Is your Crypto Wallet seed phrase Safe?
There are many opinions where someone should save/store their wallet seed phrase. Personally, I feel safer having it securely stored in my Password Manager, than having it written down on a piece of paper that could burn up in a fire, be destroyed in a flood, be found by unintended parties or stolen by a burglar, or possibly get lost.
Does a safe protect your seed phrase written on paper from being destroyed in a flood or fire? You will need a special waterproof and fireproof safe. And even then, many of these safes are only rated to last around 1 hour or less, in a big fire. It is also recommended safes be hidden so that they can’t be easily found and stolen by burglars.
Are Documents safe In A Fireproof Safe?
https://surelockkey.com/blog/are-documents-safe-in-a-fireproof-safe/
The Exodus software wallet website recommends users save their seed phrase in a password manager (and also keep a paper copy in your security vault if you want).
Protect your 12-word secret recovery phrase. Nothing beats offline! In a digital world paper is the ultimate protection against attacks. It is vulnerable, though, to other threats. This tip is meant as a protection measure compared to a simple paper copy of your 12-word phrase. If you have implemented all the suggestions so far regarding your 12-word phrase, stick with them. No need to go digital. At this point, you can safely say that we are a broken record. But these final tips will help secure your passphrase to the maximum level and give you added peace of mind. Store them in your password manager. Make sure that they are hidden and you have to reveal them in order to see them. Store only 11 of them. Remove one from a random position. Make absolutely sure you remember both the word and the position! Do not use this tip unless you’re absolutely certain you’ll remember both word and position! Destroy any paper versions. Okay, you can probably keep the one in the security vault if you want.
https://support.exodus.com/article/767-how-do-i-keep-my-money-safe
https://web.archive.org/web/20221111062105/https:/support.exodus.com/article/767-how-do-i-keep-my-money-safe
The Ledger hardware wallet website warns users NOT to save their seed phrase in a password manager, but instead to write it down on a piece of paper or use the metal plates that it sells on the site.
Ledger Support — “Do not make a digital copy of your recovery phrase. Do not take a picture of your phrase. Do not save your phrase into a password manager. Your recovery phrase needs to stay strictly offline.”
https://web.archive.org/web/20231205215647/https://support.ledger.com/hc/en-us/articles/360005514233-How-to-keep-my-24-word-recovery-phrase-and-PIN-code-safe-?docs=true
Here is a recently article comparing the Top Password Managers of 2022:
https://www.cnet.com/tech/services-and-software/best-password-manager/
Personally I’ve been using the KeePass password manager for over 10 years now — which I highly recommend. However, this is a more advanced password manager, and may be a little harder to learn for non-technical people. It is free/open source. This password manager is an offline password manager. The passwords don’t live in an online database — so there is no risk of them being stolen/exposed by hackers. Keepass has an ability to secure the password database with both a password and a key file. So even if someone figures out your password, they also need to the key file in order to open your password manager. Even though this is an offline password manager, it does have many free plugins/addons you can add to it, to make it function even better. One feature is to sync your database with another location. An Example is storing a copy of the password database in the cloud (e.g. google drive), and having the same database on all your devices (phone, tablet, computer). You can then sync up any changes with your cloud (e.g. google drive) database. This is one way of syncing your passwords across all your devices. The best way to do this in a secure manner is to keep your key file on your local device (phone/computer). So even if somehow your password database got stolen off your google drive (i.e. google employees have access to customer data), the thief would not be able to access the data without your password and they key file that is only on your local drive (phone/computer).
There are many cloud password managers (Free and Paid) which are easier to use and have many benefits that Keepass may not. But you may have to select the paid monthly plan in order to have those additional benefits.
When picking a password manager you need to think about the following:
1. Where are the passwords saved — can someone without your permission access them. Does customer service team have access to them.
2. Can you access the password manager from multiple devices — phone, tablet, computer… Cloud managers excel in this area, but it may be a paid feature and not free to use.
3. Can you grant access to your family members (e.g. your spouse). If you became sick or died, how will your spouse access your passwords. Typically the cloud based managers excel in this area, but it may be a paid feature and not free to use.
4. Can you easily sync your passwords between all your devices. This is easier to do with a cloud based manager than with an offline one.
5. Does your password manager have a history log or versions so you can review to see if you or someone else accidentally changed/deleted something. This may be especially beneficial if you are sharing access with your spouse, and they accidentally delete/change one of your passwords in the password manager.
6. How easy is it to make a secure backup of your passwords in case the database becomes corrupted or hardware breaks. If you are using an offline password manager and storing it on a flash drive, you need to plan for flash drive breaking and you having backups.
7. Can you access your password manager during power or internet outages. If you don’t have internet on your computer or phone, can you still access your cloud password manager. This is one big benefit of an offline password manager.
And lastly, a Password Manager is a great tool to save all your passwords. Imagine keeping your crypto safe and then when you finally cash out your crypto, all your money is stolen because your banking passwords were not safely kept or were too short and vulnerable to a hack. One benefit of using a password manager is you can easily create passwords with 20+ characters (would take years to hack with current technology) and not have to worry about remembering any of them. Many people reuse the same password for all their websites because it’s easier to remember one password. But hackers know this, and once they steal one password, they typically try to access every possible website with that one password. So a password manager makes it easy to have a different, long, password for every website. Also, both offline and cloud password managers have the ability to enter the user name and password into your browser, so that you don’t have to copy and paste. This is important as there are malware/keyloggers out there that get downloaded to people’s computers without them knowing, and monitor what people copy/paste, in order to steal their passwords.
Prophetic Money