Where NOT To Store Your Seed Phrase

The seed phrase storage question has a long list of wrong answers. Here are the most common ones — each of which has cost real people real Bitcoin.

In a photo on your phone. Phones get stolen, hacked, shared, and backed up to cloud services. A seed phrase photo in iCloud or Google Photos is accessible to anyone who compromises those accounts — and to Apple or Google themselves.

In a notes app. Same problem. Notes apps sync to the cloud. They get backed up. They get accessed when phones are compromised or accounts are hacked.

In an email to yourself. Email accounts get hacked. Email providers can be compelled to provide access. An email with your seed phrase is a target waiting to be found.

In a password manager. Password managers are excellent for passwords. They’re internet-connected software. A seed phrase in a password manager is exposed to every vulnerability that password manager has — and most password managers have had security incidents.

In a text file on your computer. Computers get malware. Hard drives get stolen. Files get accidentally shared.

Told to a family member from memory. Human memory is unreliable. People forget words, get the order wrong, misremember.

Written on a Post-it note on the monitor. This one needs no explanation.

The pattern: everything digital is a security liability for seed phrase storage. The safest storage is physical, offline, and not obviously labelled.

Paper works. Stored somewhere physically secure, away from the device it protects, it remains the simplest and most reliable option for most people.

Tomorrow: steel vs paper — physical seed phrase storage options.

— The Daily Bit