Reddit Posts
I lost ALL my BTC yesterday, this is my story so it won't happen to you
TRIVIA for MOONS - Play Trivia for a chance to win from a pool of 1,000 MOONS. Tuesday December 19th 2023. 7 am EST (6.5 hours from this post). On Kahoot and YouTube Live!
Blockstream jade - what happens if you lose your SeedQR?
Self custody wallet planning for stacking (now) and spending (later)
Gigantix Wallet - The New Era OF Secured Cold Wallet
TRIVIA for MOONS - Play Trivia for a chance to win from a pool of 1,000 MOONS. Monday November 20th 2023. 9.30 pm EST. On Kahoot and YouTube Live!
Any open source, encryption based, 3/5 multi factor wallet already available? If not, can this be developed?
Please help me with this MetaMask/ Trezor problem.
How to Secure Your Crypto Wallet from Attack and Protect Your funds
Multi-Sig vs. Shamir Secret Sharing: Which Path Will You Choose to Safeguard Your Crypto?
TRIVIA for MOONS - Play Trivia for a chance to win from a pool of 1,000 MOONS. Monday 2 October 2023. EDT - 9.30 pm. On Kahoot and YouTube Live!
Is it possible for someone hack/steal from my hardware wallet?Or is it almost impossible?
Reminder to all the Celsius bankruptcy victims
A 96 yo woman’s letter to her bank. This is why we crypto.
$13,000,000 and victims of Sim Swap 2023
We're thrilled to introduce an innovative approach to secure seed phrase storage. Chaindeck, an entirely offline and analog solution that uses a unique deck of cards to encrypt information.
We're thrilled to introduce an innovative approach to secure seed phrase storage. Chaindeck, an entirely offline and analog solution that uses a unique deck of cards to encrypt information.
After almost 3 years of work, our small startup launched Chaindeck today! Introducing a new way to store and encrypt seed phrases using a unique deck of cards, completely offline and analog.
What's your self-custody strategy? Do you keep a backup hardware wallet on hand?
Blockstream Jade has new firmware. It looks like a nice improvement on an already great device.
Scam protection. It’s up to you and you only.
An Updated SUPER-Beginner’s Guide to Swapping, Bridging and Exchanging MOONs (the complicated way)
New user looking for a good hardware wallet, few questions
Only once you have paid for something with cryptocurrency do you realize how completely insanely insecure credit cards and bank transfers are
The BIP39 Passphrase, and how even the best hardware wallets let us down
The BIP39 Passphrase, and how even the best hardware wallets let us down
Bitbox02: A hardware wallet and it's solution to the open-source closed-source dilemma
How come no one ever mentions the Arculus cold wallet?
"If you opt-in for the service, as a user, you'll have to enter your PIN and consent to the backup process. Then the OS will encrypt and split the shards to send them to 3 different parties." - Ledger CTO
Set up your crypto-recovery plan with your spouse TODAY (STORY)
Everybody always recommends a hardware wallet like a silver bullet, and they're great until you realise that factory pre-sale tampering and fakes can leave you hugely exposed. It's even more plausible recent spate of wallet hacks
Exciting News - LocalMonero / AgoraDesk Free and Open Source Mobile Apps are Now Officially Out of Beta! Happy Birthday Monero!
Today is World Backup Day. Let's make sure your seed is secure and backed up.
How to avoid getting scammed and not lose your coin
Identity solution in Web3: What solution do you use?
what is happening with erc20 transactions ?
My Exchange (will all my savings) was hacked into.
It happened to me! My phone with my wallets was destroyed!
Sorry if this isn’t the right place to ask but I have a few questions.
An Achilles heel of the Cryptocurrency
Hardware wallet/mnemonic seed phrase (extra) security guide, don’t just write it down 1,2,3,4…24
Storing recovery phrases - How to do it right?
Some basic knowledge for new hardware wallets users
Top Quality USA AAA+ fresh DUMPS with Pin, CVVs and fullz also available. Hacking services also available.
Ledger Nano S Plus Cold Wallet button broke... how do I reset it before returning it?
So Coinbase let a hacker trade on my account and offered me 'what is left' from the original $165,000 balance, over 11 days.
Arculus - New Cold Storage - Safe?
An anecdote on how relying on banks is less than ideal...
Blackhole inside Binance. How I was scammed and all my money was stolen. Please, I need your help! Spread the word
I created a free and open source Bitcoin Time Capsule called BTCapsule. It uses the timestamp from the Bitcoin blockchain, and allows you to enter your private keys and check them without exposure to the internet
Vault Finance updates for October 2022! New competitions/AMAs/marketing/developments! Vault is ready for the stratosphere! Their Launchpad & Exchange Novation is picking up steam and quickly becoming the go to platform for all BSC trading! Launchpad is also fully live! Do not miss this project!
PowerMint Token – A brand new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Sony, Google and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/CG listings around the corner.
Digital wallet app development is a major trend in the world of technology these days
Can nyone help me with a blockchain.com fiasco I’m in?
PowerMint Token – A brand new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Sony, Google and more! – Private sale LIVE! (Ending soon!) – Liquidity LOCKED! – CMC/CG listings around the corner.
PowerMint – A new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google and more! – Private sale LIVE! (Ending soon!) – Liquidity LOCKED! – CMC/CG listings around the corner.
PowerMint – A new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/CG listings around the corner.
PowerMint – A new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/Coingecko listings around the corner.
PowerMint – A Brand new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/Coingecko listings around the corner.
PowerMint – A Brand new era for the joy of gifting! – Digital NFT Gift cards – BTC Rewards – Collaborations with; Xbox, Uber, Apple, Google play and more! – Private sale LIVE! – Liquidity LOCKED! – CMC/Coingecko listings around the corner.
Two critical weaknesses of hardware wallets you need to consider
my lesson with a Seed Phrase...
Protect yourself against SIM card swap attacks by setting up a SIM card PIN
Is a Trezor Model One good enough to HODL BTC compared to Model T?
List of the coolest meatspace bitcoin products available:
Privacy tokens only account for 0.59% of the total crypto market cap and their evangelical communities don't want to talk about it because it is not profitable to do that...!
Watch out for this (new?) BTC scam
My experience with 'cold wallets' after trying almost all of them
Introducing Zeus: A remote mobile lightning wallet that lets you connect to and manage your own node on the go!
A use case of blockchain without internet connectivity
This is my trustless bulletproof inheritance strategy:
How Coinbase Global, Inc.& Verizon Wireless Allowed Someone to Steal $70k from my Crypto Wallet
Beware! Likely Trezor phising scam going on!
"Trezor has experienced a security incident involving data belonging to 106,856 of our customers"
Mentions
My preferred way of using Jade is [entirely stateless](https://help.blockstream.com/hc/en-us/articles/20144489592857-Use-Jade-as-a-stateless-signing-device). The device will forget your mnemonic after each power down. Every time you start it up, you'll set up a temporary signer and enter your 12/24 words. This is supremely secure as Jade basically holds no information about your wallet. If you lose it or it gets stolen, there's no way for anyone to retrieve your coins as the data isn't even there. It's also possible to make your own [SeedQR](https://help.blockstream.com/hc/en-us/articles/10426338606873-How-do-I-create-a-SeedQR-from-my-recovery-phrase). You can then point Jade camera's at the SeedQR instead of typing the words. If you do want to keep the mnemonic saved on the device, you'll need to set up a PIN and use the blind oracle. You can also set up [your own blind oracle](https://help.blockstream.com/hc/en-us/articles/12800132096793-Set-up-a-personal-blind-oracle) if you don't trust Blockstream services. But even then, if no blind oracle is available, you can always restore your wallet from the 12/24-words and passphrase, either in stateless mode, or on any other BIP39-compatible wallet (like Trezor). In other words, the blind oracle is only used to access the mnemonic and passphrase saved on the device, it is not tied to the actual Bitcoin wallet. It's as if the Jade was a safe, that you stored your mnemonic and passphrase in that safe, and the PIN+BO acted as the lock for that safe. If you have the mnemonic+passphrase also stored elsewhere, then you can still access your coins.
That's not multisig. Don't split your seed like that. And using a safety deposit box adds unnecessary fees into this (if you already have one, use it I guess for a part of your backup) Deleting all the exchanges and hot wallets is not useful. If someone is targeting you they have information that you own Bitcoin - ie from the recent Coinbase incident. Either use a wallet like Sparrow that's only on your home computer (no mobile), or use a wallet that offers a duress PIN feature like Nunchuk or Bluewallet. Using a hardware wallet with a duress pin - like ColdCard - feature is also good. Whatever wallet you choose, use a passphrase.
It's a normal Mastercard credit card that can be used anymore. No PIN since it's a credit card. You can get rewards in a cryptocurrency of choice, but I just get it in stablecoin since I don't want to complicate my taxes.
If you're not using an information in your memory, you can eventually lose it. Hell, I suddenly forgot my bank PIN that I used almost daily. Had it committed to muscle memory, but when I tried to consciously remember it, nothing came up. It can happen
I do not know the 'cashapp' thing. But if he worked for you and requested you to pay via this channel - I can't see how this could be a scam or a risk for you, as long as you control how much you transfer. From its description on its website, "cashapp" is a "wallet" type of a service, So you should be able to transfer money (fiat or crypto) to that wallet, and make transfers out of that wallet. So, with your safety in this in mind, if you don't trust the app, just be careful to NOT send too much money to your 'cashapp account', do not enter to it any passphrases/passwords/PIN/etc to your other accounts, wallets, etc. Install the cashapp app, learn how to "deposit money" to that app, do deposit USD/etc in moreless enough value to buy what you need to send, then send the BTC to that guy. Depending on how much it is, you might want to do a test run first, i.e. if you have to send $1000 worth in BTC, deposit $50 first, convert and send it, and after recipient confirms he got it all, send the remaining $950. This way you will also learn about all the fees along the path, as when you deposit $50 and do everything, the guy at the end will likely receive less than $50 (there may be deposit fee, there may be USD<>BTC trade fee, there may be withdrawal/sending fee...)
Wait, they stole your Iphone and you had no PIN code to unlock? No faceID?
>**After verifying their identity**, the user selects the “send” option, chooses to pay to a Lightning address, enters the amount (1,000 sats), confirms with a PIN, and the transaction is completed, with the funds appearing instantly in the recipient wallet. I think I'll gonna skip this one.
All of these are non issues. Never enter your seed phrase on any website, never ever. Malware is also not an issue if the wallet is air gapped. The malware could change the receiving address if you copy and paste, but you can mitigate that risk by verifying the address after pasting. The other issues are risks but would only be an issue if you lose BOTH your backup words and HW wallet. For example if both are in your house and burn down. Someone stealing your HW wallet is not an issue as they require a PIN. Most good wallets have duress features against wrench attack.
The press always chatter about BTC getting hacked, or being useless with quantum computing, but literally everything else that’s protected by encryption of any kind will be hackable. All your passwords, all your data, all your bank PIN numbers.
This actually sounds plausible, and not necessarily a scam—especially if your brother really did make the transfer and can still see the wallet with BTC in it. Back in 2011-2012, a lot of Bitcoin trades happened peer-to-peer, especially through forums like Bitcointalk. People would share wallet addresses, and security was often… loose, to say the least. If he received a wallet address and can still see the funds there, the critical question becomes: was this a wallet the seller controlled and simply showed your brother, or was it a wallet your brother was supposed to have control over? If your brother owns the wallet (i.e., it was created for him), then he needs the private key or the seed phrase (not a PIN). A PIN might refer to a mobile wallet app, but most likely, what’s needed is a private key or a 12- or 24-word seed phrase. That’s the only way he can access the funds. Sadly, if the other party never gave him that, it might mean your brother was essentially just shown a wallet that was never his to control, even if the funds are technically ‘there.’ That would mean the BTC was never actually under his ownership—just ‘viewable.’ Bottom line: If he doesn’t have the private key or seed phrase, he can’t move or sell the Bitcoin. Encourage him to keep searching all his old emails, backups, apps he might’ve used, etc. Don’t email the seller—that account is almost certainly long dead or compromised. This could be life-changing money, so it’s worth turning the house upside down.
Your old device would still work. If you restore using your old seed phrase, you’ll see your existing coin balance using the new device. (But if someone else found it they couldn’t access your funds as they wouldn’t know your PIN # or passphrase).
I’ve carried Trezors through TSA many times. Never had any concern & never any issues. Even if they did confiscate it, they wouldn’t be able to access it unless you wrote down your PIN code and passphrase & gave that to them as well. For $75 you could replace the device & restore with your recovery seed. So what’s your concern OP…?
This is the terrifying downside of being a gullible idiot. I mean if this story is even true... OP willingly gave some random people the mnemonic to their retirement money. It's as if they gave their SSN or the location and PIN to their personal safe to some guy on a spam call. Don't take this as an excuse to hand over your money to a crypto bank aka a centralized exchange. It's very easy, the mnemonic is only for yourself. Anyone who has it can spend the coins.
If you're going to be keeping it for a decent amount of time, why not use multiple passphrases? Then there's only one seed to protect and the passphrases can be relatively simple and are easy to switch in the Trezor app once the PIN is entered. It'll be so much less hassle for retrieving funds / sending without having to reset, change seed, switch back etc.
> Is the paraphrase the same as the PIN I created? Passphrase. No.
Is the paraphrase the same as the PIN I created?
> Agreed. Single sig is fine. Even without a passphrase. If you have a 24 word private key, and a good hardware wallet with a PIN code.. that’s all you need. Digital media such as a hardware wallet is susceptible to failure and is not suitable for backups. So, whether or not you have a hardware wallet, you must store a backup of your seed phrase, on paper and/or steel. If you have a single sig wallet with no passphrase, then each backup comprises a single point of failure. I recommend using a passphrase, or setting up a multisig wallet. I do not recommend splitting up a single seed phrase into multiple parts.
Agreed. Single sig is fine. Even without a passphrase. If you have a 24 word private key, and a good hardware wallet with a PIN code.. that’s all you need.
Biometrics sound secure, but they're not the silver bullet people think they are. Unlike a PIN, you can't change your fingerprint if it gets compromised and storing that kind of data safely is a whole other can of worms. Maybe Ledger and Trezor avoid biometrics because they know it adds complexity without necessarily improving real-world security. Plus, hardware wallets are supposed to be air-gapped and minimal adding fingerprint sensors introduces more potential attack surfaces. I'd be cautious about trusting less-established wallets just for a “cool” feature that might backfire.
99.99% of burglars won't recognize a cold wallet. How many people are un crypto business in the whole world? 1%? How many of them can be robbers broking into houses, finding a Razor and thinking "voilá! I'll introduce the PIN and get away with 1M USDT!"
i still have the wallet, and i guess i still remember the PIN
>Can you please explain in simple terms what the actual ledger nano, with the PIN set on it 3 x incorrect PIN entry will factory reset the Ledger, such that if you lose the device, and have a strong PIN, you're pretty safe. Having said that Nano S is using older chips with more studied and recognised vulnerabilities to secret extraction (whilst Donjon is Ledger's team, see their papers on extracting seeds from competitor's hardware wallets). >Does that also mean if someone gets hold of my seedphrase, me having the ledger won't have any value Anybody with access to your mnemonic seed can sweep your funds at any time, they don't need your Ledger, they could enter the Mnemonic Seed words into a phone or desktop wallet and sweep all of your Bitcoin.
My bad, I meant the seedphrase. Can you please explain in simple terms what the actual ledger nano, with the PIN set on it, does for security? Does that also mean if someone gets hold of my seedphrase, me having the ledger won't have any value?
PIN is only used to unlock your physical device. It has nothing to do with your seed
Thanks for that mate. So, it means that PIN doesn't act as the 25th word? I just have the 24 word seedphrase and you're saying that as long as I have that, the PIN didn't add an extra layer of security on the actual asset? Can you please elaborate what is that PIN used for then?
I think you are fundamentally misunderstanding what cold storage is. Your crypto is not "stored on a USB stick." Your crypto is stored on the blockchain. In fact, cold "storage" in some respects is maybe a misnomer. The only thing your cold wallet does is securely store your seed phrase. The cold wallet generates a seed phrase that never touches the internet and allows you to "unlock" your little piece of the blockchain so to speak. It stores your seed phrase, that is essentially all. When generating said seed phrase, you ALSO back this up by securely writing down as many back up copies that you want (preferably on metal). If your cold wallet is lost, damaged, or even stolen (you put a strong a PIN on it that would be extremely unlikely to be hacked) that is actually not a huge deal because you backed up your seed phrase. I can enter that backed up seed phrase into any new wallet and again unlock my piece of the blockchain. Nothing on an exchange really belongs to you. There is no such thing as FDIC insurance on any of the exchanges for crypto. It's not at all the same protection as putting your cash in the bank. You just have to trust a company's word that it'll always be there. Getting your account hacked is a severe possibility, but smaller things like an exchange suddenly putting a hold or ban on your account with no explanation (I see posts all the time and I myself for no reason had my Kraken account on hold for 2 weeks for no reason provided). And again, getting an account hacked is much more likely when on an exchange vs. off. To each their own, but I would never leave over a few thousand even on an exchange for very long at all.
Google "Paper Bitcoin Wallet" It looks pretty, but it's not recommended. If you're printing this, just to handwrite the seed phrase, then why do you need this at all? You can just use a plain piece of paper. It'll probably be more ledgible. If you're typing or generating your seed phrase here then how do you know this code isn't malicous? Even if it's not, how do you know there isn't a virus on your machine, searching for seedphrases? There's no security feature, so if you use this and someone else stumbles on your printed paper, nothing will stop them. No PIN. No Pass code. Lastly, paper wallets have a terrible reputation of accidentaly getting destroyed or thrown out. Use at your own discretion.
I wouldn’t say they are being transparent…they are coming clean because they were probably about to be busted. This has been a known attack vector for years. And Zachxbt and others have been posting about coinbase customers getting social emgineered for awhile now. Personally I am feeling very unsafe right now. Going to check the kyc documents I have on file today and I hope it’s an old address. They can text and email me all they want I will never fall for it because I am the most skeptical mfer there is but I put my kids at risk by transacting through coinbase with coinbase having my PIN and that is not ok.
where you store your hardware wallet is of almost zero consequence I leave mine out in the open, on my desk it has a PIN to access it that, if entered incorrectly more than 3-5 times will reset the device -- almost all hardware wallets have the same feature what is important is hiding your seed words if you're worried about those being found, you can use a 12/25th word passphrase which brings you to a totally different wallet than just the seed phrase on its own I have my seed well hidden, but I also have a copy with my parents as a backup Because without the passphrase *and* the seed words, a thief has nothing
even if somebody steals it, the likelihood guessing my long PIN is low. even less likely to somehow hack the device itself
I understand the fear. It's like wanting the comfort of a bank. So much scam protection and FDIC insurance, customer service, etc. with a bank. However, I had to realize that crypto is fundamentally different. I actually had pretty good customer service with Kraken, for example, but they fundamentally can do nothing once you get scammed AND give your seed phrase or send the coins. It just doesn't work that way no matter how good of a company the exchange is. I felt sick to my stomach when I first moved coins from an exchange to cold wallet, so I get the fear. It can take a bit of time and I had an "oh shit" moment for sure. However, it feels great once it is on there. It's like managing my own private vault. Keep those seed phrases secure and never online, make a good PIN, and that's it. Not sure what you used, but I went with a Trezor Safe 3 and it's excellent. Felt very confident with its set up instructions and provides a lot of prompts to verify every sending or receiving.
The passphrase is the 25th word that is hardware wallet specific? Apart from the 24-word seed phrase. Also my wallet has a PIN? That’s just to turn the device on?
Are you the prince that keeps calling my grandma???? She misses you, not even a how you doing just bank routing number, and new card number with the PIN number. She won bingo two weeks ago just so you know, but you never ask.
That's a Ledger cold wallet. No one can get into it without the PIN, but if you are moving a billion dollars on it you better hope no one knows or you'll get wrench attacked.
Without the PIN, the hardware wallet is useless. You can memorise the seed and..that’s it.
I'm using Jade Plus as a "temporary signer" without the PIN feature, usually with bluewallet, no issues whatsoever. Fully air gapped, never used the USB cable nor Bluetooth. Now that I'm thinking about it, isn't Bluetooth causing some of the issues like when closing Green?
Battery is a relatively inexpensive repair. ifixit has guides on their website for DIY Parts from mobilesentrix do me well, usually You'll likely need the PIN though
AI coins IMO will pump hard if this bull run gets going DSYNC, GPU, PALM, PIN, PAI
You can store seeds, wallet descriptors, etc, and use it with SeedSigner. (Or an offline phone/PC) It's basically like a USB stick but a lot more durable and also has hardware protection like a PIN that wipes after a set number of attempts, so you aren't fully dependent on the strength of the encryption key.
You are trusting them with USB drives that are ultimately protected by at best, a 20-character numerical PIN. Assuming the PINs were selected randomly, that's less than 67 bits of entropy, equivalent to a 10 characters (upper/lower/numeric/symbols) passphrase. Practically, this is less safety than splitting a 24-words mnemonic in two 12-words sequences, distributing one half to the heirs and the other to the DMS service.
Yeah, the PIN alone wont let you change the policy limits
Yes. I use deadmansswitch.net. It's just a one-time payment, and they accept Bitcoin. HOWEVER do not ever use this to distribute your seed phrase directly. I gave my family an encrypted USB stick, one of those with a physical keypad on it. If my dead man's switch is ever triggered, it will simply send the PIN-code for the USB stick. On the USB stick, there are PDF files with detailed instructions on how to find my seed and reclaim the funds.
The purpose is to limit how fast the Coldcard can be drained if it was stolen along with the PIN?
But, but, almost everybody carries a bank card and a PIN in their head. Surely this would be easier for a person in distress to remember. Four numbers versus 12 words.
Also, any cold wallet is good, none is better than the other, they all do the same thing: keeping your keys. Just keep your PIN and seed phrases OFF the Internet.
Yes but they need the PIN code to unlock the trezor.
I have an Android, so can't speak for iPhone. The app works fine in that you can access and view your balances, etc. Its just a Lite version of the desktop version. I haven't looked in to sending or receiving from it however as I just prefer to use the computer. I'm wary of using my phone, as although I'm 99.9% certain I've not accessed anything dodgy, you never know what might have something built within an app/website that compared to a computer with anti-virus/malware could hopefully pick up on. Obviously, as long as the seed is stored sensibly, the PIN is entered via the Trezor, so any issues are unlikely... I just don't. A passphrase wallet is also accessed via the Trezor too btw. There is an option to enter it via the keyboard - but that seems to defeat the purpose of security/passphrase. There was a news article a week or so about a cache of seemingly new legit-looking Android devices found that were all pre-loaded with crypto-stealing software.
Good on you for protecting your bitcoin the way you are. My method is and I’m not saying you should do the same is I use slip 39. My shares are distributed in various private underground vaults geographically independent from one another I have one share with me a passphrase and the shares are on a steel plate. I keep my hard wallet with me with an extra PIN number I can enter if necessary which will wipe the wallet. Trezor5
You are way over reacting to the tiny future risk of quantum computing and way under reacting to the small but current risk of having your cold storage balance carried around with you on your phone, and thereby being targeted for a wrench attack. Don't have your main stack knowable on your phone unless you have no other option and also are using a wallet with some kind of decoy password or PIN (Nunchuk or Bluewallet are good for this).
"It is the Ledger of my brother, I don't know the PIN"
That’s a lot of money to have for someone who listens to astrologers. I would think people like this could be easily scammed. Personally I would tell your mother to buy like $100 worth and practice sending it from an exchange, to a hot wallet and back to the exchange and then to a cold wallet. And so on and so forth. I would tell her to research hardware wallets, and what a seed phrase, passphrase, PIN number are and proper ways to secure them. The do’s and donts. Then I would try to teach her about possible scams and how to avoid them. Then I would teacher about different hacks. After she can use bitcoin and properly store it. She needs to know that it could go down tomorrow to $60k and there could be a buying frenzy between governments that makes it go through the roof. Nobody knows. But what we all know is that if she holds it for 4 years she will be in the green. Bitcoin is a long term investment. But it’s extremely volitile.
Exactly. The PIN within a bitcoin wallet is only tied to that instance of that wallet & is unrelated to the seed phrase. If you have the seed phrase it will be valid without the PIN.
Do whatever works for you. Don’t bother caring what people here think. In many ways an ETF is a far safer bet than holding actual BTC and it will give you the same leverage. In another post in this subreddit I’m helping a guy whose senile grandma threw out the seed to allegedly 40 BTC. She thinks she might know the PIN to her Ledger, but if she’s wrong, millions of dollars will evaporate after three tries. Personally, I have a pretty elaborate set up to ensure both the security of my wallet seed and the ability to pass it to my children/family if both me and my spouse die. If grandma or I had all IBIT, none of this would be a problem.
If the Ledger device still works and has not been erased the funds are fully recoverable with the PIN. It is important to get the funds off of the device asap as it is likely several years old now and is the sole access point for the Bitcoin. If the device fails, the funds are gone which is why it’s important to secure the 24 words as a backup. I would honestly just send the funds back to Coinbase for now, so you’ll need to get into her Coinbase account and find a wallet address to send the funds to. Once the funds are on Coinbase, you can erase the Ledger and generate a new seed, which generates a new list of 24 words. Write those down and keep them somewhere fireproof and safe, and then transfer the BTC back to the device if you don’t want to keep it on Coinbase. There are some common issues that arise when using an old Ledger. They came with a Micro-USB to USB-A cable. Many newer computers don’t have a USB-A port, and a convertor (from A to C) will not allow the Ledger to authenticate. It needs to be a Micro-USB to USB-C cable. You’ll need to install Ledger Live onto the computer. Make sure you get it directly from Ledger’s website. Ledger Live might want to force a firmware update on the Ledger. This is extremely risky since a failed update might erase the device. I’m not sure if there is a way around the update. I’d have to look into it. At the very least, you can confirm the PIN works by powering on the device with a USB cable and trying to unlock it.
Hi, My mom finally responded and said she has memorized the PIN, it’s the 24 words she accidentally threw out. Does this change anything?
It’s probably a Ledger Nano that needs to be plugged into a computer with a USB cable to function. So there are two passwords to look for. The first one is a PIN. It’s likely to be either 4 digits or 8 digits. Ask her if there is a 4 or 8 digit number she would typically use. I would try the PIN to her ATM card first. People might also use a birthday or the code to something like a safe or garage door. You can try some PINs but the device will eventually erase itself after to many incorrect tries. The second password to look for is a 12 or 24 word list. This is the recover phrase for the wallet. You can literally erase the ledger and still be able to recover the wallet if you find this list. Ledgers come with little cards that these words are expected to be written on. One might keep that card in the original box, a safe, or a safety deposit box. It will look like this: https://cryptopotato.com/wp-content/uploads/2018/01/ledger_nano_s_4.jpg The recovery words are only words on this list: https://www.blockplate.com/pages/bip-39-wordlist So if she saved these 12 or 24 words on her computer (which is a terrible idea btw), she might have saved the BTC after all. Perform a search on the computer for literally every word on that list until you find a document with a list of them.
For the average person to safely store their own Bitcoin we need to move away from Seed Phrases, and make Wallets more like a Credit Card with a PIN. Tangem Wallet is a good start.
Something you could do is to buy one cold wallet for each one of your heirs. You set up the wallets and imput in them the amount of BTC you want to donate. You can give them the wallets and you tell each one of them that the PIN, SEED PHRASE AND PASSPHRASE will be send to them 2 months after your death in an e-mail. All you will have to do is to use the ´Innactive Settings´ of Google to automatic send them an e-mail with all information needed to disclose the wealth (seed phrase, passphrase, pins etc) if your main e-mail stays innactive for 2 months for example (nobody leaves a main e-mail innactive for such a long time, do you agree with me?) You won´t have to spend no money at all. They will have the cold wallets in their hands and you solved the situation in a way that there will be no arguments, quarrels,, discussions etc. Hope I have helped you...
Even if I can set the PIN code and the recovery phrase?m, buddy?
Even if I can set the PIN code and the recovery phrase?
Even if I can set the PIN code and the recovery phrase?
The first question is more or less answered by others below and is a basic guess, not to mention it is possible to upgrade Bitcoin before that treat becomes a reality. Your last question; it will be as safe as you taping your bankpass with the PIN written on it on an ATM. The whole Bitcoin system is based on you doing some thinking yourself. Not just assuming things or believing others but to verify. You can formulate the right questions after some help, so you can think. Especially that last question is rather straightforward, isn't it ?
Trezor is cheap, good and secure. Coldcard, Jade or some others are more expensive and offer airgap functionality, make it just a bit more secure. Just choose what suits best. Are you gonna put your life savings on it? I would go for an airgapped one... I have a Trezor one and a Coldcard Q. The coldcard is 4 times the price of the Trezor one, but has a lot of extras like the mentioned airgap, but also secure notes and Duress PIN setups.
No problem. Do not set up PIN that is shorter than 4 digits. If somebody steals your Trezor, it will factory reset after I think 14 unsuccessful attempts, which is why you will have your physical backup in place. (Always test it before sending any Sats there - this will make sure you didn’t make a typo). Trezor also has a functionality that will factory reset after entering specific PIN. So set it to e.g. 1234, 0000 or something truly stupid that thief may try first. I can also recommend Panzer glass privacy that blurs the screen from other than direct angle, if you plan to use it outside. And don’t forget to read and study little bit about passphrase functionality and Shamir backup which I personally consider as the best approach in case you plan to invest/save longterm in btc. Respinsibility comes with the power, fingers crossed 😉
Physical control of an air-gapped wallet doesn't make it a forgone conclusion they will be breached. There are various ways to use air-gapped wallets and I'm not aware of any that don't also rely on a PIN or passcode of some sort or actually being devoid of private keys entirely until used as a temporary signer via QR seed or manual recovery seed entry.
Can someone give me some insight? Been with Coinbase for a long time, yesterday I went to the app and I was logged out. They also removed my PIN code that’s required to get into my app bro, every sketchy from Coinbase and not sure if I should transfer my portfolio to another exchange that this will not happen on.
And every Windows computer in the world encodes the user PIN with it as well.
A good hardware wallet keep your private keys on the device at all times. It is secured with a PIN and/or passphrase. The seed is your back-up and it should be stored separate from the wallet. If you have all that properly in place, losing your hardware wallet is hardly a problem.
Thanks! I will investigate what a duress PIN feature is!
First, never trust your memory, which also works poorly after you've been hit by a bus. Memorizing your hardware wallet PIN is ok, a private key or even worse a brain wallet is a no-no. Please do not listen to anyone suggesting DIY was of generating seeds, concealing your words, splitting them 12/12, etc. these are in the best case useless mambowambo, in the worst, more realist, case a good recipe for disaster. Stick to the standards: BIP 39 seed (12 or 24 words) generated with GOOD entropy (either a secure element or throwing dice yourself, without shortcuts), add a passphrase if you want, but remember that's a critical piece of information that you must protect, keep safe and separate from the seed. You should store those two pieces of information on steal, possibly create multiple copies geographically distributed (friends, families, your properties in different jurisdictions). Instruct your family, heirs, lawyer where these things are located, remember the bus chasing you. Consider multi-sig, use standard patterns like 2-of-3 or 3-of-5, don't get too creative. You can have multiple copies of the seeds and multiple instances of each hardware wallet used for signing. Same as before, distribute geographically, leave instructions for your heirs. The items below are promising/interesting but I would not recommend quite yet because they are either not battle-tested or not standard enough at present time: \- software like Liana, which uses smart contracts for enforcing "complex" rules, like a dead-man switch \- seed in SLIP-39 format, where you can assign Shamir-Share-Secret shares with different quorums (quora?) to different groups of people (partner, familiy, friends, etc.) As for initial posting, I'd be nervous leaving a seed in a safety box in a bank without a passphrase, in principle they can access it (even legally).
Ok, so "signed back into the same wallet", I'm not sure what that means. Exchanges like coinbase have a login, but don't typically give a seed phrase for the coins they hold because those are custodial wallets (coinbase or whatever exchange controls the coins on your behalf and you don't have direct access to the private keys). On the other hand some mobile apps will generate seed phrases and give you full control. This is generally safe for small amounts of coins but can be pretty risky for larger amounts. These apps generally have a 4-8 digit PIN to let you login. Also "already deleted it" -> I assume you wrote down the words first :) Anyway, I guess as long as you have access to the coins now, and can successfully move them to an exchange you trust to sell them (assuming this is what you want to do), then you should be fine if you do that quickly. If you plan to hold a good amount of coins for a while, I would recommend a hardware wallet. Have you tried moving/selling any coins yet?
Use a steel backup. This makes physical destruction extremely unlikely. Use a *strong* passphrase (or do multisig). Don't store the seed words together with the passphrase. This makes burglary impossible. *Don't* memorize your seed words. Use a hardware device with duress PIN features. This makes robbery unlikely to succeed. Sleep well at night.
If you know what you're doing you can use an old device where you disable any wireless communications. You'll be missing the secure element that destroys the seed phrase after too many incorrect PIN guesses, though.
Get into an account that holds all your spare money, more like... If you have a bank account, if you forget your PIN you can validate yourself with documents, IDs etc. to the account the bank holds for you, but in the case of BTC, your "password" (seed + passphrase) IS your account.
Yes. You don’t need to connect your wallet to receive crypto. It’s like giving someone your PIN or bank login details to access your account in order for them to pay you - you don’t do it.
If you found a wallet w/ and ATM card and a PIN number on the back, it would be illegal to withdraw funds too. Maybe we should go to r/askalawyer
Tangem works on apple and does not store your crypto just your seed which has a PIN number to access like a regular debit card they also do a ring with the cards now which I think are rather cool 😎
You're right that it doesn't automatically expose the seed. I should have worded it more clearly. What I meant was, when you connect a cold storage drive to a computer and enter your PIN, the wallet can become during that time vulnerable to whatever software is on your computer. The fake Ledger Chrome plug-in a few years ago took advantage of this and stole from unsuspecting and inexperienced Ledger users. So yes, it's caused by user error not a flaw in the cold storage itself, but I think it good to mention this to users who might be new to cold storage and might assume that it's bulletproof to being hacked.
In such case, you only need 9 or fewer than 9 attempts to successfully brute force the full PIN code.
Also, please add your ATM PIN. If you aren't comfortable stating the actual number, just give the first 3 digits.
Possible Causes Derivation Path Differences: Many wallets use hierarchical deterministic (HD) structures that can generate multiple sets of addresses (e.g., following BIP44, BIP49, BIP84, etc.). If your original wallet used a non-default derivation path, the restored wallet might be scanning a different one. Passphrase/Secondary Factor: If you set an extra passphrase (sometimes called a 13th or 25th word) during the original setup, failing to enter it during recovery will produce a different wallet with no funds. Multiple Wallet Accounts: The prompt to “switch wallets” suggests your seed might generate more than one account. It’s possible your funds reside in a different account or wallet instance that isn’t currently selected. Network Settings: Ensure you’re on the correct network (Bitcoin mainnet) rather than a test network or a different configuration, as that could affect which transactions and balances are visible. *Troubleshooting Steps* 1. Double-Check Your Seed Phrase: Verify that you’re using the exact seed phrase from your original wallet. Even a small error can lead to restoring an entirely different wallet. 2. Consider an Extra Passphrase: Reflect on whether you might have set up an additional passphrase or PIN. If so, try restoring again with that exact passphrase. 3. Review Wallet Options: Look into the wallet app’s settings to see if it lets you choose between multiple accounts or derivation paths. Try switching accounts if that option is available. 4. Verify Addresses on a Blockchain Explorer: If you have any of your original Bitcoin addresses or transaction IDs, check them on a reputable blockchain explorer. This will confirm if the funds are still on the chain and help identify which address(es) hold your bitcoin. 5. Consult Support/Documentation: Since issues like this are not uncommon, review the official documentation for your cold wallet and the associated app (such as the “Green” app) or reach out to their support team. They may have specific recovery instructions or known issues that match your situation.
A public key can be shared with anyone. All it does is allow money to go to your address. A private key is allowing money to leave your wallet. A private key is like your bank PIN number. Don’t share your private key. Only share your public key/ bitcoin address.
I at least use Metamask and a passphrase on my Trezor, as extra layers of protection. Lockup periods on staking. It's pretty hard to hack a randomized PIN, passphrase, Metamask login, and an additional 20 digit password on top of using Trevor Suite w/ anti-keylog. I don't even have to worry. If you have serious cash in crypto, airgapping it is pretty much a necessity.
Here’s an ultra-simplified version of the wallet creation flow, written in pseudocode: def create_wallet(): # Step 1: Ask user to set a PIN or use biometric auth user_auth = get_user_authentication() # Simple PIN or biometric if user_auth is successful: # Step 2: Generate wallet (behind the scenes) wallet = generate_new_wallet() # Step 3: Encrypt wallet with PIN/biometric key encrypted_wallet = encrypt_wallet(wallet, user_auth) # Step 4: Store encrypted wallet locally and in secure backup store_wallet_locally(encrypted_wallet) store_backup_in_cloud(encrypted_wallet) # Step 5: Notify user wallet is set up and ready to use return “Your wallet is ready! You can now send and receive Bitcoin easily.” def send_bitcoin(wallet, recipient, amount): # Step 1: Check available balance balance = wallet.get_balance() if balance >= amount: # Step 2: Calculate optimal fee (using Lightning if possible) fee = calculate_optimal_fee(amount) # Step 3: Send Bitcoin transaction = initiate_transaction(wallet, recipient, amount, fee) if transaction is successful: return “Transaction sent successfully!” else: return “Error sending transaction.” else: return “Insufficient funds.” def receive_bitcoin(wallet): # Step 1: Display unique QR code for wallet address qr_code = generate_qr_code(wallet.get_address()) return qr_code Conclusion: • Backend Code: The backend handles all technical details, including wallet generation, secure storage, transaction fee calculation, and Lightning Network management. • Frontend Experience: The frontend offers a beautiful, simple UI with no technical jargon, guiding the user through each action with a clear and friendly interface. • User-Friendly Yet Fully Sovereign: The user can manage Bitcoin in a completely self-sovereign way without needing to understand the complexities behind it. Everything is abstracted to make it feel like using any other mobile payment app. If I were to turn this into an actual app, it would definitely require strong attention to user experience design, continuous testing, and real-world feedback from non-technical users to get the balance between simplicity and functionality just right. But with the right design approach, it could be done, and it could empower people to use Bitcoin just as easily as they use any other payment system.
What about just kidnapping you and forcing you to give away your passphrase or your PIN ?
Using a passphrase is important, the PIN is a way to make your base seed hard to access. [https://www.ledger.com/blog/unfixable-key-extraction-attack-on-trezor](https://www.ledger.com/blog/unfixable-key-extraction-attack-on-trezor)
They're correct though. Having your device stolen and then PIN hacked is extremely unlikely.
The two part PIN can be as short as 4 total digits though so it can be equal to the Trezor. I recommend using at least 8 digits.
Why would you trade the entropy of a seed phrase for the (lesser) entropy of a PIN? Wipe your device and reenter the seed phrase.
My ledger PIN is 8 digits long, and random. Good luck brute forcing it in 3 attempts.
There are 10,000 possible 4 digit PIN combinations and most devices only give you a few guesses before locking. You are worried about nothing.
You are worried about the PIN but not the stamped metal sheet with your word list is safe? I'm not sure you even understand what you are doing.
You can use a longer PIN than 4 digits. But also the "PIN Pad" on the Safe 5 device mixes up the location of the numbers every time, so someone can't see a pattern either.
Nobody is guessing or brute-forcing your pin. I don´t know Trezor, but Ledger: > If you enter an incorrect PIN 3 times, your ledger will reset and erase its seed, so make sure you have your seed
As others have said, a Trezor will wipe after a certain amount of incorrect guesses, and I think the necessary elapsed time between guesses becomes longer as well (someone correct me if I'm wrong). Combine this with a good PIN, and you're golden IMO. i.e don't use a short easy pin - use a longer PIN which avoids obvious/typical patterns.
Neither. Those are safely stored in stamped metal. The concern was around someone accessing the device and figuring out the pin on it to make transactions. To be honest, I’ve only ever used my cold wallet to receive funds from my exchanges, I’ve never sent anything from it. So my only experience with receiving funds is to put the pin on my CW to get access to the device. I’m assuming (maybe incorrectly) it’s the same process to send funds - meaning the PIN number security is just as important as seed phrase security.
A passphrase can be brute forced with millions of tries per second. A PIN wipes your seed phrase after 16 wrong guesses and requires someone with physical access to the hardware wallet. You can use both.
Get you a ten-sided die and randomly roll your PIN. The RPG nerds get it right sometimes.
Exactly. Although Ledger does provide passphrase-pinning to a specific PIN. In in that case knowing the PIN is enough to confirm a transaction.
ColdCard uses a 2-part PIN, no way someone is going to guess that. I know you have a Trezor, I'm just saying, it's not as easy as you may think.