5 Tips To Protect Your Crypto Recovery Phrase

There are several ways to store and protect the seed of your cryptocurrencies — each one suits a different need

Jules Br0gn4
9 min readMay 26, 2021
Featured image: crypto recovery sheet

As a long time crypto enthusiast, what I often notice is that many people haven’t understood yet how to properly save the recovery phrase to keep their crypto-assets safe.

Long story short, in the crypto space the recovery phrase, also known as seed, is your life. If you lose your recovery phrase or if someone steals it, you’ll get rekt!

For the sake of simplicity, and for what really matters here, I’m not going to focus on the deepest technical stuff. Instead, let’s see what the seed is for and how you should treat it.

What is a recovery seed?

What you really need to know is that the recovery phrase is the origin of all your private keys and public addresses. This means that anyone with access to that recovery phrase would be able to move your funds at any time.

A recovery phrase, also called seed, is a set of 8, 12 or 24 vocabulary words. The number of words depends on the standard in use.

These words serve the purpose of generating a set of private and public keys which will always stay linked to that words. This is because that keys are deterministically generated.

What means is that should you lose your (software or hardware) wallet, you would always be able to generate again your keys as long as you own the recovery phrase.

By initializing a new wallet with that recovery phrase It will mathematically calculate the same keys as the wallet that you have lost, allowing you to retrieve your funds.

In order to decide how to safely store and protect your seed, you must first know yourself and which your threat model is.

Do you want to protect your crypto against who or what? Against yourself or other people? Otherwise, against acts of God or criminals?

1. Basic backup

When you initialize a new wallet, it will show a set of (12 or 24) words which make up the backup of your wallet.

The most important thing to do here is to carefully save those words.

Normally you will also be prompted to set a password or a pin. This is to encrypt the recovery phrase on your device. Should you lose this encryption password, you would still be able to restore your wallet as long as you own the recovery phrase.

So, the most important thing is the recovery phrase rather than the password.

You must absolutely write your recovery phrase down and store it in a secret place. Don’t forget that anyone with access to that recovery phrase would be able to move your funds at any time.

Anyway, don’t think to only keep it in your head and memorize it. This is the worst strategy, as people lose their memory easily. If you forget your seed, you will say goodbye to your crypto forever.

So, just use a sheet of paper and simply write those words down in the same order as they are shown to you. Two backups are better than one.

How to write the recovery phrase down
How to write the recovery phrase down

Never store your recovery phrase digitally.

First of all it’s dangerous to expose it over internet-connected devices because of all kinds of online threats (malwares, keyloggers, remote hacker attacks etc.).

Especially if you use a hardware wallet never ever save your seed electronically, otherwise you would frustrate its usefulness. Hardware wallets are designed to never expose private keys outside the device.

Furthermore, digital media (such as USB sticks) can easily break due to both accidents or electric charges.

Last but not least, never share your recovery phrase to anyone, except to people who you really trust such as your spouse or children.

2. Distributed backups

If you can’t find a safe place to store your backup or if you are afraid to get robbed, you may decide to split your backups in different locations.

Let’s take a 24-word recovery phrase as an example. You could split it in 3 groups of 8 words and store them among three different places.

The problem here is that you would increase the risk of loss of your cryptocurrencies. If even just one piece gets lost, you will no longer be able to get your crypto back.

That’s why there is a safer alternative, which is to split the backup in three pieces but only needing two copies out of three in order to be able to restore the wallet.

Let me explain in the simpler way I know.

If your recovery phrase was made only of three words (A, B, C), you should create a first copy of A-B, a second copy of A-C and a third copy of B-C. By taking any two copies, you would be able to recover the full A-B-C phrase.

This is very easy to understand. For a 24-words recovery phrase you can use the image below as a model.

Model for distributed backups
Model for distributed backups

3. Passphrase trick

It could be that you are compelled to keep your recovery phrase inside an unsafe place, such as in your house which is shared with other housemates that you don’t trust.

In this case you can decide to use a passphrase.

This is an extra word which is added to your seed. For 24-words recovery phrases the passphrase is referred to as the 25th word.

By adding an extra word to your seed, you can have a new set of accounts which are completely separated from those generated by the original seed (the original words without the passphrase).

Let’s break it down simpler, assuming that we have a 24-words recovery phrase:

  1. if we insert the 24 words in our wallet, we will have a specific set of private and public keys;
  2. if we insert in our wallet the 24 words + the passphrase, it will generate a completely different set o private and public keys which in no way are related to those of case 1.

Well, what you need to do here is simple: keep your crypto only into the accounts generated through the 24 words + the passphrase (case 2).

This is because, even if a rogue person could see or find your recovery phrase, he would not be able to steal your crypto as long as he doesn’t own the passphrase.

Actually, he would not even be able to know that there is a passphrase through which you have generated hidden accounts. Of course, to get this to work never write down your passphrase next to the recovery phrase.

Don’t store your passphrase only on digital media as they might break. Use at least one sheet of paper and create more than one backup.

Never lose your passphrase, otherwise your crypto are gone. Therefore, be very careful about properly saving the passphrase.

Bear in mind that all passphrases are valid. If you make a typo, you will see a different set of accounts. Should this happens no worries, just try again and insert the correct passphrase.

Every unique passphrase generates a new set of private keys and public keys.

You could pick any set of letters, numbers and signs as your passphrase, but you must choose a complex passphrase which is impossible to guess. It must also be resistant to brute force attacks.

Don’t pick as your passphrase neither something that can be easy related to you (e.g., name, date of birth, children’s names, pet’s name) nor a simple set of numbers (PIN) or a vocabulary word.

You can use a phrase of random words picked from random sources, such as “happyness attorney dock path”. Otherwise you may pick a random alphanumeric sequence (e.g., “U$Vnn5exC+u&kB=h”).

In order to use a passphrase you must first check if your wallet supports this feature and how to set it up. Generally, hardware wallets such as Ledger’s support the passphrase usage.

4. Resilient backup in steel

What about a long-lasting and strong solution to save your recovery phrase?

Generally recovery phrases are written down on paper, as we have discussed earlier. The drawback of paper is that it tends to deteriorate over time. It can easily tear and even the ink can fade, making words unreadable.

Paper backup is not even resilient to accidental events. For instance, should a fire, flood or earthquake occurs, your backup could be either lost or irreversibly damaged.

For this reason you may prefer to use steel based backup solutions rather than paper backups.

Backup in steel
Backup in steel

The tool that I already tested is “Crypto Steel Capsule” by Ledger.

It’s a pocket-sized solution made out of 303 and 304 grade stainless steel, which makes it fireproof up to 1400C/2500F. It’s also shockproof and waterproof up to a 150000N pressure.

It’s easy to use it. Simply you have to slide the first 4 letters of each word into the core by using separators.

There are also alternative solutions to Ledger Crypto Steel, such as Billfodl, Cryptosteel Cassette and many others. Simply do your own research to figure out which backup in steel is right for you.

5. Plausible deniability

Plausible deniability is for the worst case scenario. It’s an effective solution to defend yourself against an attacker who is going to force you to reveal the recovery phrase.

If you were under duress you couldn’t resist to the attacker’s claim, otherwise he would injure you. You would be forced to give him the seed.

$5 wrench attack
$5 wrench attack

What’s plausible deniability?

In simple terms, this is the possibility of denying something in such a way as to make your position credible and not questionable.

In the crypto context this means to have a wallet which can generate different accounts to be unlocked with different passwords/pin:

  • a set of “visible” accounts which include no crypto or that store just a small amount of crypto;
  • a set of “hiddenaccounts where you store a ton of crypto.

If someone threatens you in order to force to hand over your crypto to him, thanks to this trick, you will be able to reveal only the accounts where you hold a paltry amount of crypto. You will be able to deny that you own other cryptocurrencies in such a way that he will not be able to notice the existence of hidden accounts.

In order to enjoy this technology you need either a wallet that allows you to add a passphrase to your seed or a device that can handle plausible deniability somehow.

Many crypto hardware wallets, such as Ledger’s and Trezor’s, support plausible deniability features.

If you are interested in this topic, I wrote an in-dept explanation about plausible deniability and how to enjoy it with a Ledger hardware wallet.

Final thoughts

As I explained through this article, there are different degrees of protection that you can opt for to save a recovery phrase.

You could restrict yourself to a basic backup or pick a long-lasting solution, or even implement more effective tricks to defend yourself against possible physical attacks.

Of course, there is no one-size-fits-all solution. You have to know well what your threat model is and against whom or what you want to defend yourself.

Don’t do more than you really need as too much security could be harmful, especially if you are unable to properly safeguard a passphrase.

Bear in mind that there is no way to recover a lost passphrase.

Make a careful assessment of what you really need and decide what degree of protection is right for you, as well as the security settings that best suit your management skills.

Hopefully this article helps you figure out how to store e protect your recovery phrase. Should you have any doubts or questions, ask me in the comments below.

--

--

Jules Br0gn4
Jules Br0gn4

Written by Jules Br0gn4

Belgian researcher and consultant, crypto activist and DeFi expert.