Replying to Avatar semisol

What security is there? My point is that this does not provide any realistic security benefit, except the illusion of it.
Avatar
semisol 2mo ago

What is the benefit of PIN + passphrase, when the HWW could keep the passphrase and you have a longer PIN instead? This means:

- You can store your passphrase more securely as you do not need to reach for it every time (just like your seed!)

- PIN attempt counters are more secure compared to a passphrase that is "convenient", as you can brute force passphrases without limit

Reply to this note

Please Login to reply.

Discussion

Avatar
JackTheMimic 2mo ago 💬 2

Because the value proposition of a passphrase is the separation from the seed. If the seed is found (i dunno like on a SeedQR you left laying around because you seem to have a blindspot about Seedsigners) then the Passphrase is the last line of defense.

Avatar
semisol 2mo ago

I am not talking about backups, where you should have a passphrase or multisig.

I am talking about when you are using an HWW, why not store the passphrase on the HWW?

Please read my post.

Avatar
JackTheMimic 2mo ago

Did. Read my other replies.