Articles

Creating a Secure Password with Dice (Ideal for Crypto Hardware Wallets, Ledger, Trezor, Keepkey)

November 5, 2019


so you want a passphrase that is really
secure that you actually have a chance
of remembering and you can store and
backup in a way that can be resistant to
common sorts of typos and mistakes in
this video we’re going to look at how to
generate a passphrase using the EFF 2.0
diceware list if you’d like to hear
more about how to stay safe in the
crypto space or how to recover if you
make a mistake just hit subscribe so my
previous video I talked about using dice
where to select a secure twenty-fifth
word for your BIP39 passphrase but I
didn’t really talk about how and I’ve
had a few questions about it so I
thought I’d just spell it out in a video
if you’re not familiar with diceware
you might be asking what while we use
this and the reason is so you can select
a passphrase that is secure
based on true entropy that is randomness
and not just you coming up with some
seemingly elaborate way to hide and
obscure the password essentially taking
sort of an entropy shortcut that you
think is unique and you think is
original and random and secure but
actually probably isn’t the EFF 2.0
list is brilliant in that it allows you
to make pass phrases that are both
secure memorable and allow you to have fault
tolerant backups so single typo in your
passphrase won’t mean you can’t recover
anything so the steps for this are
really straightforward firstly get
yourself some dice I’ve got some dice
off eBay there’s a dollar for 10 not bad
secondly you need a consistent way of
reading and rolling the dice that
removes your subjectivity so I’ll be
shaking them in this box basically just
reading them from right to left we’re
going to write them down as we go I’d
suggest to do this on paper but obvious
doing on the screen just so that you can
see what I’m doing and we’ll be keeping
track of that as we go
on the Left I’ve got all the dice
numbers that we rolled and on the right
I have the EFF 2.0 list which is
basically a list of numbers and
corresponding words so we’re going to
search through this list and copy and
paste the word the correspond to each
number in and we’re doing all of this
you know secure air-gap tails
environment because we’re going to be
working with 24 words seed in a minute
too
but doing it this way makes it easy to
copy and paste without having to worry
about making too many transcription
errors so that’s what we’re going to do
so we’re going to take that and we’re
going to stick it into Ian Coleman’s BIP39
tool it’s worth keeping in mind that
using a full eight words is a huge
amount of entropy so depending on your
needs something just like six words
might be enough one of the other really
important things about your BIP 39
passphrase is it actually doesn’t have
any error detection or correction in it
whereas if you type in a word that’s
incorrect in your 24 word seed phrase this
last words actually a checksum and will
tell you that the phrase is invalid
whereas if you have a typo in what
you’ve typed in here say you haven’t
copied and pasted you’ve just typed it
by hand you actually will not be warned
about that in any way at all so if you
are doing the 100% offline 24 word seed
generation and offline dice where
passphrase generation my recommendation
to you is actually that you write down
your BIP9 mnemonic on paper that you
write down your BIP39 passphrase on
paper that you note down the first
Bitcoin public address shut everything
down and come back a day or two later so
that you can make sure that you’ll back
up both of 24 word seed phrase and
yourBIP39 passphrase is generating
exactly the same first Bitcoin public
address that you are expecting because
if you get even one character wrong say
you accidentally had a space you know at
the end of your BIP39 passphrase you’re
going to get a completely different
first address it’s important that you
understand your brain’s ability to read
things and skip over things and to
repeat the same mistake twice in one
sitting whereas if you come back you
know a few days apart and you’re still
getting the same sort of public
addresses then you can be confident
that your backups are robust and you’re
ready to start depositing all your
crypto thanks for watching I hope that
was helpful hit like if you think that
other people would find this video
useful and hit subscribe if you’d like
to be kept in the loop about future
content I make that helps people stay
safe in the crypto space and to recover
if they get into trouble if you have any
questions about this video or a topic
that you’d like me to cover just leave a
reply

You Might Also Like

1 Comment

  • Reply Septem 150 October 11, 2019 at 10:40 pm

    Do you know of any mobile or desktop wallets (SPV preferred) that allow you to recover from seed with a passphrase?

  • Leave a Reply