Replying to Avatar RealJohnDoe

That's correct. If it's a high entropy passphrase. My pass phrase is around 300 bits of entropy. Excluding the hard coded hashing function. Which makes the entropy even greater.

Trezor does not store the passphrase in the HW. So it can't be hacked. But If you lose the passphrase at 256-300 bits of entropy you're screwed..๐Ÿ˜๐Ÿ™‚
6e
6e70253f... 2y ago

300 bits of entropy for a passphrase is massive. That's equivalent to 28 bip39 words! And this is on top of the maximum of 256 bits provided by the seed phrase. That's a lot to type in.

Reply to this note

Please Login to reply.

Discussion

Avatar
2Pac 2y ago

Yea seems excessive

Avatar
RealJohnDoe 2y ago

Here's where the magic happens. I use keepass, and let it create a high entropy passphrase for me. Then I let keepass type the passphrase in for me.

Everyone says don't inter your seed phrase online, and I agree. I only enter my passphrase online. And keepass has a number of settings to circumvent key loggers.

But let's face it. If by some miracle someone spoofed my passphrase. They still need my seed phrase. The likelihood of getting both is slimming and none, and slim has left the building..๐Ÿ’ป๐Ÿ’Ž๐Ÿงก๐Ÿค ๐Ÿ—ฝ