It's literally more frequent to lose the steel plate or the device than being attacked. Redundancy does help, but there's better ways to do security like a multisig wallet in paper, one copy for you, one for dad and one online behind a password.
What is your passphrase best practice?
Was asked about the following setup:
nostr:npub1s0vtkgej33n7ec4d7ycxmwt78up8hpfa30d0yfksrshq7t82mchqynpq6j Passport, uses encrypted backup with SDcard. Access code to unencrypt is in physical distributed location that would take significant time to travel. SDCard only is a risk as it can burn/break etc.
So the client uses a physical steel backup with 24 words, again a different location. On a different location holds the passphrase on steel.
How do you rate this setup? There’s redundancy in both the SD Card, Steel seed phrase and steel passphrase. Do you think a double backup for the passphrase is required?
Would love more input on best practices around this. nostr:npub15c88nc8d44gsp4658dnfu5fahswzzu8gaxm5lkuwjud068swdqfspxssvx nostr:npub17h7h2jzhq3hn06h93jvz67sfjxaq3jvk7kenjrazht28aun33hks42sd76
Discussion
There are pros and cons for many solutions.
How did you store the derivation path for the multisig?
I don't know exactly what you mean. I simply created a multisig wallet and wrote down each one of the recovery seeds in 3 pieces of paper, plastified them, placed them inside fireproof and waterproof cans, and distributed them. I only need 2 out of 3 to move the coins, and only I know where all the seeds are.
That’s not how multisig works. You need the descriptor of the setup too. With seedhammer you hammer the descriptors on the steel plates in combination with the seedqrs and the seeds. You need two descriptors to be able to complete the multisig configuration. When you lose the descriptors or not sufficiently backed them up you can’t access your bitcoin. Just having the seeds is not sufficient.
Mmmm interesting.
Ok. Let me try a small experiment this weekend and I'll let you know how it went. Thanks for this Bert.
If you need any help or additional info let me know.
So I have done my "experiment" and you are right, I need to store the descriptor.
So I guess that my only option would be a digital key for a multisig, but it basically breaks the whole point of the multisig security and makes it a single point of failure :(
I was just so hoping this could be a simple solution, but its not :(
So what was the solution you came up with for the descriptor?
With seedhammer you can easily store the descriptor in steel. Really great to hear you checked this out! If you need a seedhammer to try and you’re in the Netherlands, let me know.
I'm sorry. In in London. But I would love to see what you mean. The descriptor is like 4 lines long and not really human readable, so the best way to store it should be a digital file. Are you saying we should write it down in steel?
Can you post an photo of what seedhammer looks like?
Oh shit! 
I sometimes take a little time but eventually I get there :) Thanks for showing me this.
But I wonder if I can achieve the same thing by printing a QR code on paper, laminating it and storing it inside a fire and waterproof container?
Its probably cheaper....