger. This is extremely risky since a failed update might erase the device. I’m not sure if there is a way around the update. I’d have to look into it. At the very least, you can confirm the PIN works by powering on the device with a USB cable and trying to unlock it.

Tax_Deez_Nuts

Hi, My mom finally responded and said she has memorized the PIN, it’s the 24 words she accidentally threw out. Does this change anything?

110010010011

It’s probably a Ledger Nano that needs to be plugged into a computer with a USB cable to function. So there are two passwords to look for. The first one is a PIN. It’s likely to be either 4 digits or 8 digits. Ask her if there is a 4 or 8 digit number she would typically use. I would try the PIN to her ATM card first. People might also use a birthday or the code to something like a safe or garage door. You can try some PINs but the device will eventually erase itself after to many incorrect tries. The second password to look for is a 12 or 24 word list. This is the recover phrase for the wallet. You can literally erase the ledger and still be able to recover the wallet if you find this list. Ledgers come with little cards that these words are expected to be written on. One might keep that card in the original box, a safe, or a safety deposit box. It will look like this: https://cryptopotato.com/wp-content/uploads/2018/01/ledger_nano_s_4.jpg The recovery words are only words on this list: https://www.blockplate.com/pages/bip-39-wordlist So if she saved these 12 or 24 words on her computer (which is a terrible idea btw), she might have saved the BTC after all. Perform a search on the computer for literally every word on that list until you find a document with a list of them.

Vakua_Lupo

For the average person to safely store their own Bitcoin we need to move away from Seed Phrases, and make Wallets more like a Credit Card with a PIN. Tangem Wallet is a good start.

SessionDesperate6772

Something you could do is to buy one cold wallet for each one of your heirs. You set up the wallets and imput in them the amount of BTC you want to donate. You can give them the wallets and you tell each one of them that the PIN, SEED PHRASE AND PASSPHRASE will be send to them 2 months after your death in an e-mail. All you will have to do is to use the ´Innactive Settings´ of Google to automatic send them an e-mail with all information needed to disclose the wealth (seed phrase, passphrase, pins etc) if your main e-mail stays innactive for 2 months for example (nobody leaves a main e-mail innactive for such a long time, do you agree with me?) You won´t have to spend no money at all. They will have the cold wallets in their hands and you solved the situation in a way that there will be no arguments, quarrels,, discussions etc. Hope I have helped you...

Any-Demand-4687

Even if I can set the PIN code and the recovery phrase?m, buddy?

Any-Demand-4687

Even if I can set the PIN code and the recovery phrase?

Any-Demand-4687

Even if I can set the PIN code and the recovery phrase?

Btcyoda

The first question is more or less answered by others below and is a basic guess, not to mention it is possible to upgrade Bitcoin before that treat becomes a reality. Your last question; it will be as safe as you taping your bankpass with the PIN written on it on an ATM. The whole Bitcoin system is based on you doing some thinking yourself. Not just assuming things or believing others but to verify. You can formulate the right questions after some help, so you can think. Especially that last question is rather straightforward, isn't it ?

PlasticEyebrow

Trezor is cheap, good and secure. Coldcard, Jade or some others are more expensive and offer airgap functionality, make it just a bit more secure. Just choose what suits best. Are you gonna put your life savings on it? I would go for an airgapped one... I have a Trezor one and a Coldcard Q. The coldcard is 4 times the price of the Trezor one, but has a lot of extras like the mentioned airgap, but also secure notes and Duress PIN setups.

-ctyrka-

No problem. Do not set up PIN that is shorter than 4 digits. If somebody steals your Trezor, it will factory reset after I think 14 unsuccessful attempts, which is why you will have your physical backup in place. (Always test it before sending any Sats there - this will make sure you didn’t make a typo). Trezor also has a functionality that will factory reset after entering specific PIN. So set it to e.g. 1234, 0000 or something truly stupid that thief may try first. I can also recommend Panzer glass privacy that blurs the screen from other than direct angle, if you plan to use it outside. And don’t forget to read and study little bit about passphrase functionality and Shamir backup which I personally consider as the best approach in case you plan to invest/save longterm in btc. Respinsibility comes with the power, fingers crossed 😉

LuptinPitman

Physical control of an air-gapped wallet doesn't make it a forgone conclusion they will be breached. There are various ways to use air-gapped wallets and I'm not aware of any that don't also rely on a PIN or passcode of some sort or actually being devoid of private keys entirely until used as a temporary signer via QR seed or manual recovery seed entry.

Capital-Cost-9354

Can someone give me some insight? Been with Coinbase for a long time, yesterday I went to the app and I was logged out. They also removed my PIN code that’s required to get into my app bro, every sketchy from Coinbase and not sure if I should transfer my portfolio to another exchange that this will not happen on.

xanmoth

And every Windows computer in the world encodes the user PIN with it as well.

Quirky-Reveal-1669

A good hardware wallet keep your private keys on the device at all times. It is secured with a PIN and/or passphrase. The seed is your back-up and it should be stored separate from the wallet. If you have all that properly in place, losing your hardware wallet is hardly a problem.

ManlyAndWise

Thanks! I will investigate what a duress PIN feature is!

Full_Possibility7983

First, never trust your memory, which also works poorly after you've been hit by a bus. Memorizing your hardware wallet PIN is ok, a private key or even worse a brain wallet is a no-no. Please do not listen to anyone suggesting DIY was of generating seeds, concealing your words, splitting them 12/12, etc. these are in the best case useless mambowambo, in the worst, more realist, case a good recipe for disaster. Stick to the standards: BIP 39 seed (12 or 24 words) generated with GOOD entropy (either a secure element or throwing dice yourself, without shortcuts), add a passphrase if you want, but remember that's a critical piece of information that you must protect, keep safe and separate from the seed. You should store those two pieces of information on steal, possibly create multiple copies geographically distributed (friends, families, your properties in different jurisdictions). Instruct your family, heirs, lawyer where these things are located, remember the bus chasing you. Consider multi-sig, use standard patterns like 2-of-3 or 3-of-5, don't get too creative. You can have multiple copies of the seeds and multiple instances of each hardware wallet used for signing. Same as before, distribute geographically, leave instructions for your heirs. The items below are promising/interesting but I would not recommend quite yet because they are either not battle-tested or not standard enough at present time: \- software like Liana, which uses smart contracts for enforcing "complex" rules, like a dead-man switch \- seed in SLIP-39 format, where you can assign Shamir-Share-Secret shares with different quorums (quora?) to different groups of people (partner, familiy, friends, etc.) As for initial posting, I'd be nervous leaving a seed in a safety box in a bank without a passphrase, in principle they can access it (even legally).

cypherblock

Ok, so "signed back into the same wallet", I'm not sure what that means. Exchanges like coinbase have a login, but don't typically give a seed phrase for the coins they hold because those are custodial wallets (coinbase or whatever exchange controls the coins on your behalf and you don't have direct access to the private keys). On the other hand some mobile apps will generate seed phrases and give you full control. This is generally safe for small amounts of coins but can be pretty risky for larger amounts. These apps generally have a 4-8 digit PIN to let you login. Also "already deleted it" -> I assume you wrote down the words first :) Anyway, I guess as long as you have access to the coins now, and can successfully move them to an exchange you trust to sell them (assuming this is what you want to do), then you should be fine if you do that quickly. If you plan to hold a good amount of coins for a while, I would recommend a hardware wallet. Have you tried moving/selling any coins yet?

NiagaraBTC

Use a steel backup. This makes physical destruction extremely unlikely. Use a *strong* passphrase (or do multisig). Don't store the seed words together with the passphrase. This makes burglary impossible. *Don't* memorize your seed words. Use a hardware device with duress PIN features. This makes robbery unlikely to succeed. Sleep well at night.

FuelZestyclose3541

If you know what you're doing you can use an old device where you disable any wireless communications. You'll be missing the secure element that destroys the seed phrase after too many incorrect PIN guesses, though.

Nemozoli

Get into an account that holds all your spare money, more like... If you have a bank account, if you forget your PIN you can validate yourself with documents, IDs etc. to the account the bank holds for you, but in the case of BTC, your "password" (seed + passphrase) IS your account.

MannysBeard

Yes. You don’t need to connect your wallet to receive crypto. It’s like giving someone your PIN or bank login details to access your account in order for them to pay you - you don’t do it.

desexmachina

If you found a wallet w/ and ATM card and a PIN number on the back, it would be illegal to withdraw funds too. Maybe we should go to r/askalawyer

Ok-Wave7829

Tangem works on apple and does not store your crypto just your seed which has a PIN number to access like a regular debit card they also do a ring with the cards now which I think are rather cool 😎