Encrypted Raspberry Pi Wallet - Part 2b: Let's talk about your passphrase
Hi, I would like to talk about wallet passphrases today.
Let me guess, your passphrases looks like this: ILoveMom1, Id34ddf, zd23ldp2, ...
Stop that! You are totally doing it wrong.
Why? Let's consider. What do we need?
There are two variables that decide how many guesses are needed to crack your passphrase:
x^y where x is the space of possible characters your passphrase is build with and y is the number of characters you have in the passphrase.
When a password only allows 'y'es and 'x'es you have 2^(number of letters) so the passwords xyy is cracked by 2^3 guesses. If you use english letters it's 26^3 letters.
Idiots told you to make x greater by adding numbers, special characters and stuff into the password. So what happened? Everone started adding numbers and special char. Guess what? They add an 1 or and ! at the end of their password. So instead of making x from 26 letters of the english alphabet to 36 (letters + numbers) to 50 or something with special characters they made it just 1 or 2 bits more (if you want to crack a password with special chars you need just to add a 1 or an !). Nobody can type that special/upper case stuff so nobody makes it good. Plus as nobody can remember that special characters random nonsense people begun to keep their passwords and never change it. That leads to this being impactful: haveibeenpwned.com
What would be the better way? Just make y really big. Use a passphrase with lower and upper characters that have 20 to 25 characters. How do you remember that?
Just make a long and strange sentence noone would ever guess and use the capitals words:
"My red horse is a little horse that needs to be fed every day. I really like my 3 red horses."
MrhialhtntbfedIrlm3rh
You are not convinced? Click here and here
Also never use your wallet passphrases somewhere else. Consider every password you use in the internet broken so only use bullshit passwords for non important services.
With this knowledge nobody will be able to hack your passphrase by trying it. Be safe!
For the other raspberry wallet posts just watch my blog.
I have a Pi and want to set up a wallet. So many thanks for these posts. I guess you can hold Steem, Bitcoin and others all in the same wallet?
As for passwords I thought I had lost my keys for Steemit because I had them in an encrypted file and realized after 48 hrs wracking my brain that I had made a typo in my password. Luckily I figured it out. So this is another problem .. its possible to just type it in wrong ...
The raspberry pi tutorial series is about creating an encrypted container on a PI that can store wallet files from different wallets. If you want to have all your coins in the same wallet you need to use 3rd party wallets and you have to rely on their security. I would not recommend that as some has been hacked/lost stuff. If you do I would recommend coinomi but that's a mobile wallet and I would recommoned mobile wallets only if you really need it on your mobile.
Thanks for mentioning typos. You need to be really carefull when you write your passphrase down. If you create such thing always make sure to retry to open it with your phrase and in a second opening round type very slowly.
So what wallets would you suggest to put in the encrypted container on the Pi? Different wallets for different coins? I'm a newbie. At some point I'd want a phone wallet too, once I start purchasing in the real world, but for now cold back up on a Pi sounds the best to me ...
That depends how many coins and what coins you have. I would recommend to store as many coins as you can in wallets by the core clients and the unimportant coins on other wallets. I have 6 main coins that I need to have on a wallet and I usually make private keys in the core wallet software and import them to a wallet like electrum (never make an electrum wallet by electrum itself). For some I only hodle like IOTA i just save the keyphrase/private key.
I do trading on markets so I keep a small amount on the markets and when I want to put things to savings I send it to the public keys that I have stored without need to a open wallet with a private key.
Your Post Has Been Featured on @Resteemable!
Feature any Steemit post using resteemit.com!
How It Works:
1. Take Any Steemit URL
2. Erase
https://3. Type
reGet Featured Instantly – Featured Posts are voted every 2.4hrs
Join the Curation Team Here
You got a 0.35% upvote from @allaz courtesy of @tallfishinthesea!
I will provide
Services
Please Visit My Blog and read This Post
Introduction To Re-Steem Services by @imran786!
@imran786 is a low price re-steem services provider
Your post has been resteemed from @imran786 thanks to @tallfishinthesea
Introduction To Re-Steem Services by @imran786!
Next Bid 0.01 & Resteem your other post.