Thread - Nostr Hypermedia

I don't. The most generous situation is where someone had "some words" and "some more words", an attacker stole the first set, and not the second. First, why were they able to steal one and not the other, and you are somehow able to recall both? Second, you can do the same thing by using a 24 word seed phrase and storing half in one place and half in another. In the end, "some words" plus "some more words" is indistinguishable from "some words", so why do we expect them to behave differently?

↑ Parent

Replies (2)

ynniv ynniv@ynniv.com 5 months ago

It *would* be different if someone could brute force your seed phrase. In that case, adding words would definitely improve security. Since brute forcing a seed phrase is currently intractable, we have to assume that the attacker stole it. Presumably they would also steal your passphrase, but if not, it needs to be a pretty long, non obvious passphrase, or it will be trivial to brute force. Now – is it more likely that your seed will be stolen in a way that makes your passphrase a useful defense, or that you'll someday forget it and lose all your funds?

R0terdam R0terdam@NostrAddress.com 5 months ago

Don't try to make ”your own cryptography"

1 replies ↓