Reddit Posts
I lost ALL my BTC yesterday, this is my story so it won't happen to you
TRIVIA for MOONS - Play Trivia for a chance to win from a pool of 1,000 MOONS. Tuesday December 19th 2023. 7 am EST (6.5 hours from this post). On Kahoot and YouTube Live!
Blockstream jade - what happens if you lose your SeedQR?
Self custody wallet planning for stacking (now) and spending (later)
Gigantix Wallet - The New Era OF Secured Cold Wallet
TRIVIA for MOONS - Play Trivia for a chance to win from a pool of 1,000 MOONS. Monday November 20th 2023. 9.30 pm EST. On Kahoot and YouTube Live!
Any open source, encryption based, 3/5 multi factor wallet already available? If not, can this be developed?
Please help me with this MetaMask/ Trezor problem.
How to Secure Your Crypto Wallet from Attack and Protect Your funds
Multi-Sig vs. Shamir Secret Sharing: Which Path Will You Choose to Safeguard Your Crypto?
TRIVIA for MOONS - Play Trivia for a chance to win from a pool of 1,000 MOONS. Monday 2 October 2023. EDT - 9.30 pm. On Kahoot and YouTube Live!
Is it possible for someone hack/steal from my hardware wallet?Or is it almost impossible?
Reminder to all the Celsius bankruptcy victims
A 96 yo woman’s letter to her bank. This is why we crypto.
$13,000,000 and victims of Sim Swap 2023
We're thrilled to introduce an innovative approach to secure seed phrase storage. Chaindeck, an entirely offline and analog solution that uses a unique deck of cards to encrypt information.
We're thrilled to introduce an innovative approach to secure seed phrase storage. Chaindeck, an entirely offline and analog solution that uses a unique deck of cards to encrypt information.
After almost 3 years of work, our small startup launched Chaindeck today! Introducing a new way to store and encrypt seed phrases using a unique deck of cards, completely offline and analog.
What's your self-custody strategy? Do you keep a backup hardware wallet on hand?
Blockstream Jade has new firmware. It looks like a nice improvement on an already great device.
Scam protection. It’s up to you and you only.
An Updated SUPER-Beginner’s Guide to Swapping, Bridging and Exchanging MOONs (the complicated way)
New user looking for a good hardware wallet, few questions
Only once you have paid for something with cryptocurrency do you realize how completely insanely insecure credit cards and bank transfers are
The BIP39 Passphrase, and how even the best hardware wallets let us down
The BIP39 Passphrase, and how even the best hardware wallets let us down
Bitbox02: A hardware wallet and it's solution to the open-source closed-source dilemma
How come no one ever mentions the Arculus cold wallet?
"If you opt-in for the service, as a user, you'll have to enter your PIN and consent to the backup process. Then the OS will encrypt and split the shards to send them to 3 different parties." - Ledger CTO
Set up your crypto-recovery plan with your spouse TODAY (STORY)
Everybody always recommends a hardware wallet like a silver bullet, and they're great until you realise that factory pre-sale tampering and fakes can leave you hugely exposed. It's even more plausible recent spate of wallet hacks
Exciting News - LocalMonero / AgoraDesk Free and Open Source Mobile Apps are Now Officially Out of Beta! Happy Birthday Monero!
Today is World Backup Day. Let's make sure your seed is secure and backed up.
How to avoid getting scammed and not lose your coin
Identity solution in Web3: What solution do you use?
what is happening with erc20 transactions ?
My Exchange (will all my savings) was hacked into.
It happened to me! My phone with my wallets was destroyed!
Sorry if this isn’t the right place to ask but I have a few questions.
An Achilles heel of the Cryptocurrency
Hardware wallet/mnemonic seed phrase (extra) security guide, don’t just write it down 1,2,3,4…24
Storing recovery phrases - How to do it right?
Some basic knowledge for new hardware wallets users
Top Quality USA AAA+ fresh DUMPS with Pin, CVVs and fullz also available. Hacking services also available.
Ledger Nano S Plus Cold Wallet button broke... how do I reset it before returning it?
So Coinbase let a hacker trade on my account and offered me 'what is left' from the original $165,000 balance, over 11 days.
Arculus - New Cold Storage - Safe?
An anecdote on how relying on banks is less than ideal...
Blackhole inside Binance. How I was scammed and all my money was stolen. Please, I need your help! Spread the word
I created a free and open source Bitcoin Time Capsule called BTCapsule. It uses the timestamp from the Bitcoin blockchain, and allows you to enter your private keys and check them without exposure to the internet
Vault Finance updates for October 2022! New competitions/AMAs/marketing/developments! Vault is ready for the stratosphere! Their Launchpad & Exchange Novation is picking up steam and quickly becoming the go to platform for all BSC trading! Launchpad is also fully live! Do not miss this project!
PowerMint Token – A brand new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Sony, Google and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/CG listings around the corner.
Digital wallet app development is a major trend in the world of technology these days
Can nyone help me with a blockchain.com fiasco I’m in?
PowerMint Token – A brand new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Sony, Google and more! – Private sale LIVE! (Ending soon!) – Liquidity LOCKED! – CMC/CG listings around the corner.
PowerMint – A new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google and more! – Private sale LIVE! (Ending soon!) – Liquidity LOCKED! – CMC/CG listings around the corner.
PowerMint – A new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/CG listings around the corner.
PowerMint – A new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/Coingecko listings around the corner.
PowerMint – A Brand new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/Coingecko listings around the corner.
PowerMint – A Brand new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google play and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/Coingecko listings around the corner.
Two critical weaknesses of hardware wallets you need to consider
my lesson with a Seed Phrase...
Protect yourself against SIM card swap attacks by setting up a SIM card PIN
Is a Trezor Model One good enough to HODL BTC compared to Model T?
List of the coolest meatspace bitcoin products available:
Privacy tokens only account for 0.59% of the total crypto market cap and their evangelical communities don't want to talk about it because it is not profitable to do that...!
Watch out for this (new?) BTC scam
My experience with 'cold wallets' after trying almost all of them
Introducing Zeus: A remote mobile lightning wallet that lets you connect to and manage your own node on the go!
A use case of blockchain without internet connectivity
This is my trustless bulletproof inheritance strategy:
How Coinbase Global, Inc.& Verizon Wireless Allowed Someone to Steal $70k from my Crypto Wallet
Beware! Likely Trezor phising scam going on!
"Trezor has experienced a security incident involving data belonging to 106,856 of our customers"
Mentions
Strangely I just enter the one paraphrase/PIN to go into my wallet and ‘accounts’ can be created freely from there. But in the process of creating a new ‘account’ it doesn’t give me a new seed, so what you’re saying sounds correct. Much appreciated, thanks!
Doesn’t this mean that if somebody gets your seed phrase/words they could just use it to create a new wallet and access your crypto without needing to know the PIN ? The PIN locks the seed in the Trezor but if somebody knows your seed they don’t need to know the PIN to access your Trezor! Or am I wrong?
ColdCard (Mk4 or Q) Easy to use. Two secure elements. Has every extra feature for advanced users. Can be kept fully air-gapped. Many duress PIN options. Comes in many colours!
Is that 1.2 million years to guess a specific one? If there are tens of millions of wallets then it seems like at some point you could throw 12 words together and have someone’s wallet key. I guess I’m wondering if that is the only defense, or is there a password or PIN code you’d have to guess as well?
You didn’t have a PIN on your hardware wallet??
Don't sell it now. Wait few months. Where is this 1btc stored? Hardware wallet? Do you have physical access and PIN for this device or he just left you with recovery seed(bunch of 12-24words in particular order). Or did he hold it on exchange like Coinbase?
I would probably go with the 3. I found that the USB port of the 1 wears off quickly, causing connection problems. And there was an issue with the 1 where one could downgrade the Software to get access to a wallet without knowing the PIN. But that required physical access to the device. Don’t know if it still works.
A lot of hardware wallets will let you display more than one new address address at a time, and with Electrum you can run a command to generate a list of XX number of unique addresses at a time (but this may require your private key, so maybe not worth noting -- can't remember) In any case, here's a different idea (for the future, not for right now's situation) -- While you're at home, generate a list of 5, 10, 20, whatever new receive addresses and carry that with you. Then if you purchase more while on the road and want to take it off exchange, you can use one of those and check the transaction using your xpub with a watch-only wallet If you're dead set on getting the 2k out *right the fuck now* then, as others suggested, I'd just use Electrum or Sparrow in the interim. Then again, I also don't see a huge risk in just taking my hardware wallet along with me if I traveled that much. It's PIN protected and the wallet is passphrased, so worst case scenario would be I lost it and had to buy another. Personally, I'd prefer to not double up on network fees and would just let the 2k sit on exchange until I got home. I can tolerate that level of risk.
Really sorry about your loss! 1) All you really need is the seed phrase to access the money, so if the girlfriend has the seed phrase she might already have sold it all. The cold wallets (Ledger, etc) are just devices to help keep your seed phrase offline while signing transactions. 2) The seed phrase is usually 12 or 24 words. A list of random words. Example: "kind raw kettle monument sky" etc. 3) Without PIN to wallets or seed phrase, chances are 0. Even if you find his wallet but don't have either you can only view the wallets, but not sign any transactions. A tip: Most people don't EVER store seed phrases digitally. It defeats the entire purpose of cold wallets. So look for the seed phrases to be HAND WRITTEN and stored physically somewhere safe.
if neither the girlfriend or the sister have the seed, though, but the girlfriend has the PIN and the sister has the device -- they could work together without needing the seed
Sounds like the girlfriend has the PIN, not the seed. OP('s friend) has the devices. It remains to be seen where the seed phrase ended up.
I re-read the post after writing this, and it seems that OP only **believes** that the GF has the PIN, and since she probably doesn't have free access to the parent's house it is unlikely that she could even use it if she had it. It is possible that one seed phrase of a multi-sig was given to the GF, who is being coy about it lest she be dispossessed.
Ledger hardware wallets will wipe themselves after 3 incorrect PIN attempts. As he had 3 hardware wallets that means you would most likely need either to be able to unlock his computer to get the wallet file (which is a skeleton wallet, the signing mnemonics only exist inside the hardware wallets). Failing that it is is possible to recreate a multisig quorum, but you would need 100% of the mnemonics, so potentially 3 (all of them) 12-24 words mnemonic seeds. There is a good chance he has them written down on paper or stamped into metal with hammer. Every single account that sends you a DM is a scammer. Every single "recovery expert" with YouTube / FB / IG / TG testimonials is a scam.
I would negotiate with the girlfriend. If he was planning to buy a house for her and shared his PIN he clearly felt her entitled to some percentage. Seems to me that searching for bitcoin when you don't understand how to use it rather than simply negotiating a settlement with the GF who might know more than you would be the wisest course of action.
> 1. If I somehow find the secret words (seed phrases), will I still need the device passcodes to access the Bitcoins? No > 2. What should I be looking for, specifically with the Jade and Ledger devices I mentioned? Is the secret phrase something people usually write down and hide? I’m hoping to search for it and have some ideas, but I could be wrong. I'm not familiar with the security setup of the devices but it is likely that if the girlfriend has access to three PIN you need and you have access to the devices that she needs then as bitcoin is a bearer asset you likely need to swallow your pride and negotiate a settlement so that she gets a percentage of what he had. Giving a PIN to your hardware wallets is a deeply intimate thing to do, and suggests that he trusts his girlfriend and wants her to have a portion of the bitcoin, whether there is a will involved or not, or whether you think her entitled or not. Consider that if he was motivated to ensure that you were capable of retrieving the bitcoin without her help given his condition he would likely have ensured that you could. Searching seems to me to be going against his wishes if you believe in some form of revealed preferences. Just bite the bullet. The amount someone would have on that number of hardware wallets is a quantity of bitcoin that will satisfy most people's financial needs even as a percentage. Also, if his wishes were to sell at €100k them wait for that as well.
1- Do not try to guess or brute force the PIN in the devices, it will erase it, if you don't find the seed phrase maybe in the future, it is possible to break into the devices, so keep them safe. 2- You should look for lists of 12 or 24 words from the "bip39 word list" (just google it), if your brother wanted to keep it safe it should be engraved, look google images for "passphrase steel" so you can have an idea on what to look for. 3- Once you find the seed, it could have the funds there, but based on the devices your brother had, maybe it has an additional password. The good news is that this extra word usually is something that you hope never to forget, and is something you can brute force with a list of what you think he may have used.
Sorry for your brother. You either need the PIN to access and confirm transactions to the hardware wallets or you need seed phrase. Seed phrases work as a backup system to restore the access to your hardware wallets in case of damaged device or lost/forgotten PIN.
Yes, the attacks that are majorly prominent on hardware wallets are physical attacks. Here is the complete public list of the same - https://github.com/jlopp/physical-bitcoin-attacks/blob/master/README.md In our case, even if the device is hacked, the hacker cannot take the assets out without also compromising atleast one of the cards as well and bypassing the PIN set by you. There is a time exponential function which prevents access to sensitive material inside the cards in case of incorrect PIN attempts
Great question. You import the seed phrase of your Trezor safe into Cypherock & that's it. You dont need to manually transfer all your coins one by one. On a high level, you then give one card to your nominee and location of the other card is written in a digital will which is encrypted by the wallet. Then, there is a heartbeat protocol once you setup it up, where we ping every few months to check whether you are dead or alive. The worst case scenario you are not able to reply to us even in the buffer period, we send the encrypted will to the nominee. The nominee using his card decrypts the will in which he finds the location of the other card & the PIN. So now, he has two cards and the PIN to recover all your assets. All this while, you can continue using your Trezor Safe for day to day transactions. Your seed phrase is not sent to Cypherock servers unlike other solutions in the space. You can read more here - [https://www.cypherock.com/blogs/cypherock-cover](https://www.cypherock.com/blogs/cypherock-cover)
The $5 wrench attack is pure FUD. There is no reason to think it has any merrit at all... It is absolutely no different to mugging someone for thie ATM PIN, or just mugging someone for Their phone, computer or whatever. Don't live such a fearful life... you watch too much legacy media selling propaganda that you can't trust your neighbours but you can trust your banker.
I would say a few things. Someone gaining access to your physical device. Especially if they know you're holding BTC. This could be through a hardware exploit to dump any lock screen/PIN code - I believe Law Enforcement has such capabilities, so other people could too. Maybe some sideloaded app or code which could negatively affect your phone's software. I think there's always inherently more risk than not using cold storage so I always err on the side of caution.
instability is exactly the kind of thing self custody is designed for hopefully one can maintain possession of a PIN-protected hardware wallet and have a trusted friend or family member in a more stable area to keep a seed backup with
A lot of people recommend using a Trezor for your hardware wallet. They have a few good options. Look at the Safe 3 or the Safe 5. And then their Keep Metal is really good to save your seed. It should be fireproof and very durable. They have an option where you can get multiple Keep Metals and set your hardware wallet up to be compatible with multisig. Each Keep device will have its own seed phrase and you can set a 2 of 3 multisig wallet for instance. You can keep your hardware wallet in your safe, and the wallet is protected by a PIN code and you can also enable a paraphrase for additional security, so even if someone finds your hardware wallet they can’t get your funds. You should store your seed phrase in a less obvious location, and not in the same location as your hardware wallet. Some people hide them in the walls in their house, some bury them, store them offsite, etc. If you use a passphrase have that written down and stored in a different location from your seed. All of this makes it so that a single point of attack can’t possibly steal your funds. It’s good to be paranoid to a degree about this stuff and take it seriously. Just make sure that the more complex your plan becomes you have it documented in some way so that you don’t forget or your family can’t access if they ever need to. But also don’t make it so that documentation can lead a thief to the treasure.
Are you 100% sure it's the same number ? There is an option on Binance to always identify any messages you receive from them with some kind of PIN.
Give your SO a hardware wallet contains your Bitcoin, but don’t let them know the PIN just yet. Write down the PIN to a sealed letter and let your parents/some trusted person to hold it. Do not let them know that it contains the PIN, but instruct them to give the letter to your SO in case of your death. The point is: One person possess the wallet. The other one know the information. But they cannot collaborate until your death.
Caught off guard? Downloading a crypto program sent to you from a stranger off Telegram is like giving a stranger your ATM and PIN number. > he's been in the crypto space for years. He's a shitcoin NFT younger person who is new to this space and most of their holdings were free shitcoins like Moons and Donuts.
The post on Linkedin (Translated using Deepl) looks like this; ""Did you already know? 📈 The value of Bitcoin will exceed 100,000 euros this year! We can't predict this and can't give any tips. But we do know how you can hedge your cryptocurrencies: 💻 Third-party custody on exchanges? Less effort, but not safe from hackers. 📲 Own wallet on smartphone or PC? Security gaps possible. 🔐 Hardware wallet? Secure and PIN-protected. Create backups and keep them safe!"" Great, honest, and not clickbait article title
They will? They can just reset the PIN with the seed phrase
buy a second hardware wallet restore your seed to that hardware wallet PIN protect it mail the hardware wallet to your cousin email him the PIN after he receives it, he can access the seed phrase himself
I've never forgotten my bank PIN or internet password. And I can't remember where I put my keys this morning.
Traveling with a hardware wallet is not a problem. TSA/Customs have no idea what it is, but even if they did, your PIN should protect you, and if you use a complex passphrase wallet you're safe as houses.
a hardware wallet PIN and an additional passphrase are totally different concepts the PIN prevents access to your hardware wallet the passphrase creates an entirely new derivative wallet from your same base seed phrase - you can have as many as you like which would allow you to have multiple wallets for multiple uses an only keep one seed phrase backup or do 'fun' things like keep a small balance in the non-passphrased wallet so that a bad actor who discovered your seed backup will think they've found your whole balance and stop searching for the rest https://thebitcoinmanual.com/articles/btc-passphrase/
There are lots of ways, but the way I settled on was that I bought a new, cheap phone (must be OTC though), Took it home, returned it to factory reset. Turned off all comms (wifi, bt, gps, etc etc and so on), turned on airplane mode. It's never been online, never will be online.. Once I had that, I used it to store all keys to my accounts, and used it also to encrypt and store backups on usb drives, micros SDs, etc. (using either sandisk secure, veracrypt, or the various PIN protected usb drives). I've got one on me at all times (microSD in my wallet), and the others spread around. I even gave a couple to relatives to toss in a drawer for me. One's in a safe deposit box, one's in my bug out bag. You could do the same with an old laptop as well. Just make sure that whichever device you use, it NEVER EVER GOES ONLINE.
The only problem with a safety deposit box is it can be easily found and confiscated by the feds, other than that it's probably a pretty good place. If you have any family you trust enough to keep it secure and not rob you that might be better. One idea is to divide your seed phrase in half and give each half to different family members to keep secure. If it's a 24 word phrase it will still be impossible to brute force with only half of the words as far as I know. Even if you aren't 100% trusting of those family members they would still have to collude to steal from you. I would not recommend this with a 12 word phrase. If you decide to keep it to yourself you should stamp it on steel or at least keep it in a fireproof safe if it's on paper. Only problem with a safe is that's the first thing a thief would go for. Stamping it on steel and putting it somewhere in your house where no one will ever look is probably pretty secure, or burying it in your yard. Maybe just tell your next of kin where it is, or at least that it exists and they will have to find it in your house or yard to get your stash if something happens to you. As for your cold storage device, most are made to be nearly impossible to access or hack if you don't have the PIN to unlock it. I prefer cold storage that doesn't require bluetooth like Ledger does. I like the Passport because it can transfer information by scanning QR codes from the display making it very easy to use without having to deal with micro SD cards. If you also used a passphrase with your seed that's another layer of protection I highly recommend. There is no perfect solution and people will advocate for other things like multi-sig, but personally I think that's too complicated and introduces some issues that increase the risk of loss. Ultimately you need to research all the options, consider the trade-offs, and figure out what works best for you.
I mean you can install a wallet app on your phone, and keep the money there. Maybe /r/BitcoinBeginners is a good place to go if you've never heard of wallet apps on your phone..? The usual routine is, after installing the app, you are give a list of 24 seed words, and instructed to write them down on a piece of paper. You hide this paper somewhere safe at home. Then you either set up a PIN or use your phone's biometric reader (fingerprint). So now you have your bitcoin conveniently with you on your phone, and if you lose your phone, you re-enter the seed words from the piece of paper into a new phone. It's safe unless you're rooting your phone, not installing updates, got a really old phone or - in some disaster - you lose the phone and the paper together. But then you probably have bigger things to worry about than $400. I use Samourai, but there's a bunch of good ones about.
> its own developed database > you login decentralized via username, password and PIN Read that again. As many times as you need
Nexus.io - most quantum resistant blockchain out there, feeless basic transactions, super fast due to for example its own developed database, unique features like Signature Chains (you login decentralized via Username, password and PIN - no private key anymore) etc.
Have you practiced recovering the wallet with your seed phrase in case you forget the PIN? Give it a shot, but only with a small amount of BTC in the wallet.
Your criticism is absurd. If someone has "physical access and your PIN" they can just SEND your entire stack to THEIR OWN wallet and sign the transaction as YOU. They don't need your f-ing seed phrase. Ledger is offering a service that people can OPT IN to, which stores their seed phrase in a secure manner. You don't need it? Fine. Don't opt in. Other people, like your dad or grandfather maybe DO need it.
Hardware wallets are supposed to make it difficult/impossible for someone to extract the keys, even if they momentarily have physical access and your PIN. If they can just press an "opt in" button and the device spits out the keys in any form, then you can no longer rely on the wallet having that security property. There's also just the risk that the export process is implemented incorrectly in a way that ends up compromising the key. If the device doesn't have an export function in the first place, that can't happen. People bought Ledger devices expecting them to have the property of "key never leaves the device". Then Ledger changed the rules of the game. IMO, that's bait-and-switch, not to mention reflecting poorly on their security engineering judgment. Ledger should never have introduced this on already-sold devices.
Hello u/MrtviBazen, In your position, where you've accumulated a significant amount of Bitcoin and prioritize long-term holding, using a cold wallet makes a lot of sense. Unlike online wallets, which are constantly connected to the internet and vulnerable to hacking, cold wallets store your private keys offline, isolating them from potential online threats. This offline storage makes cold wallets nearly immune to various online attacks, such as phishing scams, malware, and unauthorized access attempts. Your private keys remain secure within the device itself, typically requiring physical interaction and a PIN code for access. This significantly reduces the risk of your Bitcoin being compromised compared to online wallets. Even though hardware wallets demand more time to set up and manage, the peace of mind and protection they offer for your valuable Bitcoin holdings can’t be overstated.
I dont get the flight mode thing but this is why I never let my phone to others. People are not aware that phones are currently a easy door to our financial life. >"On the way, she took the complainant’s phone on the pretext of using the map for navigation and transferred the whole balance of six bitcoins from her wallet to multiple other wallets while mixing using a tumble," she reportedly said. Pro Tip: Add fingerprint or PIN verification to sensitive apps like bank, wallets, etc. This way you can give your phone to others unlocked but they will need to authenticate again to open those apps. I suggest you adding it to Gallery too. You don't want others to see your D pics.
I DO use T-Mobile. If that's the crux of the issue this is a problem for self custody with a Jade. The Oracle pin needs to communicate with a service at Blockstream. I believe I need to switch to another hardware wallet that does not require something like this. Anyone have advice? [https://help.blockstream.com/hc/en-us/articles/9639949755673-How-does-Blockstream-Jade-s-oracle-enforced-PIN-protection-work](https://help.blockstream.com/hc/en-us/articles/9639949755673-How-does-Blockstream-Jade-s-oracle-enforced-PIN-protection-work)
> What can someone do to mitigate this risk? Multisig where you keep your mnemonic seeds apart and if keeping the hardware wallets together in your house use a different PIN on each hardware wallet > No worries for me because the 25th word In the same way that a password (let's say your Last pass/1passwoed database) can be brute forced, your 25th word Passphrase can also be brute forced. The difficulty to attack is based on entropy, ie: you could use 6-12 BIP39 randomly chosen words drawing them out of a hat
It is important to put a good PIN code on your phone. if you put the code 123456 or something similar, then no amount of iPhone protection will help. also I use iCloud encryption. Otherwise, I consider the iPhone to be a very secure phone. not advice, just my opinion.
With Strike, you don't use a password. We login via Phone number and a PIN code.
This doesn't help much. They should implement text or voice verification like bithumb does.. Everytime with withdraw.. you need PIN and also tells you that you are withdrawing in your text..
They would also need the PIN.
Terrible, terrible idea, if someone gains access to that debit card then they would have access to whatever account that debit card is tied to. And if you think a PIN will protect you...
This is the 20‘s equivalent of hour grandfathers writing their PIN codes on their bank cards
You get a seed phrase 12 or 24 word. That gets written down physically by you. It’s the key to your bitcoin, so if your jade dies/stolen/lost all you need to do is get a hot wallet and put in the seed phrase. And your bitcoin will be waiting for you. The hardware wallet just makes it so you don’t have to punch that in every time. You set up a pin a PIN number and connect to the app. Think of it as when you save a game on a console. You just load back up once you’re connected.
All of the suggestions pointing to cold wallets are missing an important aspect. If you have immediate access to it it will be found with a warrant & when threatened with prison you will sing your PIN & passphrase like a canary. The key is to not have it located within your home(s), property or anywhere that can be subject to search by warrant. That includes safe deposit boxes. Time to get creative.
Hello u/bremstol, you're right to consider security when it comes to your Bitcoin. While digital software wallets are convenient, a hardware wallet is undoubtedly the safest storage option. A hardware wallet is a device that stores your private keys offline, unlike digital wallets, which store the keys online. Keeping keys offline reduces the risk of hacking and unauthorized access, as they're not exposed to the internet, which is a major advantage over online wallets. Another important aspect of hardware wallets are the security measures, such as PIN protection and biometric authentication. Furthermore, some wallets allow you to recover your digital assets using the recovery seed phrase if you lose the physical device. In summary, while there's always a slight risk of physical loss or theft, the security advantages of hardware wallets outweigh those of software wallets, making them a more secure solution for long-term crypto storage.
Have to agree with you. Bought a Jade based on the recommendations here (also the urge to try things out) but have mixed feelings about it. When it works it works fine, but it’s a hit or miss kind of thing and sometimes it simply refuses to sign, refuses to recognise PIN, refuses to connect… like you said the camera is next to useless. Overall the product feels less polished and less well tested and less well designed than, say, Trezor or Coldcard or even Ledger (hate Ledger all we want but it works and has been very reliable. It’s the trust issue we have with the company not the product itself)
> The strongest and most secure way to store bitcoins is by using a hardware wallet. A hardware wallet is a physical device that stores the user's private keys securely offline, making it resistant to hacking attacks and malware. When you want to make a transaction, you can connect the hardware wallet to a computer or mobile device, sign the transaction with the private key stored on the device, and then broadcast it to the network. > Hardware wallets are considered one of the most secure options for storing bitcoins because they provide an extra layer of protection compared to software wallets or online exchanges. Since the private keys never leave the device, they are not exposed to potential online threats. Additionally, hardware wallets often come with additional security features such as PIN protection, passphrase support, and backup options to ensure that your funds are safe even if the device is lost or stolen. > Popular hardware wallet brands include Ledger, Trezor, and KeepKey. It's important to purchase hardware wallets directly from the manufacturer or authorized resellers to avoid potential tampering or security risks. Remember to keep your recovery seed phrase (backup phrase) in a safe and secure location, as it is essential for recovering your funds in case your hardware wallet is lost or damaged. Your earlier comments included terms such as "hard wallet" (it's hard_ware_ wallet) and "isnt" (it's isn't, with an apostrophe). Now, suddenly, you seem to have acquired the ability to write like an adult. I'm guessing you copy/pasted that from chat GPT. You think that your statement refutes mine, but that's only because you don't understand what you wrote. Look again, your text includes these words: > Remember to keep your recovery seed phrase (backup phrase) in a safe and secure location, as it is essential for recovering your funds in case your hardware wallet is lost or damaged. Again, a hardware wallet offers a secure way to sign a transaction. It is NOT a secure way to store your private keys. For that you need an offline, analog, non-digital backup, e.g. etching your seed phrase into steel.
The strongest and most secure way to store bitcoins is by using a hardware wallet. A hardware wallet is a physical device that stores the user's private keys securely offline, making it resistant to hacking attacks and malware. When you want to make a transaction, you can connect the hardware wallet to a computer or mobile device, sign the transaction with the private key stored on the device, and then broadcast it to the network. Hardware wallets are considered one of the most secure options for storing bitcoins because they provide an extra layer of protection compared to software wallets or online exchanges. Since the private keys never leave the device, they are not exposed to potential online threats. Additionally, hardware wallets often come with additional security features such as PIN protection, passphrase support, and backup options to ensure that your funds are safe even if the device is lost or stolen. Popular hardware wallet brands include Ledger, Trezor, and KeepKey. It's important to purchase hardware wallets directly from the manufacturer or authorized resellers to avoid potential tampering or security risks. Remember to keep your recovery seed phrase (backup phrase) in a safe and secure location, as it is essential for recovering your funds in case your hardware wallet is lost or damaged.
/s Why is quantum computing a threat specifically to BTC? Why about banking passwords? PIN codes?
Oh my god. I hope this is fake, because the more I look at this picture, the worse it gets. If it's real, this clown set himself up for an ugly ransom attack. "For 10k, I'll give you back everything but the Ledger. The hardware wallet's gonna cost you more. A lot more." Or worse. *Phone call:* "Hey, I've got your keys and I want to claim the $10,000 reward." And then, when they meet, the guy pulls out a gun. "Get in the van. We're gonna plug this thing into my laptop. You're gonna give me the PIN to your main wallet and the PIN to your passphrase wallet. Here's how I know you'll tell me the truth. Before we even start, I'll let you pick where you want to get shot in first if I think you're lying."
Seems fine to me assuming you have a PIN on it and a recovery phrase at home. Maybe a little expensive/redundant compared to just using a phone app, but maybe it's just preference. Now, carrying it around and also not having a recovery phrase seems like peak stupid though. So much that I want to call this fake, but on the other hand, people do some real dumb shit
The seed is not compromised if the hardware wallet is stolen (unless the wallet has a flaw or you wrote down the PIN onto the wallet itself).
PIN and passphrase. Passphrase isn't on it. You can maybe see mnemonic to an empty wallet.
The PIN means nothing, it's the Seed Phrase and PassPhrase that matters. Try Blue wallet , it's one of the better hot wallets. Even better if you can get a Trezor one or Trezor Safe 3, but only if you have a significant amount of Bitcoin.
By right, withdrawal should be possible only after you have given your 2FA, security PIN, and security code sent to your email before the withdrawal is approved. i.e. 3 factors of security. If you got a withdrawal without any of the 3 factors of security, i.e. you do not even get an email for that security code to validate it is you before a withdrawal is possible, then it is very likely your email is really compromised (you can never be sure) or the withdrawal is an inside job at Coinbase.
From reading this very sub, most people use 12 words, not 24. A standard 16 character password in the standard 256 character ASCII space has almost as many possibilities as the twelve word phrase. A 17 character password has more. Then using your example, aside from guessing that password you would have to correlate that password with correct account number which would make the possible combinations astronomically larger than the 12 word space. Add in the PIN and again you multiplied it by some amount based on PIN possibilities.
Hello fren! Am Nubian Prince Akbudhatti with $69,420 billion real US American dollars and want to bless stranger today! Kindly message full name, bank name, and account number with PIN number to make blessing deposit for you today! Many blessing! Akbudhatti. P.S. this not scam! Can trust Akbudhatti! Am real person :)
I already used a Electrum in a old computer that i removed wireless hardware and locked up with a PIN code at bios level, but I bought some hardwallets later and i'm trying to buy a new one. The ColdCard is extremly rare to be selling in Brazil (ironically the founders are brazilians)
Look at it this way. If yiu randomly guessed account numbers, passwords, and verification codes you can access anyone's bank account. Those are just three pieces of info you need to access anyone's bank account. Four pieces of info if you include which bank. With Bitcoin you need 24 pieces of information in the right order. So which is more secure, a password and PIN protected bank account or your Bitcoin wallet?
You don't need a handwriting analyst or anything similar.. The 24 words come from a standard list (Google "BIP39 Word List"). Use that list to verify your guesses. Each word is unique in the first 4 letters. >couldn't that lock out permanently after a certain amount of tries? No. The thing that will lock you out of the Ledger device is entering the PIN wrong 3 times. Passphrases are eternal. He would have had Ledger Live on his computer or phone. Launch it and make a note of the various assets. (and their values. You'll need them in the next step if you don't have the Ledger Device's PIN. This isn't a huge problem. Good Luck!
I think they may mean that this paper has the Ledger PIN, in which case you only get a few attempts.
No, having the seed phrase gives them full access. That's why I suggested leaving one word out. Even if somehow they hacked Bitwarden or your PC has malware, they don't have the full seed phrase. The Trezor PIN just prevents petty theft like when someone comes across your Trezor and plugs it in.
Hello fren! Am Nubian Prince Akbudhatti with $69,420 billion real US American dollars and want to bless stranger today! Kindly message full name, bank name, and account number with PIN number to make blessing deposit for you today! Many blessing! Akbudhatti. P.S. this not scam! Can trust Akbudhatti! Am real person :)
There remote PIN thing looks kind of sus.
PIN number. ATM machine
Buy multiple Trezors, set it up with PIN and strong passphrase 3 - Trezor will be for myself, 3 copies I’ll be keeping to different locations Another 3 Trezor for my family and relatives for safekeeping Another 3 Trezor to my friends for safekeeping So at least 9 Trezors with same PIN and same strong passpharase. That’s 9 backup. Then I’ll burn away or flush the written seed phrase
People rarely have bitcoin or cash in their pockets — everything is digital now — you can be held at gun point for your seed phrase or your ATM PIN - better chance that someone has a fiat bank account than bitcoin
Don't overcomplicate things. I did something similar to this where I basically put a paragraph from my favorite book through a cipher and then used that to generate a private key. I did this for fun, and only put $30 on that wallet. I can't get that money out... I don't know where I messed up, but I can't figure it out. Don't overcomplicate things. Hardware wallet with long PIN + seed phrase on steel in secure location + use a decent password
> there is still zero risk to losing your bitcoin because they don't know the seed phrase. They don't need to know the seed phrase. They need to know PIN that guards the seed. And with good enough & expensive technology you can always get around the 'HW locking after 10 failed PIN trials' safety mechanism.
The PIN/access code protects your seed on the device. If you have a seedphrase in addition to your 24 words, even better. You are right with only the device it's nearly impossible to get access to your funds. The attacker needs the correct PIN/access code AND the (optional) seedphrase. Just don't store the physical 24 seed backup or/and the access PIN and/or the seedphrase together with the device. Just with the device in hand, I don't think any usual thief will be able to access your funds.
> If that is true then couldn't this be obviated by wiping the device after each use? Yes but then you'd have to enter it into the device to use it with that seed. > there is still zero risk to losing your bitcoin because they don't know the seed phrase. The risk isn't 0. Also if a bad actor had your hardware wallet, it's not that they wouldn't know the seed phrase, it's that they wouldn't know the PIN to get into the hardware wallet.
Exactly. A PIN-cracked HW is almost better than the seed because it’s ready to drain immediately. Passphrase fixes this and even a wrench attack if you spin up a decoy hidden wallet.
If they can unlock the wallet to see the seed phrase than your funds are already gone because they can also authorize a spend. Being able to see the private key doesn't matter at that point. Choose a good PIN.
I guess that it depends on which HW you have and how it is configured. Stealing a hardware wallet could mean that all the thief has to do is guess your PIN, which is a hell of a lot easier than getting your seed phrase. Some wallets will let you view the seed phrase in the default config, but even if you can't do that, you can still sign a transaction and empty the wallet. The wallet of a less security conscious owner is likely a much softer target than his seed phrase.
My understanding is that physical coercion is always a risk. Even if you have a hardware device. They could just threaten you with a wrench until you enter your PIN. In fact, unfortunately, even if you have multi-sig set up, people who don't understand it could still pose a danger to you because they assume you have full control.
Give me the $50 and I’ll give you the bitcoin, plus my bank account details and PIN number.