Explained: Benefits and drawbacks of a crypto wallet passphrase
Passphrases allow hardware wallet users to create a string of characters associated with a seed phrase that extends the security of a traditional private key. Unlike a password that unlocks a recovery secret, a passphrase is part of the seed phrase itself.
Most modern crypto hardware wallets generate a 12 or 24-word seed phrase based on the 2,048 words in Bitcoin’s BIP-39 dictionary. This Bitcoin Improvement Proposal or ‘BIP’ standardized the method for backing up the cryptographic, non-human readable, 64 hexadecimal digit private key into a human-readable seed phrase of 12 or 24 words.
To be clear, a passphrase doesn’t unlock or back up a seed phrase. It’s not akin to a password. For this reason, it’s commonly known as the ’25th word’ of a seed phrase.
Because a passphrase is an advanced option for a sophisticated user, its specific benefits and drawbacks are worth considering.
Read more: ‘Giancarlo’ keys managed poorly says post-hack Bitfinex security report
Benefits of using a wallet passphrase
Passphrases hold a number of advantages over seed phrases and PINs. For example, users aren’t restricted in terms of which characters, words, capitalizations, or numbers they can use.
There’s also the most obvious advantage, namely that the ordering of 25 words is harder to guess than the ordering of 24 words.
Passphrases also give savvy users the ability to create a series of decoy wallets to mislead an attacker. They can create multiple wallets, using ‘parent’ keypairs to spawn ‘child’ keypairs. Specifically, BIP-39 seed phrases work with BIP-32 to build complex trees of public and private keys.
Drawbacks of using a passphrase
However, there are also a number of drawbacks to the use of passphrases. Indeed, they are sophisticated and complicated — users should know that adding one will generate an entirely new public/private keypair and wallet.
Not only this, but they’re also case-sensitive. Users that change even one character in a passphrase will generate a new wallet even if they merely changed a single character from lowercase to uppercase. If the user miscapitalizes even a single letter, they may not recover their funds even if they possess all 12 or 24 words of their seed phrase.
Finally, losing the passphrase means losing access to the wallet. A passphrase is not a backup; it’s part of the wallet backup itself. Users will lose their funds if the passphrase is stolen or accessed alongside a seed phrase in any attack.
Passphrases provide additional security atop a 12 or 24-word seed phrase backup. Many modern hardware wallets support their functionality and they’re extremely secure forms of wallet protection.
However, the flip side is that they’re exceedingly precise and unforgiving of technical errors. Passphrases require character-for-character, case-sensitive storage. It also goes without saying that users must store them with the same level of security as the entire seed phrase.
Got a tip? Send us an email or ProtonMail. For more informed news, follow us on Twitter, Instagram, Bluesky, and Google News, or subscribe to our YouTube channel.